How to Supercharge OpenShift with Cilium

Agenda workshop

13.00-13:30 Registration 

13.30-14:00 Introduction by HCS Company - Service Mesh - The (air) traffic controller of your application
Service Meshes are very popular currently. I know what your thinking… I never used a Service Mesh before so why do I need one now? In this talk you will become familiar why Service Meshes exist and what they can do for your application. Implementing zero trust principles or are you more interested in advanced traffic flows? This and many more features will be spoken about. Are you joining me to find the possibilities for your application? 

14.00-14.30 Introduction by Red Hat - Utilizing modern application delivery patterns with service mesh and GitOps
In the past there were careful planned release days, which happened once every quarter or year. Now that the world is speeding up and IT has to move just as quick, we need new ways to release our applications. Nowadays your application will be deployed daily, maybe even more than once an hour. And this should be done without having any hiccups with your production system. Utilizing technology such as service mesh, combined with GitOps, can help you create such a process. We'd like to take you through what's needed to get going and illustrate the benefits in a demo.

14.30-14:45 Break 

14.45-15.15 Introduction by Isovalent - Network and Runtime Security with Cilium and Tetragon 
Cilium is the next generation, eBPF powered open-source Cloud Native Networking solution, providing security, observability, scalability, and superior performance. Cilium is an incubating project under CNCF and the leading CNI for Kubernetes.

In this session we will introduce the fundamentals of Cilium Network Policies and the basics of application-aware and Identity-based Security. We will discuss the default-allow and default-deny approaches and visualize the corresponding ingress and egress connections.

Using the Network Policy Editor we will be able to demonstrate how a Cilium Network Policy looks like and what they mean on a given Kubernetes cluster.

Additionally, we will walk through different examples and demonstrate how application traffic can be observed with Hubble and show how you can use the Network Policy Editor to apply new Cilium Network Policies for your workloads.

Finally, we’ll demonstrate how Tetragon provides eBPF-based transparent security observability combined with real-time runtime enforcement.

15:15-16:00 Lab 1: Getting Started with Cilium 
In this lab, we provide you a fully fledged Cilium installation on a small cluster, together with a few challenges to solve. See yourself how Cilium works, and how it can help you securing your moon-sized battlestation in a “Star Wars”-inspired challenge.

16:00-16:15 Break 

16:15-17:00 Lab 2: Security Observability with eBPF and Cilium Tetragon 
Cilium Tetragon is an open source Security Observability and Runtime Enforcement tool from the makers of Cilium. It captures different process and network event types through a user-supplied configuration to enable security observability on arbitrary hook points in the kernel; then translates these events into actionable signals for a Security Team.

17.00 - 17.30 Closing session

17.30 - 18.30 Networking & drinks