In this Sensu Summit 2018 talk. CTO Sean Porter shares Sensu's beliefs as a company and community, how far we’ve come in the past year, the problems we face together, what we’re doing next to solve for them.
Keynote: Sensu as a multi-cloud monitoring control planeSensu Inc.
In this Sensu Summit 2019 talk, Sensu CEO Caleb Hailey explores how Sensu provides a “monitoring control plane” that is analogous to the Kubernetes control plane, and how Sensu can empower organizations by delivering consistent monitoring workflows in multi-cloud environments.
In 2016 Paddy Power and Betfair, two gambling giants, merged to form PPB. Each company had its own monitoring baggage, but the SRE team was tasked with cleaning up and consolidating their toolsets. This Sensu Summit 2019 talk from Artur Malinowski and Killian McHale looks at their selection process, scoring and ultimately the decisions which led them to Sensu – which now monitors over 10,000 clients across the PPB estate.
The Bonsai Asset Index : A new way for the community to share resourcesSensu Inc.
Sensu launched Bonsai, the Sensu asset index pretty quietly in February, and since that time we’ve been doing continual improvements on the asset story with feedback from our early adopters. In this Sensu Summit 2019 talk, Developer Advocate Jef Spaleta provides an overview of the asset feature journey, how assets work, the role Bonsai plays, and how the community is already contributing!
Herding cats & catching fire: Workday's telemetry & middlewareSensu Inc.
In this talk from Sensu Summit 2018, David Beaurpere, Principal Software Engineer for the Observability Group at Workday Ltd, discusses how Sensu 1.x evolved from a Nagios replacement to the backbone monitoring data collection and transport at Workday.
Pull, Don't Push! Sensu Summit 2018 TalkJulian Dunn
Architectures for monitoring and configuration in a microservices era. A talk given by Julian Dunn and Fletcher Nichol at Sensu Summit 2018 in Portland, Oregon.
Order from chaos: automating monitoring configurationSensu Inc.
In a high-performance computing shop with over 3,000 nodes, Harvard FAS Research Computing can’t afford chaos around our monitoring checks! In this Sensu Summit 2019 talk, you'll hear from Harvard SRE Molly Duggan about how they’re using CI/CD pipelines and the Sensu Go API to ensure that all changes to their monitoring system are validated, reproducible, and version controlled.
For over eight years, the Sensu community has been using Sensu to monitor their applications and infrastructure at scale. Sensu Go became generally available at the beginning of this year, and was designed to be more portable, easier and faster to deploy, and most importantly: more scalable than ever before! In this talk, Sensu CTO Sean Porter will share Sensu Go scaling patterns, best practices, and case studies. He’ll also explain our design and architectural choices and talk about our plan to take things even further.
Pytheas is a web-based resource and UI framework for dashboards, web consoles, and exploring structured and unstructured data. It is based on open source frameworks like Guice, Jersey, FreeMarker, jQuery, and uses a modular design. Conformity Monkey helps keep cloud instances and clusters following best practices by using a mark and notify approach with customizable rules and rule sets. Zuul is Netflix's edge tier service that acts on HTTP requests using dynamic filters written in Groovy. Genie provides an abstraction of physical Hadoop clusters and a simple API to run jobs on them. Lipstick provides a visualization of Pig workflows. ICE is a tool for analyzing AWS usage data by tagging billing files and providing a
Keynote: Sensu as a multi-cloud monitoring control planeSensu Inc.
In this Sensu Summit 2019 talk, Sensu CEO Caleb Hailey explores how Sensu provides a “monitoring control plane” that is analogous to the Kubernetes control plane, and how Sensu can empower organizations by delivering consistent monitoring workflows in multi-cloud environments.
In 2016 Paddy Power and Betfair, two gambling giants, merged to form PPB. Each company had its own monitoring baggage, but the SRE team was tasked with cleaning up and consolidating their toolsets. This Sensu Summit 2019 talk from Artur Malinowski and Killian McHale looks at their selection process, scoring and ultimately the decisions which led them to Sensu – which now monitors over 10,000 clients across the PPB estate.
The Bonsai Asset Index : A new way for the community to share resourcesSensu Inc.
Sensu launched Bonsai, the Sensu asset index pretty quietly in February, and since that time we’ve been doing continual improvements on the asset story with feedback from our early adopters. In this Sensu Summit 2019 talk, Developer Advocate Jef Spaleta provides an overview of the asset feature journey, how assets work, the role Bonsai plays, and how the community is already contributing!
Herding cats & catching fire: Workday's telemetry & middlewareSensu Inc.
In this talk from Sensu Summit 2018, David Beaurpere, Principal Software Engineer for the Observability Group at Workday Ltd, discusses how Sensu 1.x evolved from a Nagios replacement to the backbone monitoring data collection and transport at Workday.
Pull, Don't Push! Sensu Summit 2018 TalkJulian Dunn
Architectures for monitoring and configuration in a microservices era. A talk given by Julian Dunn and Fletcher Nichol at Sensu Summit 2018 in Portland, Oregon.
