ADLS Workshops 24.5.

The Austrian DataLAB and Services Project invites you to a training and workshop day in the context of an Austrian wide science cloud. We offer Kubernetes (Beginner/Intermediate) and Docker (building and working with docker) trainings, as well as the following talks (with a lot of demos) on „Security in the cloud and compliance“, „virtual HPC“ and „Openstack vs. public cloud providers“. The meeting will take place face to face in Vienna on the 24th of May and registration is required. We would also ask you to bring your own Laptop (see prerequisites below). Please register here. Due to room limitations we can not guarantee a spot for everybody, thus we ask for a small motivational statement at the registration why you are interested and where you see your own skill level.

Prerequisites for Training:

  • Please bring a recent laptop and a Smartphone with the Microsoft Authenticator App installed, you will receive an invite from Azure Active Directory in your email-inbox, please follow the instructions therein to configure MFA.
  • Install the following software on your laptop:
  1.  az-cli https://docs.microsoft.com/en-us/cli/azure/install-azure-cli 
  2. git
  3. vscode https://code.visualstudio.com/download
  4. rancher-desktop https://rancherdesktop.io
  • Additionally for Kubernetes: recent browser (chrome preferred) and https://k8slens.dev
  • Additionally for Docker:  free disk space and at least 6 Gb RAM, root/sudo level access (local admin for windows)

Program:

TRACK A
Seminarraum BA 10A, Getreidemarkt 9, 1060 Wien, 10. Stock (Wegbeschreibung)

9:00 – 12:00 Training Kubernetes for Beginners – Constanze Roedig

  • Learn about the architecture and the core components of Kubernetes
  • What are container-runtimes?
  • How to work with the command line interface (kubectl) and using a client-UI (lens)
  • How to expose a service 
  • How Kubernetes manages packages:  explore a simple helm chart and modify it
  • Introduction to Role Based Access Control
  • Comparison of Kubernetes Distros: RKE2/Rancher, OKD/Openshift, AKS
  • Hands-on working with our Kubernetes cluster from your laptop and in Rancher-UI: deploy your first app and work with it (this will be most of the workshop): we will deploy a pacman game and add to it more and more components 

14:00 – 17:00 Training Kubernetes for Intermediate – Thomas Weber

  • Write your first helm chart
  • Work with a Kubernetes operator
  • Working with secrets
  • Deep dive into cert manager
  • Deep dive into ingress
  • Container Storage Interface CSI, Container Networking Interface CNI : what is that and in how far is it relevant for a user?


TRACK B

Seminarraum BA 10B, Getreidemarkt 9, 1060 Wien, 10. Stock (Wegbeschreibung)

9:00 – 10:30 Training Building and Working with Docker Images – Thomas Weber

  • What are different Image Types?
  • How are containers different from a VM?
  • Choice of baseimages
  • Best practices for building an image
  • Multi-stage builds
  • Avoiding secrets
  • build-test-scan-push pipelines
  • Container registries

10:45 – 12:00 virtual HPC, Demonstration – Peter Kandolf

  • What is the purpose of a vHPC (a virtual High Performance Cluster)
  • Insight in the basic setup and the employed technologies
  • See how automation, gitOps and CI/CD can be employed 
  • Slurm Rest API and Authentication

TRACK C
Seminarraum BA 10B, Getreidemarkt 9, 1060 Wien, 10. Stock (Wegbeschreibung)

14:00 – 16:00 Security in the Cloud and Compliance – Constanze Roedig

  • 14:00 – 15:00 Talk:
    • The new perimeter: Cloud
    • Zero Trust architecture and how DevOps changes many paradigms
    • Threat Modeling for ADLS
    • New frameworks for old concepts: Confidentiality, Integrity and Availability -> Security by Design
    • Compliance: How ADLS (will) leverage Cloud capabilities and gitOps for most critical aspects
  • 15:00 – 16:00 Technical Demos:
    • Container Security 101 -> Demo of a container escape
    • Supply Chain Security with gitOps -> How ADLS protects its assets
    • IAM: the importance of integrated identity and access management -> Demo of a federated machine identity
    • Demo of smuggling a nasty package into Kubernetes and what you can do with that

16:15 – 17:15 What is Openstack and how is it different from a public cloud provider like AWS? – Elias Wimmer