Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ThoughtWorks Technology Radar Roadshow - Perth

1,775 views

Published on

Kicking off a 4-city Tech Radar roadshow in Perth, ThoughtWorks TAB members Evan Bottcher and Brain Leke Betechuoh cover topics from all 4 quadrants of the latest edition of the ThoughtWorks Technology Radar. This presentation primarily covers Consumer-Driven Contract Testing, Security, Microservices, Spring Boot, Django, and Docker.

Published in: Technology
  • Be the first to comment

ThoughtWorks Technology Radar Roadshow - Perth

  1. 1. TECHNOLOGY
 RADAR May 2015 — Our thoughts on the technology and trends that are shaping the future 1
  2. 2. 2 TECHNOLOGY ADVISORY BOARD
  3. 3. 3
  4. 4. 4
  5. 5. 5
  6. 6. 6
  7. 7. TECHNIQUES 7
  8. 8. TECHNIQUES 7
  9. 9. 8 ADOPT 1. Consumer-driven contract testing NEW 2. Focus on mean time to recovery 3. Generated infrastructure diagrams NEW 4. Structured logging TRIAL 5. Canary builds 6. Datensparsamkeit 7. Local storage sync 8. NoPSD 9. Offline-first web applications NEW 10. Products over projects NEW 11. Threat Modelling NEW ASSESS 12. Append-only data store 13. Blockchain beyond Bitcoin 14. Enterprise Data Lake 15. Flux NEW 16. “git-based CMS” NEW 17. Phoenix environments NEW 18. Reactive architectures NEW HOLD 19. Long lived branches with Gitflow 20. Microservice envy 21. Programming in your CI/CD tool 22. SAFe™ 23. Security sandwich 24. Separate DevOps team TECHNIQUES
  10. 10. 9 TECHNIQUES
  11. 11. 9 TECHNIQUES CONSUMER-DRIVEN CONTRACT TESTING 1
  12. 12. CONSUMER DRIVEN CONTRACTS 10
  13. 13. CONSUMER DRIVEN CONTRACTS 11
  14. 14. CONSUMER DRIVEN CONTRACTS 12 Yesterday Today
  15. 15. CONSUMER DRIVEN CONTRACTS 13
  16. 16. CONSUMER DRIVEN CONTRACTS - STAGES 14 Backend — API Frontend — Consumer Unit Integration Staging DeploymentContract Unit Integration Staging DeploymentContract
  17. 17. CONSUMER DRIVEN CONTRACTS - STAGES 15 Backend — API Frontend — Consumer Unit Integration Staging Deployment Contract Contract Unit Integration Staging DeploymentContract
  18. 18. CONSUMER DRIVEN CONTRACTS - STAGES 16 Backend — API Frontend — Consumer Unit Integration Staging Deployment Contract Contract Unit Integration Staging DeploymentContract
  19. 19. 17 ADOPT 1. Consumer-driven contract testing NEW 2. Focus on mean time to recovery 3. Generated infrastructure diagrams NEW 4. Structured logging TRIAL 5. Canary builds 6. Datensparsamkeit 7. Local storage sync 8. NoPSD 9. Offline-first web applications NEW 10. Products over projects NEW 11. Threat Modelling NEW ASSESS 12. Append-only data store 13. Blockchain beyond Bitcoin 14. Enterprise Data Lake 15. Flux NEW 16. “git-based CMS” NEW 17. Phoenix environments NEW 18. Reactive architectures NEW HOLD 19. Long lived branches with Gitflow 20. Microservice envy 21. Programming in your CI/CD tool 22. SAFe™ 23. Security sandwich 24. Separate DevOps team TECHNIQUES
  20. 20. TOOLS 18
  21. 21. TOOLS 18