Order from chaos: automating monitoring configurationSensu Inc.
In a high-performance computing shop with over 3,000 nodes, Harvard FAS Research Computing can’t afford chaos around our monitoring checks! In this Sensu Summit 2019 talk, you'll hear from Harvard SRE Molly Duggan about how they’re using CI/CD pipelines and the Sensu Go API to ensure that all changes to their monitoring system are validated, reproducible, and version controlled.
For over eight years, the Sensu community has been using Sensu to monitor their applications and infrastructure at scale. Sensu Go became generally available at the beginning of this year, and was designed to be more portable, easier and faster to deploy, and most importantly: more scalable than ever before! In this talk, Sensu CTO Sean Porter will share Sensu Go scaling patterns, best practices, and case studies. He’ll also explain our design and architectural choices and talk about our plan to take things even further.
Pytheas is a web-based resource and UI framework for dashboards, web consoles, and exploring structured and unstructured data. It is based on open source frameworks like Guice, Jersey, FreeMarker, jQuery, and uses a modular design. Conformity Monkey helps keep cloud instances and clusters following best practices by using a mark and notify approach with customizable rules and rule sets. Zuul is Netflix's edge tier service that acts on HTTP requests using dynamic filters written in Groovy. Genie provides an abstraction of physical Hadoop clusters and a simple API to run jobs on them. Lipstick provides a visualization of Pig workflows. ICE is a tool for analyzing AWS usage data by tagging billing files and providing a
SRECon16: Moving Large Workloads from a Public Cloud to an OpenStack Private ...Nicolas Brousse
It can be easy to come up with a TCO analysis that would challenge any public cloud and make you think, "let's go in-house!" What are the challenges and is it really worth it? The TubeMogul Operation team went thru the technical challenges at building a private cloud. In this presentation you will learn how the team went from a R&D to an automated deployment of a bare-metal servers to finally migrate a large workload from a Public Cloud to its own Private Cloud infrastructure. We will detail how the team dealt with unexpected issues and also how we chose the hardware, estimated capacity, stay cost effective, improve overall performance of the system, and bring better control and visibility.
This talk will cover the technical detail of:
* Evaluating OpenStack, Building and automating a CI environment for a mix of bare metal and cloud servers.
* What are the network limitations of OpenStack and how we creatively leverage VLANs to handle large packet per seconds.
* How to efficiently monitor your cloud infrastructure
Find quickly your bottlenecks
* What we missed and should be consider before moving in house
Lesson Learned and Post Cost Analysis
Practical tips and tricks for Apache Kafka messages integration | Francesco T...HostedbyConfluent
Interacting with Apache Kafka seems straightforward at first, you “just” push and pull messages. Yet it can quickly become a source of frustration as the user encounters timeouts, vague error descriptions and disappearing messages. Experience helps a lot and I’m here to share what I know.
In this talk you will learn the tips & tricks I wish I had known at the beginning of my Apache Kafka journey. We’ll discuss topics like producer acknowledgments, server and consumer parameters (auto_offset_reset anyone?) that are commonly overlooked causing lots of developer’s pain. I’ll share with you how to generate code that works as expected on the first run, making your first integration painless. These tips will kickstart your Apache Kafka experience in Python and save you hours of debugging.
This document discusses Kubernetes services and provides examples of how they work. It begins by explaining that Kubernetes services define a logical set of pods and a policy by which to access them. It then demonstrates creating Nginx and MongoDB pods and deploying ClusterIP and NodePort services to access the Nginx pods. The ClusterIP service provides an internal IP for pod to pod communication while the NodePort maps an external port to the ClusterIP for external access. The document aims to explain how Kubernetes services work at a basic level.
Integracia security do ci cd pipelinesJuraj Hantak
The document discusses integrating security into continuous integration and continuous delivery (CI/CD) pipelines. It covers topics like vulnerability management, application security testing methodologies, and integrating security checks into the phases of a CI/CD pipeline. The presenter demonstrates some security tools and their limitations. He emphasizes the importance of automating security, handling vulnerabilities like defects, and rolling out security testing incrementally to avoid disruption.
- The document discusses using CircleCI for DataOps workflows, including building pipelines for data preparation, ingestion, and portal development.
- Key aspects of the pipelines include using Terraform for infrastructure as code, Docker/ECR for containerization, and CircleCI for continuous integration and delivery.
- Challenges include getting approval from Dev, Ops, and security teams, and choosing the right tools for infrastructure definition, secrets management, and deployment.
