Looking in from the outside, serverless seems so simple! And yet, many companies are struggling on their journey to serverless. In this talk, I highlight a number of mistakes companies are making when they adopt serverless.
Beware the potholes on the road to serverlessYan Cui
Looking in from the outside, serverless seems so simple! And yet, many companies are struggling on their journey to serverless. In this talk, I highlight a number of mistakes companies are making when they adopt serverless.
Serveless Design Patterns (Serverless Computing London)Yan Cui
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with Lambda, and how to pick the right event source based on the tradeoffs you want. Here are a few patterns that we'll cover in the talk: pub-sub, cron, push-pull, saga and decoupled invocation.
How to build observability into Serverless (O'Reilly Velocity 2018)Yan Cui
Serverless introduces a number of challenges to existing tools for observability, we need to adapt our practices to fit this new paradigm. In this talk we will discuss how we can build observability into a serverless application. We will see how you can implement log aggregation, distributed tracing and correlation IDs through both synchronous as well as asynchronous events.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast changing world.
Serverless in production, an experience report (linuxing in london)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
After consulting with several companies on performance related issues, it became clear that one of the biggest performance issues facing websites today is the sheer amount of JavaScript needed to power the page. The demand for more interactive and responsive applications has driven JavaScript usage through the roof. It’s quite common for large sites to end up with over 1 MB of JavaScript code on their page even after minification. But do today’s web applications really need that much JavaScript?
Beware the potholes on the road to serverlessYan Cui
Looking in from the outside, serverless seems so simple! And yet, many companies are struggling on their journey to serverless. In this talk, I highlight a number of mistakes companies are making when they adopt serverless.
Serveless Design Patterns (Serverless Computing London)Yan Cui
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with Lambda, and how to pick the right event source based on the tradeoffs you want. Here are a few patterns that we'll cover in the talk: pub-sub, cron, push-pull, saga and decoupled invocation.
How to build observability into Serverless (O'Reilly Velocity 2018)Yan Cui
Serverless introduces a number of challenges to existing tools for observability, we need to adapt our practices to fit this new paradigm. In this talk we will discuss how we can build observability into a serverless application. We will see how you can implement log aggregation, distributed tracing and correlation IDs through both synchronous as well as asynchronous events.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast changing world.
Serverless in production, an experience report (linuxing in london)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
After consulting with several companies on performance related issues, it became clear that one of the biggest performance issues facing websites today is the sheer amount of JavaScript needed to power the page. The demand for more interactive and responsive applications has driven JavaScript usage through the roof. It’s quite common for large sites to end up with over 1 MB of JavaScript code on their page even after minification. But do today’s web applications really need that much JavaScript?
Using JHipster 4 for generating Angular/Spring Boot appsYakov Fain
JHipster 4 is an open-source code generator that allows you to automate generation and configuration of the Web project that uses the latest version of Angular on the front and Spring framework on the back. Over the next year, Angular/Spring combination will become a valuable addition to the skill set of any enterprise Java developer. In this presentation, you’ll see how to jump-start a Web project with JHipster.
Serverless in production, an experience report (Going Serverless)Yan Cui
In this talk Yan Cui shares his experience of migrating an existing monolithic architecture for a social network to AWS Lambda, and how it empowered a small team to deliver features quickly and how they address operational concerns such as CI/CD, logging, monitoring and config management.
Overview of Selenium, WebDriver, Watir and related open source cross-browser testing technologies. Presentation given by Martin Kleppmann, founder of browser testing service Go Test It, at Ruby Manor 2009.
Comparing Hot JavaScript Frameworks: AngularJS, Ember.js and React.js - Sprin...Matt Raible
JavaScript MVC Frameworks are all the rage these days. They’ve taken the web development world by storm. This session explores the various features of the three hottest JavaScript MVC frameworks: AngularJS, Ember.js and React.js. It also compares client-side templating vs. server-side templating and how well each framework supports Isomorphic JavaScript (code that can run both client-side and server-side). Finally, it ranks each framework on 10 different criteria using Yevgeniy Brikman’s framework scorecard.
Video on InfoQ: https://www.infoq.com/presentations/comparing-angular-ember-react
Containerizing your Security Operations CenterJimmy Mesta
AppSec USA 2016 talk on using containers and Kubernetes to manage a variety of security tools. Includes best practices for securing Kubernetes implementations.
Serverless observability - a hero's perspectiveYan Cui
Yan Cui, an AWS Serverless Hero, will talk about the learnings from using serverless at scale.
He will cover the challenges for observability in serverless asynchronous workloads and the patterns to address those challenges, like using centralized logging, correlation IDs, tracing, lambda extensions.
