Adrian Mouat

---

---

Handling deployments effectively is an essential aspect of making the most of modern microservice architectures. How do you safely and quickly deploy updates? How do you test that your microservices work at scale in a full production system? How do you measure and respond to problems occurring shortly after an update?

A lot of techniques and solutions to these problems get mentioned: deployments can be ramped, blue/green or canary. System tests can take place in a staging environment or may be eschewed in favour of "testing in production" techniques, such as chaos monkeys and shadowing. However, whilst this gets talked about a lot, actual code examples and tools seem thinner on the ground.

In this talk, we'll take a look at the various techniques, when you might want to use them, and provide practical examples on how to implement them.

---

This course will explain how to secure a modern, microservice-based system. Attendees will start by running and hacking into a vulnerable system, before switching roles and using various Docker tools and features to protect the system. While the tutorial focuses on Docker, the patterns and information can help secure any production container system.

Topics covered will include

• Creating and running a simple container-based service
• Switching roles to attack and compromise the service
• Looking at how to respond to an attack
• Investigating various ways to improve the security of the system, including scanning images for vulnerabilities and limiting the privileges of running containers

Key takeaways
Understand the different ways in which a container can be compromised
Understand the various methods that can be employed to protect containers

Prerequisites
A WiFi-enabled laptop with access to SSH (You'll be provided with a login to a cloud VM and need to be able to SSH into this machine. It's not possible to follow along on a local instance due to the need to download large images.)