This document provides a summary of Netflix's architecture and use of open source software. It discusses:
- Why Netflix open sources software, including gathering feedback, collaboration, and improving retention and recruiting
- Popular Netflix open source projects like Eureka, Ribbon, and Hystrix that are widely used in cloud architectures
- Netflix's microservices architecture and emphasis on automation, high availability, and continuous delivery
- How Netflix ensures operational visibility and security at scale through open source tools like Turbine, Atlas, and Security Monkey
- Getting started resources for understanding and running Netflix's technologies like ZeroToCloud and ZeroToDocker workshops
This summary provides an overview of the key points from the document in 3 sentences:
The document outlines the agenda for Season 3 Episode 1 of the Netflix OSS podcast, which includes lightning talks on 8 new projects including Atlas, Prana, Raigad, Genie 2, Inviso, Dynomite, Nicobar, and MSL. Representatives from Netflix, IBM Watson, Nike Digital, and Pivotal then each provide a 3-5 minute presentation on their featured project. The presentations describe the motivation, features and benefits of each project for observability, integration with the Netflix ecosystem, automation of Elasticsearch deployments, job scheduling, dynamic scripting for Java, message security, and developing microservices
Apresentação realizada no 3º Meetup de cloud native realizado na Ilegra.
Na apresentação é apresentado as funcionalidades oferecidas pelas duas ferramentas e os aprendizados e vantagens destas.
This document discusses service mesh for Kubernetes containers. It introduces Linkerd as a service mesh that provides features like load balancing, tracing, circuit breakers, retries, and more. It also discusses Kubernetes monitoring and logging capabilities as well as existing cluster add-ons for indexing and visualization. The document provides an overview of cloud native computing and common projects under the Cloud Native Computing Foundation, including Kubernetes for orchestration, Prometheus for monitoring, and Fluentd for logging.
[HashiTalk Korea] OCP with Super Tengen Toppahyeongchae lee
The document discusses using Orchestrator, Consul, and ProxySQL for database orchestration. It provides an overview of how WiX Engineering uses Orchestrator to orchestrate ProxySQL with Open Containers Platform (OCP). It also discusses Github's use of Orchestrator for MySQL replication topology management and incident analysis. HashiCorp's Consul is presented as an alternative for service discovery and integration with tools like Orchestrator and ProxySQL. The document demonstrates how ProxySQL can be used with Consul and monitored using PMM. It concludes with a summary of using this "parasite architecture" approach with additional tools like Envoy, Gloo, Vault, and dnsmasq.
Webinar recording: www.nginx.com/resources/webinars/how-to-adopt-infrastructure-as-code
Modern applications are increasingly deployed in containers and virtual machines on clusters of dozens, hundreds, and even thousands of servers – in private data centers and in the public cloud. Managing complex applications like these puts more demands than ever on infrastructure and the teams managing it. The traditional ways of manually adding, configuring, and modifying infrastructure no longer scale.
Infrastructure as Code is a new approach to managing IT infrastructure where you treat infrastructure as if it were software and data, using modern tools like version control systems and deployment orchestration. Based on software development and DevOps best practices, Infrastructure as Code makes deployment and infrastructure management more efficient than ever. Anyone who works with IT infrastructure – system administrators, infrastructure engineers, DevOps engineers, architects, software developers, and others – can implement changes more quickly, easily, and reliably.
Join us for this webinar co-hosted by Kief Morris, Cloud Practice Lead at ThoughtWorks and author of Infrastructure as Code, and Floyd Smith of NGINX, Inc. You’ll learn:
* Why Infrastructure as Code is a better approach for managing modern infrastructure
* Challenges that Infrastructure as Code helps address
* Practical examples of using software to control infrastructure
* How NGINX Plus can help your Infrastructure as Code efforts
This document discusses Kafka Streams and stream processing concepts. It defines stream processing as computation over an unbounded, ever-growing data stream. Some key concepts discussed include event time vs processing time, local vs external state, and different types of time windows. Common stream processing patterns like filtering, joins, and maintaining local state are also covered. The document contrasts Kafka and Kafka Streams, and discusses the stream-table duality and how systems that allow transitioning between these views are more powerful.
This document outlines an upcoming workshop on container networking, specifically using EnRoute as an ingress controller and Linkerd as a service mesh to provide traffic management and security for Kubernetes applications. It includes an agenda that will discuss CNI, ingress controllers like EnRoute OneStep, service meshes like Linkerd, and demonstrate setting up TLS and mTLS between workloads using these tools.
DevOps purists may chafe at the DevSecOps term given that security and other important practices are supposed to already be an integral part of routine DevOps workflows. But the reality is that security often gets more lip service than thoughtful and systematic integration into open source software sourcing, development pipelines, and operations processes--in spite of an increasing number of threats.
In this session, we’ll look at successful practices that distributed and diverse teams use to iterate rapidly. We’ll discuss how a container platform can serve as the foundation for DevSecOps in your organization. We'll also consider the risk management associated with integrating components from a variety of sources--a consideration that open source software has had to deal with since the beginning. Finally, we'll show ways by which automation and repeatable trusted delivery of code can be built directly into a DevOps pipeline.
Innovate Better Through Machine data AnalyticsHal Rottenberg
This talk was presented at IP Expo Manchester in May, 2016. the themes discussed are:
- how does machine data relate to devops?
