Cloud Native Live: Building, Analyzing, Optimizing, and Securing Containerized Apps

Building, Analyzing, Optimizing, and Securing Containerized Apps

We ran a live workshop for the Cloud Native Computing Foundation that we adapted from our popular “Containers 101” Twitch streams.

This workshop leverages open source tools, free SaaS platforms, and the command line to show developers how to inspect their containers from the inside out, looking for optimizations, ways to slim and secure them, and final checks to do before sending a container to production.

  • What are the most important things to consider when containerizing an app?
  • What’s the difference between a production-ready container and one used for development?
  • What are some open-source tools I should know about when doing container development?

As highlighted in the recent CNCF Software Supply Chain Best Practices whitepaper tools like DockerSlim can be used to limit the number of files in a container image, thus limiting the attack surface to that process.

So, we’re going to go through the process of taking an app and slimming it and how to observe what changed. Here’s the complete video workshop:

What tools are you using to optimise and analyse your containers?