IT Optimization Labs Roadmap

Red Hat Summit 2019 is rocking Boston, MA from May 7-9th in the Boston Convention and Exhibition Center.

Everything you need to know about the current state of open source enterprise ready software can be found at this event. From customers talking about their experiences leveraging open source in their solutions, to the creators of open source technologies you're using, and all the way down to hands-on lab experiences on these technologies.

This hands-on appeal is what this series of articles is about. It's interesting to take a tour, so starting with this article let's examine a series of instructor-led labs based on a specific theme.

This week it's a roadmap to IT optimization lab content. The following labs can be found in the session catalog online, by searching on title or filtering on instructor-led labs and IT optimization.

Red Hat IT Features: Sidecar That Authentication

Ever wonder how Red Hat makes use of all the insanely powerful Red Hat open source technologies internally to support their operations? Want to take a peek in inside and learn to use these technologies just like we do? Join this lab for hands-on exercises that show you how Red Hat IT is beginning to protect our Red Hat OpenShift-hosted web microservices using sidecar containers as authentication proxies. This approach allows our developers to stay focused on writing code and our identity team to focus on creating a secure, uniform, well-documented, and easily scalable authentication solution. In this lab, you'll:

• Build and deploy a web service in Red Hat OpenShift Container Platform.
• Stand up an Red Hat Single Sign-On server.
• Create a secure endpoint in that web service.
• Build and attach an authentication sidecar proxy to that web service.
• Configure the Red Hat Single Sign-On server and the sidecar proxy to work together.

Speakers: Dustin Minnich, Lauren Santiago, Alec Henninger, Henry Graham

Linux Container Internals 2.0

What's the difference between a container runtime and a container engine? How about container images and repositories? Are you having trouble making heads or tails of all of the great Kubernetes projects you see? Are you and your team debating architecture, because it seems like everybody has slightly different interpretations of how things work under the covers? If you have answered, "Uhm," to any one of these questions, then this lab's for you. Join Red Hat engineers as we walk you through the deep, dark internals of the container host and what’s packaged in the container image. This hands-on lab will give you the knowledge and confidence you need to take advantage of your current Linux technical knowledge and apply it to containers. We'll cover:

• Images
• Registries
• Hosts
• Orchestration
• Tools (runtimes, engines, build)
• Standards (Open Containers Initiative)
• Security
• Performance

Speakers: Daniel Walsh, Jamie Duncan, John Osborne, Rodrigo Freire, Scott McCarty

A Practical Introduction to Container Security Using CRI-O

Linux containers provide convenient application packing and runtime isolation in multi-tenant environments. However, the security implications of running containerized applications is often taken for granted. For example, today it's very easy to pull container images from the internet and run them in the enterprise without examining their content and authenticity. In this lab, you'll complete a series of low-level, hands-on exercises aimed at understanding the concepts, challenges, and best practices associated with deploying containers in a secure fashion. Topics include registry configuration, SELinux, process capabilities, SECCOMP profiles, along with container image inspection, scanning, and signing. This fourth edition is based on CRI-O, an Open Container Initiative (OCI) compatible, open source implementation of the Kubernetes Container Runtime Interface (CRI).

Speakers: Bob Kozdemba, Daniel Walsh, Runal Patrel

Migrating From VMware to Red Hat platforms

As digital transformation begins to takes hold, many companies are looking to cut costs and optimize workloads across common platforms in order to divert spending to innovation. Red Hat infrastructure migration solutions provide the ability to move workloads off costly VMware to budget-friendly Red Hat platforms such as Red Hat Virtualization, Red Hat OpenStack Platform, and Red Hat container-native virtualization. In this hands-on lab, we'll cover how to optimize your infrastructure using the Red Hat infrastructure migration solution to migrate workloads from VMware to Red Hat platform technologies based on libvirt.

Speakers: Brett Thurber, Miguel PerezColino, Christian Jung, Fabien Dupont, Kedar Kulkarni, Nenad Perić

Defend Yourself Using Built-In Red Hat Enterprise Linux Security Technologies

In this lab, you'll learn about the built-in security technologies in Red Hat Enterprise Linux. Specifically, you'll:

• Use OpenSCAP to scan and remediate against vulnerabilities and configuration security baselines.
• Block possible attacks from vulnerabilities using SELinux and use Network Bound Disk Encryption to securely decrypt your encrypted boot volumes unattended.
• Take advantage of the system-wide crypto policies and use USBGuard to implement basic whitelisting and blacklisting to define which USB devices are authorized.
• See how to deploy opportunistic IPsec to encrypt all host to host communication.

Throughout the lab, you'll use audit logs and the Cockpit web console for easier centralized management. You'll:

• Take advantage of session logging and playback features and AIDE to look for abnormal behavior.
• See how to create a single sign-on environment for all your Linux servers using Red Hat Identity Management.
• Learn about GPG, which can be used to identify yourself and encrypt your communications.
• See how to use firewalld to dynamically manage firewall rules.
• With systems roles, see how to make multiple automated configuration changes across different versions of Red Hat Enterprise Linux using Red Hat Ansible Automation.

Speakers: Lucy Kerner, Lukas Vrabec, Marek Haičman, Peter Beniaris, Simo Sorce

Private Cloud Lab With OpenStack, Ansible, and CloudForms

Do you recognize the value of cloud, but are apprehensive about going public because of security, loss of control, or regulatory compliance? You may benefit from implementing a private cloud. In this lab you'll get some hands-on experience with a private cloud based on:

• Red Hat OpenStack Platform, managing the infrastructure layer.
• Red Hat Ansible Tower, providing automation capabilities.
• Red Hat CloudForms, adding service catalog capabilities to the mix.

By the end of the session, you'll have deployed a complete application through the integration of all these components.

Speakers: Robert Calva, Vagner Farias, Davi Garcia, Mauricio Santacruz

Automate Your Security by Creating Custom Security Content

Are you responsible for system security? Are you concerned about ever-increasing security threats? Are you concerned that automation of security compliance may not be the solution, because it's too difficult to implement if you have to adhere to specific security policies? Then don't worry too much. In this lab, we'll show how Red Hat helps you automate security compliance using tools that are part of Red Hat Enterprise Linux. We'll show you how to overcome the greatest challenge—reuse of existing content and integration with custom security policies that lead to the highest quality of automated security compliance. Get to know the already-available, well-proven security content that's based on DISA STIG, PCI-DSS, and other standards. See how this content already allows automated scanning and remediations of non-compliant systems. Then, learn how to customize the existing content and how to extend it, so it accurately reflects your security policy. We'll begin this lab with a short presentation, followed by a common instructor-led part to show how to use existing content to evaluate compliance. Then, we'll continue with self-paced learning on how to customize an existing profile and use it to scan and remediate a non-compliant system. Finally, you'll create your security policy from scratch, including tests of scans and remediations.

Speakers: Marek Haičman, Matěj Týč, Lucy Kerner, Lukas Vrabec, Simo Sorce

Managing Deployed Red Hat Enterprise Linux Across Infrastructures

In this lab, we'll cover how to more efficiently manage Red Hat Enterprise Linux with the new Red Hat Insights management capabilities that are included with your Red Hat Enterprise Linux subscription.

Speakers: Scott McBrien, William Nix, Camry Fedei

Stay tuned for more articles with insights into other themes that might interest you enough to register for one of these instructor-led labs at Red Hat Summit 2019.

Looking forward to seeing you there!