- how can tracking this data lead to better outcomes?
- what types of data are important to track?
SRECon16: Moving Large Workloads from a Public Cloud to an OpenStack Private ...Nicolas Brousse
It can be easy to come up with a TCO analysis that would challenge any public cloud and make you think, "let's go in-house!" What are the challenges and is it really worth it? The TubeMogul Operation team went thru the technical challenges at building a private cloud. In this presentation you will learn how the team went from a R&D to an automated deployment of a bare-metal servers to finally migrate a large workload from a Public Cloud to its own Private Cloud infrastructure. We will detail how the team dealt with unexpected issues and also how we chose the hardware, estimated capacity, stay cost effective, improve overall performance of the system, and bring better control and visibility.
This talk will cover the technical detail of:
* Evaluating OpenStack, Building and automating a CI environment for a mix of bare metal and cloud servers.
* What are the network limitations of OpenStack and how we creatively leverage VLANs to handle large packet per seconds.
* How to efficiently monitor your cloud infrastructure
Find quickly your bottlenecks
* What we missed and should be consider before moving in house
Lesson Learned and Post Cost Analysis
Practical tips and tricks for Apache Kafka messages integration | Francesco T...HostedbyConfluent
Interacting with Apache Kafka seems straightforward at first, you “just” push and pull messages. Yet it can quickly become a source of frustration as the user encounters timeouts, vague error descriptions and disappearing messages. Experience helps a lot and I’m here to share what I know.
In this talk you will learn the tips & tricks I wish I had known at the beginning of my Apache Kafka journey. We’ll discuss topics like producer acknowledgments, server and consumer parameters (auto_offset_reset anyone?) that are commonly overlooked causing lots of developer’s pain. I’ll share with you how to generate code that works as expected on the first run, making your first integration painless. These tips will kickstart your Apache Kafka experience in Python and save you hours of debugging.
This document discusses Kubernetes services and provides examples of how they work. It begins by explaining that Kubernetes services define a logical set of pods and a policy by which to access them. It then demonstrates creating Nginx and MongoDB pods and deploying ClusterIP and NodePort services to access the Nginx pods. The ClusterIP service provides an internal IP for pod to pod communication while the NodePort maps an external port to the ClusterIP for external access. The document aims to explain how Kubernetes services work at a basic level.
Integracia security do ci cd pipelinesJuraj Hantak
The document discusses integrating security into continuous integration and continuous delivery (CI/CD) pipelines. It covers topics like vulnerability management, application security testing methodologies, and integrating security checks into the phases of a CI/CD pipeline. The presenter demonstrates some security tools and their limitations. He emphasizes the importance of automating security, handling vulnerabilities like defects, and rolling out security testing incrementally to avoid disruption.
- The document discusses using CircleCI for DataOps workflows, including building pipelines for data preparation, ingestion, and portal development.
- Key aspects of the pipelines include using Terraform for infrastructure as code, Docker/ECR for containerization, and CircleCI for continuous integration and delivery.
- Challenges include getting approval from Dev, Ops, and security teams, and choosing the right tools for infrastructure definition, secrets management, and deployment.
This document provides a summary of Netflix's architecture and use of open source software. It discusses:
- Why Netflix open sources software, including gathering feedback, collaboration, and improving retention and recruiting
- Popular Netflix open source projects like Eureka, Ribbon, and Hystrix that are widely used in cloud architectures
- Netflix's microservices architecture and emphasis on automation, high availability, and continuous delivery
- How Netflix ensures operational visibility and security at scale through open source tools like Turbine, Atlas, and Security Monkey
- Getting started resources for understanding and running Netflix's technologies like ZeroToCloud and ZeroToDocker workshops
This summary provides an overview of the key points from the document in 3 sentences:
The document outlines the agenda for Season 3 Episode 1 of the Netflix OSS podcast, which includes lightning talks on 8 new projects including Atlas, Prana, Raigad, Genie 2, Inviso, Dynomite, Nicobar, and MSL. Representatives from Netflix, IBM Watson, Nike Digital, and Pivotal then each provide a 3-5 minute presentation on their featured project. The presentations describe the motivation, features and benefits of each project for observability, integration with the Netflix ecosystem, automation of Elasticsearch deployments, job scheduling, dynamic scripting for Java, message security, and developing microservices
Apresentação realizada no 3º Meetup de cloud native realizado na Ilegra.
Na apresentação é apresentado as funcionalidades oferecidas pelas duas ferramentas e os aprendizados e vantagens destas.
This document discusses service mesh for Kubernetes containers. It introduces Linkerd as a service mesh that provides features like load balancing, tracing, circuit breakers, retries, and more. It also discusses Kubernetes monitoring and logging capabilities as well as existing cluster add-ons for indexing and visualization. The document provides an overview of cloud native computing and common projects under the Cloud Native Computing Foundation, including Kubernetes for orchestration, Prometheus for monitoring, and Fluentd for logging.