  22. 22. 19 TOOLS ADOPT 48. Composer 49. Go CD 50. Mountebank 51. Postman TRIAL 52. Boot2docker 53. Brighter NEW 54. Consul 55. Cursive 56. Gitlab 57. HAMMS NEW 58. IndexedDB 59. POLLY NEW 60. Rest-assured NEW 61. Swagger 62. Xamarin 63. ZAP NEW ASSESS 64. Apache Kafka NEW 65. Blackbox 66. Bokeh/Vega NEW 67. Gor NEW 68. NaCL NEW 69. Origami NEW 70. Packet beat 71. pdfmake NEW 72. PlantUML NEW 73. Prometheus NEW 74. Quick NEW 75. Security Monkey NEW HOLD 76. Citrix for development
  23. 23. 20 TOOLS
  24. 24. 20 TOOLS 75 63 65 68 BLACKBOX ZED ATTACK PROXY SECURITY MONKEY NACL
  25. 25. SECURITY AWARENESS AMONG SENIOR DEVELOPERS* 21*Source: http://jemurai.com/developer-survey-1-results-part-2.html 37% think security is
 a small concern 8% think it is a top concern 67% haver never heard of OWASP, OWASP top 10, or CWE top 25 25% of projects reported had security training, pen test or security embedded in development Overwhelmingly, the only security practices in place are manual code and design reviews.
  26. 26. OWASP ZED ATTACK PROXY 22 The Main Features All the essentials for web application testing ■ Intercepting Proxy ■ Active and Passive Scanners ■ Traditional and Ajax Spiders ■ WebSockets support ■ Forced Browsing (using OWASP DirBuster code) ■ Fuzzing (using fuzzdb & OWASP JBroFuzz) ■ Online Add-ons Marketplace Browser configured to use proxy Browser Primary OS Web Proxy Your Computer VM Web Server Browser Web Proxy Web Server http://www.slideshare.net/dgsweigert/using-the http://www.slideshare.net/tabaradetestare/owasp-2013-zapquickintro
  27. 27. ARE YOUR REPOS AND BUILD SERVERS SECURE? 23 http://www.wired.com/2012/09/adobe-digital-cert-hacked/
  28. 28. ARE YOUR REPOS AND BUILD SERVERS SECURE? 23 http://www.wired.com/2012/09/adobe-digital-cert-hacked/
  29. 29. PROTECTING DEV SECRETS WITH BLACKBOX Git Repo Keys Shhhh secret Shhhh Blackbox Repo seen by all Secrets readable by few
  30. 30. 25 TOOLS ADOPT 48. Composer 49. Go CD 50. Mountebank 51. Postman TRIAL 52. Boot2docker 53. Brighter NEW 54. Consul 55. Cursive 56. Gitlab 57. HAMMS NEW 58. IndexedDB 59. POLLY NEW 60. Rest-assured NEW 61. Swagger 62. Xamarin 63. ZAP NEW ASSESS 64. Apache Kafka NEW 65. Blackbox 66. Bokeh/Vega NEW 67. Gor NEW 68. NaCL NEW 69. Origami NEW 70. Packet beat 71. pdfmake NEW 72. PlantUML NEW 73. Prometheus NEW 74. Quick NEW 75. Security Monkey NEW HOLD 76. Citrix for development
  31. 31. LANGUAGES & FRAMEWORKS 26
  32. 32. LANGUAGES & FRAMEWORKS 26
  33. 33. MICROSERVICE ARCHITECTURE 27 M O N O L I T H Microservices
  34. 34. 28 LANGUAGES & FRAMEWORKS ADOPT 77. Nancy TRIAL 78. Dashing 79. Django Rest 80. Ionic Framework 81. Nashorn 82. Om 83. React.js 84. Retrofit 85. Spring Boot ASSESS 86. Ember.js NEW 87. Flight.js 88. Haskell Hadoop library 89. Lotus 90. Reagent 91. Swift HOLD 92. JSF
  35. 35. 29 LANGUAGES & FRAMEWORKS
  36. 36. 29 LANGUAGES & FRAMEWORKS 85 79 SPRING BOOT DJANGO REST
  37. 37. 30 BUILDING YOUR MICROSERVICES - DJANGO REST Build restful APIs for Python with Django Can build your microservices for you in Python Has authentication schemes out of the box. Browsable web API to visualize data and responses for the different APIs.
