What's Happening with Ingress-Nginx!

What’s Happening with Ingress-Nginx! - James Strong, Chainguard & Ricardo Katz, VMware This presentation will discuss our plans for Ingress-nginx 2.0 release, breaking changes, new features, and deprecations. We will also discuss our plans for gateway API, CVE reduction, and other security updates coming to ingress-nginx. As always, we will provide a community update, roadmap, and other critical information attendees should know about the project. Please join us to learn all about the progress and future of ingress-nginx.

Wolfi: A Secure-by-Default Distro for Curing Container CVE Chaos

Are you using container images with hundreds of known vulnerabilities? The majority of us are using images based on the Docker official images available on the Docker Hub. This includes base images – such as Debian and Ubuntu – as well as application images such as nginx and redis. Unfortunately these images often have hundreds of known vulnerabilities due to excessively large dependency trees with out-of-date packages. This security debt can lead to unnecessary security risks and slower development cycles.

What Does Rugby Have To Do With Sigstore?

Cosign, fulcio, rekor are all components in keyless signing with Sigstore. Each piece has its responsibility to provide a smooth developer experience for container signing. How does it all work together to complete that complicated dance to tie identity to cryptographic signatures? And what’s more cryptic than rugby? In this talk, James and Lewis will educate attendees about sigstore and container signing using examples from the best sport in the world, rugby.

Realizing the benefits of container DevSecOps with AWS

AWS DevSecOps Container Pipeline workshop at DevOps Days Houston Workshop available at In this workshop Engineers will learn how to secure their container pipeline using AWS and other Cloud Native tools. This will be part Lecture and part hands on. We will be working through the following topics: Introduction Workshop Setup Development Environment Container Builds Container Pipeline Running Containers We will be using these tools and techniques to secure a container pipeline and runtime.

Code PaLOUSa 2019

Another year! Another amazing Code PaLOUsa come and gone. Location This year Code PaLOUsa was at the Hyatt Regency, which is smack dap in the middle of downtown. This location makes it a perfect spot for all the speakers and conference-goers to experience some of the tourist spots in Louisville and still enjoy the conference. Sessions The sessions were action-packed, as well. A (useful?) attribute of a conference is the level of difficulty for goers to decide which speakers to see!

Dev Nexus 2019

At Dev Nexus 2018 my co-worker, Adarsh, and I led a workshop “Introduction to Kubernetes” Introduction to Kubernetes is a hands-on, interactive workshop giving attendees a thorough understanding of the fundamentals of Kubernetes. As part of this workshop, you will learn how Kubernetes works, be able to successfully create a kubernetes cluster, deploy microservices to that cluster & also hear about some war stories. Developer density ⁦@devnexus⁩! First class speakers!

Dockercon 2017

Before we dive into some of the highlights from DockerCon 2017, let’s do a quick overview of what Docker is. Quite simply, a “docker container” is a portable container, of sorts, that allows a collection of apps to run on any operating system. How is it possible, you ask, for a docker container to allow any app to “Build, Ship and Run,” as the docker motto says, on any OS? A docker container uses kernel features to produce resource isolation (CPU, memory, block I/O and more) as well as separate namespaces, to isolate the application’s view of the operating system (a visual depiction below).