[HashiTalk Korea] OCP with Super Tengen Toppahyeongchae lee
The document discusses using Orchestrator, Consul, and ProxySQL for database orchestration. It provides an overview of how WiX Engineering uses Orchestrator to orchestrate ProxySQL with Open Containers Platform (OCP). It also discusses Github's use of Orchestrator for MySQL replication topology management and incident analysis. HashiCorp's Consul is presented as an alternative for service discovery and integration with tools like Orchestrator and ProxySQL. The document demonstrates how ProxySQL can be used with Consul and monitored using PMM. It concludes with a summary of using this "parasite architecture" approach with additional tools like Envoy, Gloo, Vault, and dnsmasq.
Webinar recording: www.nginx.com/resources/webinars/how-to-adopt-infrastructure-as-code
Modern applications are increasingly deployed in containers and virtual machines on clusters of dozens, hundreds, and even thousands of servers – in private data centers and in the public cloud. Managing complex applications like these puts more demands than ever on infrastructure and the teams managing it. The traditional ways of manually adding, configuring, and modifying infrastructure no longer scale.
Infrastructure as Code is a new approach to managing IT infrastructure where you treat infrastructure as if it were software and data, using modern tools like version control systems and deployment orchestration. Based on software development and DevOps best practices, Infrastructure as Code makes deployment and infrastructure management more efficient than ever. Anyone who works with IT infrastructure – system administrators, infrastructure engineers, DevOps engineers, architects, software developers, and others – can implement changes more quickly, easily, and reliably.
Join us for this webinar co-hosted by Kief Morris, Cloud Practice Lead at ThoughtWorks and author of Infrastructure as Code, and Floyd Smith of NGINX, Inc. You’ll learn:
* Why Infrastructure as Code is a better approach for managing modern infrastructure
* Challenges that Infrastructure as Code helps address
* Practical examples of using software to control infrastructure
* How NGINX Plus can help your Infrastructure as Code efforts
This document discusses Kafka Streams and stream processing concepts. It defines stream processing as computation over an unbounded, ever-growing data stream. Some key concepts discussed include event time vs processing time, local vs external state, and different types of time windows. Common stream processing patterns like filtering, joins, and maintaining local state are also covered. The document contrasts Kafka and Kafka Streams, and discusses the stream-table duality and how systems that allow transitioning between these views are more powerful.
This document outlines an upcoming workshop on container networking, specifically using EnRoute as an ingress controller and Linkerd as a service mesh to provide traffic management and security for Kubernetes applications. It includes an agenda that will discuss CNI, ingress controllers like EnRoute OneStep, service meshes like Linkerd, and demonstrate setting up TLS and mTLS between workloads using these tools.
DevOps purists may chafe at the DevSecOps term given that security and other important practices are supposed to already be an integral part of routine DevOps workflows. But the reality is that security often gets more lip service than thoughtful and systematic integration into open source software sourcing, development pipelines, and operations processes--in spite of an increasing number of threats.
In this session, we’ll look at successful practices that distributed and diverse teams use to iterate rapidly. We’ll discuss how a container platform can serve as the foundation for DevSecOps in your organization. We'll also consider the risk management associated with integrating components from a variety of sources--a consideration that open source software has had to deal with since the beginning. Finally, we'll show ways by which automation and repeatable trusted delivery of code can be built directly into a DevOps pipeline.
Innovate Better Through Machine data AnalyticsHal Rottenberg
This talk was presented at IP Expo Manchester in May, 2016. the themes discussed are:
- how does machine data relate to devops?
- how can tracking this data lead to better outcomes?
- what types of data are important to track?
"Running enterprise workloads with sensitive data in AWS is hard and requires an in-depth understanding about software-defined security risks. At re:Invent 2014, Intuit and AWS presented ""Enterprise Cloud Security via DevSecOps"" to help the community understand how to embrace AWS features and a software-defined security model. Since then, we've learned quite a bit more about running sensitive workloads in AWS.
We've evaluated new security features, worked with vendors, and generally explored how to develop security-as-code skills. Come join Intuit and AWS to learn about second-year lessons and see how DevSecOps is evolving. We've built skills in security engineering, compliance operations, security science, and security operations to secure AWS-hosted applications. We will share stories and insights about DevSecOps experiments, and show you how to crawl, walk, and then run into the world of DevSecOps."
OpsWorks Co. is an engineering company specializing in DevOps integration for companies of all sizes and fields. At OpsWorks Co. we strive to help our clients build scalable and easily manageable IT infrastructures. As a DevOps service provider, we have optimized infrastructures for 70+ clients from the U.S. and EU over the past two years.
A Reference Architecture to Enable Visibility and Traceability across the Ent...CollabNet
Software development should not be a “black box” to the business, customers or other developers. Instead collaboration across stakeholders should be the norm--business, development and operations teams. Forrester recently reported that 13% of organizations doing Agile link “upstream” agile planning with ‘“downstream” development.
