registry
This document describes how to prepare & execute the enterprise container demo module.
The demo environment(s) have been bootstrapped. Also, you can optionally install the Container Security Operator. The operator takes a while to gather the vulnerability data from quay, so install this ahead of the demo.
- Ensure you have all credentials for quay.io and the OCP cluster you use at hand.
Show Slide#32 and elaborate on the role of the image registry:
Show quay.io and the manuela repo there
Highlight container security scanning in quay.
If the Container Security Operator is installed, you can see this security information being reflected in the OpenShift Console.
Click on the "x namespaces" link next to one of the vulnerabilities. You can see which namespaces are affected. Click on the vulnerability object and you can see which pods are affected. In the YAML view, you can see more details on the affected packages.
With OCP 4.4 onwards, there will be a separate entry for image vulnerabilities in the Admin console.
Show an image stream in the “remote” cluster, e.g. for the line-dashboard.
Elaborate on how it pulls through the images to ensure availability even when disconnected (“Reference Policy: local”)