Sched.com Conference Mobile Apps
KubeCon + CloudNativeCon 2018 中国论坛 has ended
Create Your Own Event
KubeCon + CloudNativeCon 2018 中国论坛
-
Saved To
My Schedule
2018年11月13-15日,中国上海
点击此处了解更多信息及注册
点击
此处
查看英文版日程表。
To view the English version of this schedule please go
here
.
我们将为所有主题演讲和分组会议提供同声传译服务。
Simultaneous translation will be provided for all keynote and breakout sessions.
Schedule
Simple
Expanded
Grid
By Venue
Speakers
Sponsors
Exhibitors
Search
menu
Menu
Schedule
Speakers
Sponsors
Exhibitors
Search
Download our free app:
Back To Schedule
Wednesday
, November 14 • 15:35 - 16:10
确保部署管道的安全——Felix Glaser,Shopify
Sign up
or
log in
to save this to your schedule, view media, leave feedback and see who's attending!
Tweet
Share
Feedback form is now closed.
Feedback Submitted
设想采用任意代码,将其部署到生产,并希望一切都是安全的。当我们不锁定部署管道并部署任意容器时,我们就会这样做。加入我们,来探索 Shopify 的解决方案。
生成容器后,我们运行检查以确定其状态:它是不易受到攻击且不会过时的软件吗?它是否源自正确的部署管道?
对于每个成功的测试,都会对容器进行签名,并且将签名存储在 Grafeas 中。
在部署期间, Kritis 允入控制元件强制执行签名。
因为容器的安全状态可以改变,所以我们记录在容器生命周期中创建的元数据。如果它变得易受攻击,就会被撤回、修复和重新部署。
凭借 Grafeas 和 Kritis 这两个新工具装入 Kubernetes 允许每个人通过代码部署来防止特权增加。
Speakers
Felix Glaser
Senior Production Security Engineer ☁️ 生产安全工程师 ☁️, Shopify
Felix likes to climb, cycle, and code in Canada. The first two outside and the other one at Shopify, where he works on securing containers and their deployment into the cloud.
Securing the Deploy Pipeline
pdf
Wednesday November 14, 2018 15:35 - 16:10 CST
305 B
安全+认证+政策
预期观众的认知程度
中级