As a result, executives continue to have only limited or no visibility beyond the initial planning stage of what is in a particular release. It’s not their fault, because today’s tools focus on upfront planning and don’t give you visibility into what’s happening in development. Often times that visibility is too late resulting in software that gets delivered and does not meet the customer’s needs.
Join CollabNet’s most experienced senior solution architects as they explain how you can you gain real time visibility into all stages of the development process—from ideation into production through deployment. Imagine what can your teams get done if all stakeholders are able to collaborate together and view real time feeds into all stages of the delivery pipelines within a single easy-to-use system.
Who Should attend:
Any executive or manager interested in learning how to get traceability and visibility across the enterprise-- particularly, into the build and release management functions of their application lifecycle.
What will be covered:
An enterprise-scalable reference architecture for CI, CD, and DevOps
The importance of build management, release management and application release automation integration
A blueprint for scaling business agility across a large development organization How does CollabNet help organizations solve these problems
A demonstration of TeamForge’s capabilities using Git/Gerrit, Code Review, Jenkins, Nexus, Artifactory, Chef and Automic
Building serverless apps with Go & SAMLeon Stigter
This document discusses building serverless applications with Go and the Serverless Application Model (SAM). It begins with confidentiality and disclaimer sections. It then provides an introduction to Project Flogo, an open source serverless framework for building event-driven applications. Project Flogo uses Go and allows developers to define app logic as flows that connect triggers and actions. The document discusses how Flogo provides both a visual UI and Go API for application development and describes ways to get started using Flogo's CLI, Docker images, or Go library.
The document discusses distributed tracing at Pinterest. It provides an overview of distributed tracing, describes the motivation and architecture of Pinterest's tracing system called PinTrace, and discusses challenges faced and lessons learned. PinTrace collects trace data from services using instrumentation and sends it to a collector via a Kafka pipeline. This allows PinTrace to provide insights into request flows and performance bottlenecks across Pinterest's microservices. Key challenges included ensuring data quality, scaling the infrastructure, and user education on tracing.
DevOps and the Future of InfoSec
The document discusses how DevOps affects how data and computer systems are secured. It defines DevOps as a philosophy about how work is done, not a role, and emphasizes collaboration between development and operations. DevOps aims to deliver higher quality software faster through principles like automation, infrastructure as code, and integrating security into the software development lifecycle. The document argues that security principles have not changed with DevOps, but how they are implemented has to account for DevOps practices like deploying code more frequently.
Ernest Mueller, Karthik Gaekwad, and James Wickett, the Agile Admins (http://theagileadmin.com) delivered this presentation on what's hot in DevOps in 2015 for the BrightTALK Summit. The video is online at https://www.brighttalk.com/webcast/5742/154715
This document discusses continuous compliance and DevSecOps best practices followed by financial services organizations.
Continuous compliance is defined as an ongoing process of proactive risk management that delivers predictable, transparent, and cost-effective compliance results. It involves continuously monitoring compliance controls, providing real-time alerts for failures and remediation recommendations, and maintaining up-to-date policies. Best practices for continuous compliance discussed include defining CIS controls and benchmarks, achieving transparent compliance dashboards and automated fixes for breaches.
DevSecOps is introduced as bringing security earlier in the application development lifecycle to minimize vulnerabilities. It aims to make everyone accountable for security. Challenges discussed include security teams struggling to keep up with DevOps pace and
The document discusses key performance indicators (KPIs) and how they can be used to measure performance, drive behavior, and enable continuous improvement. It provides examples of KPIs at different levels of an organization and emphasizes that KPIs should be simple, measurable, and focused on outcomes for customers. The document encourages collaboration and communication around KPIs.
DevSecOps with Microsoft Tech discusses how security fits within DevOps practices. DevOps aims to improve quality and speed of delivery through collaboration between development and operations teams. Security is often an afterthought but needs to be integrated throughout the software development lifecycle. DevSecOps ensures security controls are implemented at every stage to improve quality, security and compliance outcomes. Key principles like least privilege, defense in depth and auditing still apply, but are implemented more frequently and at a more localized scale through DevOps practices.
Perforce provides version control and collaboration software that enables continuous delivery. It can handle large files and datasets for industries like gaming, film, and chip design. Perforce allows for distributed workflows and scales from small to very large teams of thousands. Customers like Apple, Twitter, and large financial institutions rely on Perforce's security, flexibility, and ability to integrate with their development pipelines to deliver software continuously.
Coding Secure Infrastructure in the Cloud using the PIE frameworkJames Wickett
At National Instruments, we have developed an automation and provisioning framework called PIE (Programmable Infrastructure Environment) that we use daily on our devops team. Similar tools are available such as chef or puppet, but what makes PIE unique is its ability to work in multi-cloud deployments (Azure and AWS) along with multiple node OS types (linux and windows). It uses zookeeper to keep state and track dependencies across nodes and services.
