OPTIONAL PRE CONFERENCE WORKSHOPS
Getting Started with Docker
Are you new to Docker? No worries! The "Getting Started with Docker" workshop is made for you. This workshop starts from the basics and provides participants with a hands-on learning experience to gain practical knowledge and confidence in working with Docker containers. By the end of the workshop, attendees will have the essential skills needed to effectively utilize Docker for application development, deployment, and management.
Throughout the session, you’ll learn about containers and images, how to run containers using images from Docker Hub and other registries, how to build custom images, how to network multiple containers together, and how to persist data using volumes. We’ll wrap up with an intro to Docker Compose, where you’ll learn how to help your team easily get the benefits of a containerized environment.
Intended audience: Everyone, especially beginners
- Introduction to Docker: Designed for individuals new to Docker, this session covers the basics and offers a foundational understanding of application development, deployment, and management using Docker.
- In-depth tools overview: The workshop will delve into Docker Compose, containers, and images, providing practical knowledge for those interested.
Topics to be covered:
- Container and image basics
- Building and pushing custom images
- Data persistence using volumes
- Intro to Docker Compose
- Being a productivity booster for your team
8:00-8:40 Container and image intro
8:40-9:15 Using containers for development
9:15-9:30 Break time
9:30-10:10 Building your own images
10:10-11:00 Multi-service applications
11:00-11:15 Break time
11:15-12:00 Intro to Docker Compose
- Code repo containing all samples and demos
- Docker CLI Digital cheatsheet
Docker For Machine Learning / AI / Data Science
- Crash course on the latest generative AI developments in LLMs and Image Generation models
- Overview of techniques for fine tuning generative models
- Walkthrough of building a multi-modal use case that leverages multiple models: Stable Diffusion XL, CLIP Interrogator, Llama2 etc.
- Learn how to containerize a model using Python and Dockerfiles
- Experts panel Q&A on using containers in Machine Learning
8:00-8:30 Intro on Generative AI: Stable Diffusion, LLMs
8:30-8:45 Overview of fine tuning
8:45-9:00 Break time
9:00-10:15 Building your first GenAI vertical (part 1: model containerization & deployment)
10:15-10:30 Break time
10:30-11:30 Building your first GenAI vertical (part 2: front end, testing, scaling, updating)
11:30-12:00 Firechat side with the speakers, Q&A
Secure Development with Docker
Developers want to move fast to build new features, fix bugs, and provide better user and customer experiences. However, there is a constant struggle between developers, who want to leverage various open source libraries and frameworks and may not be able to keep up with all their updates, and security teams, who want to ensure they are minimizing risk. While containers help provide consistent environments across the entire software development lifecycle, there's thought and process needed to maximize their benefits.
In this hands-on workshop, attendees will start by diving in and understanding images, setting the stage for creating organizational base images that make it easier for your developers to meet security and organizational policies. From there, we'll talk about understanding what's in your images and fixing issues as they are found, both at initial creation and later when they are running in production. We'll dive into SBOMs, scanning, and remediating issues and how Docker Scout makes this easy for developers. We'll wrap up with methods to ensure non-compliant images are caught in CI/CD build systems and prevented from running in production environments.
Security Engineers, Product Security, Platform Folks, Developers
- Modeling your software development life cycle: Learn how to model your entire software development process holistically when improving your security.
- Balancing Dev and Security: Learn the principles of combining dev speed with robust security measures
- Keep up with environment changes: learn how Docker Scout helps you keep up with both existing and newly discovered vulnerabilities
Topics to be covered:
- Elements of a secure supply chain
- Remediating CVEs in development with Docker Desktop
- Integrating Docker Scout into CI/CD
8:00–8:15 Welcome and setup (latest Docker Desktop, Docker Hub)
8:15–8:30 Talk: CVEs, dependencies, and base images
8:30–9:00 Hands-on: Remediating vulnerabilities 9:00–9:15 Talk: Understanding the software supply chain
9:30–10:00 Hands-on: Using Docker Scout to connect your data model
10:00–10:15 Talk: Docker Image Provenance and SBOM
10:15–10:45 Hands-on: Explore and add provenance and SBOMs using Buildkit and Docker Scout
10:45–11:00 Break time
11:00–11:15 Talk: Maintaining Security with Policy: First, do no harm
11:15–11:45 Hands-on: Getting back into compliance with Docker Scout
11:45–12:00 Talk: What's next and Q&A
- Understand and verify how your applications are built.
- Quickly and easily identify problems with your software supply chain and remediate them.
- Use policies to encourage best practices across your organization without blocking fixes getting to production.
- Provide visibility into the security stance of your software to others within your organization.
Docker for Web Development
Introduction: Explore the process of setting up Docker for web development, with a focus on building a ReactJS frontend with a NodeJS backend. In this workshop, we will delve into the use of Compose, which enables the creation of a local development environment by combining PHP APIs and TypeScript-based NodeJS APIs. We also will discuss the importance of optimizing build times and utilizing Compose Watch for efficient development. To address security concerns, we will exploreNPM vulnerabilities and how to use Docker Scout. Additionally, we will highlight Docker Desktop Extensions for web developers. We conclude with a look at the significance of implementing end-to-end web development testing in CI/CD pipelines using Docker.
Intended audience: Web Developers, Full Stack Developers, Frontend Developers
- Docker in Web Development: Understand how Docker integrates with your web stack for easy development and end-to-end testing.
- Security & Efficiency: Discover and address vulnerabilities using Docker Scout and optimize build times.
Topics to be covered:
- Setting up a React and Node dev env using Compose
- Discovering and fixing vulnerabilities using Docker Scout
- End-to-end testing in CI/CD pipelines
8:00 - 08:40 Getting Started with Docker Desktop
8:40 - 9:00 Introducing our Demo Project
9:00 - 9:15 Break Time
9:15 - 10:15 Setting up our Development Project with Frontend and Backend using docker init
10:15-10:45 Start Backend Development (NodeJS Backend / PHP Backend)
10:45 - 11:00 Break Time
11:00 - 12:00 Start Frontend Development (React) and Connecting to the APIs
- Secure SDLC and Supply Chain mapping resources
- Security modeling best practices
- Docker Scout CLI cheat sheet