  38. 38. 31 BUILDING YOUR MICROSERVICES - SPRING BOOT Easy setup of standalone Spring-based applications Can build your microservices with easy deploy Has hibernate mappings so data access simplified Caution: Has a significant number of dependencies
  39. 39. 32
  40. 40. 33 FRAMEWORKS ADOPT 77. Nancy TRIAL 78. Dashing 79. Django Rest 80. Ionic Framework 81. Nashorn 82. Om 83. React.js 84. Retrofit 85. Spring Boot ASSESS 86. Ember.js NEW 87. Flight.js 88. Haskell Hadoop library 89. Lotus 90. Reagent 91. Swift HOLD 92. JSF
  41. 41. PLATFORMS 34
  42. 42. PLATFORMS 34
  43. 43. 35 PLATFORMS ADOPT TRIAL 25. Apache Spark NEW 26. Cloudera Impala NEW 27. DigitalOcean 28. TOTP Two-Factor Authentication HOLD 45. Application Servers NEW 46. OSGi 47. SPDY NEW ASSESS 29. Apache Kylin NEW 30. Apache Mesos 31. CoreCLR and CoreFX NEW 32. CoreOS 33. Deis NEW 34. H2O NEW 35. Jackrabbit Oak 36. Linux security modules 37. MariaDB 38. Netflix OSS Full stack 39. OpenAM 40. SDN 41. Spark.io 42. Text it as a service / Rapidpro.io 43. Time-series Databases NEW 44. U2F
  44. 44. 36 PLATFORMS Deployment architectures keep evolving.
  45. 45. 36 PLATFORMS 33 DEIS 30 APACHE MESOS 32 COREOS 45APPLICATION SERVERS Deployment architectures keep evolving.
  46. 46. THE RISE OF DOCKER 37 http://blog.docker.com/2014/11/docker-governance-advisory-board-output-of-first-meeting/ GitHub Stars by Date and Project Config Management GitHub Totals
  47. 47. EXPLOSION OF TOOLS AND PLATFORMS 38 CoreOS Fleet Docker Swarm
  48. 48. DEIS: DOCKER-BASED PAAS — ANYWHERE 39 http://docs.deis.io/en/v0.9.0/gettingstarted/architecture/ Developer Application Consumers Load Balancer Controller Load Balancer Cluster (Test) Containers Scheduler Router Cluster (Dev) Containers Scheduler Router Cluster (Prod) Containers Scheduler Router Monitoring Logging Backing Services Containers Containers Containers Containers Containers Containers Router Router Router
  49. 49. APACHE MESOS 40http://abhishek-tiwari.com/post/building-distributed-systems-with-mesos batch services Workloads Apps Frameworks Kernel DFS Cluster C++ BASH Python Scalding Impala Shark MySQL Kafka JBoss Django Rails MPI Hadoop Spark Storm Marathon Chronos RubyPythonJVMC++ distributed file system distributed resources: CPU, RAM, I/O, FS, rack locality, etc.
  50. 50. WHERE DOES THIS LEAVE APPLICATION SERVERS? 41
  51. 51. 42 PLATFORMS ADOPT TRIAL 25. Apache Spark NEW 26. Cloudera Impala NEW 27. DigitalOcean 28. TOTP Two-Factor Authentication HOLD 45. Application Servers NEW 46. OSGi 47. SPDY NEW ASSESS 29. Apache Kylin NEW 30. Apache Mesos 31. CoreCLR and CoreFX NEW 32. CoreOS 33. Deis NEW 34. H2O NEW 35. Jackrabbit Oak 36. Linux security modules 37. MariaDB 38. Netflix OSS Full stack 39. OpenAM 40. SDN 41. Spark.io 42. Text it as a service / Rapidpro.io 43. Time-series Databases NEW 44. U2F
  52. 52. 43 Evan Bottcher @evanbottcher Brain Leke Betechuoh @BrianLekeBrian thoughtworks.com/radar

×