When building PIE we actively considered how to implement it in a Rugged way for a DevOps team. As noted in the deck on slide 68, we are Rugged by Design and Devops by Culture. We see these as intersecting domains that have the ability to impact each other. For more info see ruggeddevops.org
No you are not a DevOps engineer (revisted)Mike Kavis
1) The document discusses mythical creatures like Bigfoot and the Loch Ness Monster and compares them to the concept of a "DevOps Engineer".
2) It explains that DevOps is a culture shift that encourages collaboration between development and operations teams to build better quality software faster and with more reliability.
3) The goal of DevOps is to create a high performing organization by removing waste like manual testing processes and long approval times from a software development lifecycle.
Simon White, Marks and Spencer Group DevOps Manager discusses the disconnect between traditional SQA & Agile approaches and how DevOps can be perceived as the ‘mature Agile’ model.
Real-Time Metrics and Distributed Monitoring - Jeff Pierce, Change.org - Dev...DevOpsDays Tel Aviv
This document summarizes Jeff Pierce's presentation on real-time metrics and distributed monitoring at DevOps Days 2015. The presentation discussed how Change.org built their own monitoring stack using collectd, Cyanite, Graphite API and Grafana to capture high resolution metrics across their infrastructure. This allowed for faster troubleshooting, easier problem identification and increased communication between developers and DevOps.
Similar to 7 Years of Sensu: Then, Now, and Soon (20)
Introducing GoAlert: a brand-new on-call scheduling and notification open sou...Sensu Inc.
Your tech runs 24/7, but you don’t. In this Sensu Summit 2019 talk, Adam Westman, Sr. Engineering Manager at Target, shows off GoAlert, which allows engineers to get mobile notifications on critical alerts without having to constantly watch dashboards or work queues.
How can you be sure that your team is alerted of a failure before it causes an outage for your users?
The move from monolith to microservice has allowed pieces of functionality to be deployed individually and on demand. Having functionality isolated allows the opportunity for one microservice to fail without bringing down the whole system. However, the complexity of releasing and monitoring API calls being made across services has increased.
Whether you’re launching a new product or iterating on a feature, delivering a delightful experience is crucial to your success. If something is to fail, you’d prefer your users didn’t know. Be thoughtful about how your system will degrade, how to inject failure to verify your design, and how this is monitored.
In this Sensu Summit 2019 talk, Lorne Kligerman, Director of Product at Gremlin, will cover failing gracefully as an engineering goal which can be confidently tested and monitored with Chaos Engineering. By purposely causing failure of one service at a time in a controlled environment, you can safely observe and react in a timely manner to limit the effect on the end user.
Testing and monitoring and broken thingsSensu Inc.
There’s an old wives tale (referred to as the “Evolution of QA to GA: The Sensu Go Crucible”) that tells the story of how the Sensu engineering team redefined release engineering and quality assurance at Sensu. Failure after failure, they would gut through a far from perfect release strategy which involved hours of painstaking manual testing, in order to stamp a green checkmark of approval to ship our product. To optimize this process, they implemented a full automated test infrastructure for staging and end to end testing, which later became known as the QA Crucible . This automation pattern was (and still is) great, but Sensu Software Engineer Nikki Attea couldn’t help but wonder if there was a well-known and loved product which could decipher JSON test results and instrument them in an event pipeline. She believes Sensu can encompass monitoring _and_ testing in a CI/CD pipeline, and shows everyone how in this Sensu Summit 2019 talk.
We’ve moved from waking someone up if a disk passed some arbitrary threshold to only paging off-hours when the business is impacted. Our lives have improved immensely because we learned how to measure the right things. In this Sensu Summit 2019 talk, Zapproved SRE Tiffany Longworth takes some of the lessons we’ve learned from monitoring and alerting and shows how we can apply them to how we measure the humans in our systems. From who we see and don’t see as leaders to which candidates we think have the potential to be excellent contributors, let’s look at how we’ve been measuring humans and see if we are evaluating the right things.
AIOps & Observability to Lead Your Digital TransformationSensu Inc.
This document discusses how AIOps and observability can help lead digital transformation efforts. It notes that customer expectations are increasingly focused on digital experiences and on-demand availability. However, IT complexity is also growing rapidly due to factors like process change, increasing demand, and lack of skill sets. AIOps uses techniques like anomaly detection, root cause analysis, and knowledge recycling to help automate incident resolution and ensure high-quality customer experiences despite this complexity. This helps improve operator efficiency, allow teams to focus more on development, and deliver on the vision of guaranteeing availability, agility and performance for digital services worldwide.
In this Sensu Summit 2019 ecosystem session, Garrett Honeycutt, Principal at Tailored Automation, shares where we are with the Puppet module for managing Sensu and discusses the changes to the module and how users can migrate from Sensu Classic to Sensu Go. He also shows off all the testing surrounding the Puppet module and how they able to uncover issues and contribute back to the Sensu-go project during the GA release (and how that continues).
