Cloud-Native Infrastructure

CCT08 Leveraging Build Pipelines for Automating Container OS & Framework Patching


2:45pm - 4:00pm

Level: Intermediate

Steve Lasker

Program Manager for Container Registries


Containers have become the modern packaging format, regardless of the host they're run on. You may be building your own images, or consuming images from ISVs. While containers have a focused subset of their VM ancestors, containers still have layers of the OS, runtimes and other components that are susceptible to vulnerabilities that must be remediated. Have you considered how you'll patch these deployments? Will you patch the running containers, as you patch VMs, hoping the software continues to run, as you continually patch the same deployed image?

We'll examine leveraging your build and deployment pipelines to automatically patch, test and deploy updates, during and long after you've moved onto another project. OS & Framework Patching can be an extension of what you're already doing today.