OpenShift Commons Briefing #76: Security Practices in OpenShift Container Platform at Amadeus
June 19, 2017 | by
OpenShift Commons Briefing Summary
Amadeus operates large-scale, secure, Payment Card Industry Data Security Standard (PCI/DSS)-compliant online and e-retail systems. Recently, they started migrating those systems to OpenShift Container Platform. For Amadeus and their customers, security and compliance is paramount.
In this briefing, Amadeus' Nenad Bogojevic describes security mechanisms and protections related to Red Hat OpenShift Container Platform and Amadeus' experiences deploying and using OpenShift. The discussion covers security mechanisms, such as user and network access control and policies in OpenShift and underlying Openstack, the audit trail of administrative actions, ways to use and protect Kubernetes secrets, as well as some best practices for Docker containers. Nenad also presented some possibilities to address technical limitations or potentially unknown vectors of attack using compensating controls via auditd, monitoring, and alerting.
Guest Speakers: Nenad Bogojevic – Software Architect, Amadeus Diogenes Rettori – OpenShift Product Manager, Red Hat
Learn More at the Next OpenShift Commons Gathering in Austin Dec 5th
Red Hatters, CNCF/Kubernetes project leads, and numerous other members of the OpenShift Commons will be gathering together in Austin for the upcoming OpenShift Commons Gathering co-located with Kubecon at the Austin Convention Center. Register now to reserve your seat at this day long event!
Don't forget to leave your feedback and suggestions for each video on YouTube or in the comments section below. This will be incredibly important to shape this Special Interest Group and create sessions that fit the demands of all the OpenShift developers in the community.
About OpenShift Commons
OpenShift Commons is the place for organizations that are part of the OpenShift community to connect with peers and other related open source technology communities to communicate and collaborate across all OpenShift projects and stakeholders.
The Commons' goal is to foster collaboration and communication between OpenShift stakeholders to drive success for all members, and expand & facilitate points of connection between members for sharing knowledge and experience to help drive success for the platform and for participants: customers, users, partners, and contributors.
With Red Hat Quay 3.8 DevSecOps teams now have a solution available to contain ubiquitous container image sprawl. This release of Quay focuses on manageability, targeting operations teams in charge ...