Pull, don’t push: Architectures for monitoring and configuration in a microse...Sensu Inc.
Applications today are increasingly being designed using a share-nothing, microservices architecture that is resilient to the failure of individual components, even when built atop cloud infrastructure that can suffer infrequent-but-massive outages. Yet we still see many supporting tools for application monitoring, observability, configuration management and release management using a centralized “orchestration” approach that depends on pushing changes to unreliable distributed systems.
In this Sensu Summit 2018 talk, Chef's Julian Dunn & Fletcher Nichol give you a primer about promise theory and the autonomous actor model that underlies the design of products like Sensu and Habitat, why it leads to not only higher overall system reliability but human comprehension for easier operations. They argue that you should consider designing all of your applications and supporting systems in this way. They may even show a demo or two to illustrate how inverting the design radically changes the notion of “application release orchestration”, so that you can retain orchestration-type semantics even with an eventually-consistent system design.
The Sensu Plugin architecture is what make Sensu the rich and extensible monitoring framework that it is. Sensu 2.0 provided us with an exciting opportunity to reimagine the user and developer experience for plugins. Sensu 2.0 assets give us a new kind of flexibility that removes our dependency on system packages and gives us a mechanism for uniformly packaging and shipping plugins to Sensu installations.
In this talk from Sensu Summit 2018, Greg Poirier, SVP of Engineering, walks you through assets in Sensu 2.0, our ideas about how assets may impact the community plugins, and what we have planned for Sensu Enterprise integrations as assets.
The Box.com success story: migrating 350K Nagios objects to SensuSensu Inc.
More than 41 million users and 74,000 businesses — including 59% of the Fortune 500 — trust Box to manage content in the cloud. They were monitoring this web scale infrastructure with Nagios, and not able to keep up with the rapid pace of change inside of Box. In this talk from Sensu Summit 2018, Trent Baker, Senior Infrastructure Site Reliability Engineer at Box, Inc., tells their migration story from wrestling with management of 350K objects in Nagios – including over 130K checks – to shutting down the last Nagios host roughly a year later.
Project 3M: Meaningful Monitoring and MessagingSensu Inc.
Sensu has become a critical component to keeping the modern visual effects studio of Industrial, Light & Magic in the business of creating the beautiful movies of our world and realizing the dreams we all enjoy on the big screen.
In this talk from Sensu Summit 2018, Christopher J. Caillouet,
Senior Dev|Ops Production Engineer at Industrial Light & Magic, looks behind the curtain and sees how the intelligence and uptime they gain by leveraging Sensu in the ILM monitoring infrastructure enables reliability and stable delivery within a large scale and geographically distributed set of datacenters.
Sharing Sensu with Multiple Teams using AnsibleSensu Inc.
For the last two years, David Schroeder, Software Engineer at Viasat, Inc. has supported a single Sensu cluster shared by multiple teams, each with their own requirements, thresholds, and contacts. How does it all work, how can these different uses coexist?
This talk from Sensu Summit 2018 describes how Ansible is used to configure and deploy Sensu for multiple teams, how much autonomy is granted each one, and where the bottlenecks are.
Where's My Beer: Building a Better Kegerator with a Raspberry Pi & SensuSensu Inc.
As a home brewer, Sensu Customer Success Engineer Aaron Sachs has often found himself unfortunately surprised when he reaches the end of a keg. In this talk from Sensu Summit 2018, Aaron covers how he changed that using a Raspberry Pi and Sensu Core to monitor his kegerator and kegs, and show how to make a “smart” kegerator of your own.
In this closing talk from Sensu Summit 2018, CEO Caleb Hailey discusses the evolution of Sensu's messaging and how envisioning monitoring as a workflow helps empower our customers.
Alert Fatigue: Avoidance and Course CorrectionSensu Inc.
In this talk from Doximity's Ben Abrams (from Sensu Summit 2018), you'll learn:
- Why alert fatigue is dangerous
- How we can solve it
- Sensu core components
- Filters
- Round robin subscriptions
- Check dependencies
- Check hooks (not strictly alert fatigue but auto triage can really help in general)
- Sensu community components
auto remediation: use the handler not hooks
- External tools for on call management and paging (such as pagerduty)
- General tuning
- Reduction in noise in alerting (as opposed to monitoring)
In this Sensu Summit 2018 talk, Lee Briggs, Senior Infrastructure Engineer at Apptio, discusses how to monitor Kubernetes components and applications using the classic sensu components.
He covers some of the tricks you can use when monitoring Kubernetes resources and cluster components. We’ll cover the kind of things you should and shouldn't monitor with sensu at this stage, as well as some of the lessons learned along the way.
In this talk from Sensu Summit 2018, Garrett Honeycutt showcases the Puppet module: its current state; support for Sensu 2.0; highlight community contributions and how you can contribute. You’ll see the Vagrant setup and how even if you don’t use Puppet, you can easily get Sensu up and running on a bunch of different platforms.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on: