In this talk, we present a foundational understanding of building an enterprise software supply chain and how it is traditionally secured. We then explore in detail:
- The containers paradigm for enterprise IT and the challenges it introduces.
- How to build and secure enterprise software supply chain with containers.
- The building blocks of the supply chain with Red Hat and other Open Source technologies, including:
- Known public registry of trusted sources for container images, such as the one hosted by Red Hat.
- An enterprise container registry that hosts certified container images (such as Red Hat Satellite, Atomic Enterprise Registry or Artifactory) and to allow controlled access to them.
- An automated process to containerize applications and make them available in the Enterprise registry via some kind of access control for sharing. We will cover S2I in OpenShift, custom Docker container building process and other alternatives.
- Proper procedures to onboard new certified images as they become available.
- Scale it for thousands of containers using OpenShift Enterprise or RHEL Atomic Enterprise and provide the ability to automatically patch and redeploy containers at runtime.
This session is designed to help Architects, Developers and Ops in enterprises to solve the problem of securely delivering containers for serious production workloads and deal with the operational challenges of patching and deploying them at scale in an automated manner.