What's the best way of automating end-to-end, browser-level tests for web apps? In this talk, I compare Selenium, WebDriver, Watir and other libraries, and share experience of automated browser tests on hundreds of different sites. I also give updates on latest developments in open source functional testing tools.
my presentation at houston.rb on Grape, the API builder for rack based systems using a friendly ruby/sinatra like interface. It makes separating out your API from you web app logic really easy.
High Performance JavaScript - WebDirections USA 2010Nicholas Zakas
Ever wonder why the page appears frozen or why you get a dialog saying, “this script is taking too long”? Inside of the browser, JavaScript and the page’s UI are very intertwined, which means they can affect each other and, in turn, affect overall page performance. Ensuring the fastest execution time of JavaScript code isn’t about geek cred, it’s about ensuring that the user experience is as fast and responsive as possible. In a world where an extra second can cost you a visitor, sluggishness due to poor JavaScript code is a big problem. In this talk, you’ll learn what’s going on inside the browser that can slow JavaScript down and how that can end up creating a “slow page”. You’ll also learn how to overcome the conspiracy against your code by eliminating performance bottlenecks.
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open-source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Delivered at JokerConf on October 28, 2021 at 11am MDT: https://jokerconf.com/en/talks/lock-that-sh*t-down-auth-security-patterns-for-apps-apis-and-infra/
In this talk, Chris Mills discusses the historic problems with web apps and which technologies are stepping up to fill the holes. This includes device APIs such as Web Activities, Camera, device orientation and nfc, offline apps (which are finally looking realistic thanks to service workers), installable apps, and high quality games and other immersive high performance experiences using such features as Web audio API, Pointer lock, asm.js and Emscripten.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Angular Summit 2015Matt Raible
Presentation from Angular Summit talk in September 2015. http://angularsummit.com/conference/boston/2015/09/session?id=34190
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project for you and allow you to use Java 7 or 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Grunt or Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry, Heroku and Openshift.
Web developers now have a large number of APIs available allowing them to harness complex functionality via JavaScript and produce ever more interesting web experiences. This presentation looks at where we can from, where APIs are going in the future, and what problems we are currently in the process of solving. This includes Multimedia, Offline, device hardware access, internationalization, and more.
Java REST API Framework Comparison - PWX 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
A. De Biase/C. Quatrini/M. Barsocchi - API Release Process: how to make peopl...Codemotion
We would like to suggest a sustainable delivery process that defeated the chaos caused by their usage complexity and now stakeholders, business, developers, quality assurance and users are happier. Velocity + High Quality = $$$ How can you use this approach to improve your business? What are the reasons why our nerdy world is so resistant to speed up time to market? Come with us in a nice journey through our experience in Hotels.com. Virtualization, parallelism, containers and other nice stuff for a final demo.
Serverless in production (O'Reilly Software Architecture)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.
Using JHipster 4 for generating Angular/Spring Boot appsYakov Fain
JHipster 4 is an open-source code generator that allows you to automate generation and configuration of the Web project that uses the latest version of Angular on the front and Spring framework on the back. Over the next year, Angular/Spring combination will become a valuable addition to the skill set of any enterprise Java developer. In this presentation, you’ll see how to jump-start a Web project with JHipster.
Serverless in production, an experience report (Going Serverless)Yan Cui
In this talk Yan Cui shares his experience of migrating an existing monolithic architecture for a social network to AWS Lambda, and how it empowered a small team to deliver features quickly and how they address operational concerns such as CI/CD, logging, monitoring and config management.
Overview of Selenium, WebDriver, Watir and related open source cross-browser testing technologies. Presentation given by Martin Kleppmann, founder of browser testing service Go Test It, at Ruby Manor 2009.
Comparing Hot JavaScript Frameworks: AngularJS, Ember.js and React.js - Sprin...Matt Raible
JavaScript MVC Frameworks are all the rage these days. They’ve taken the web development world by storm. This session explores the various features of the three hottest JavaScript MVC frameworks: AngularJS, Ember.js and React.js. It also compares client-side templating vs. server-side templating and how well each framework supports Isomorphic JavaScript (code that can run both client-side and server-side). Finally, it ranks each framework on 10 different criteria using Yevgeniy Brikman’s framework scorecard.
Video on InfoQ: https://www.infoq.com/presentations/comparing-angular-ember-react
Containerizing your Security Operations CenterJimmy Mesta
AppSec USA 2016 talk on using containers and Kubernetes to manage a variety of security tools. Includes best practices for securing Kubernetes implementations.
Serverless observability - a hero's perspectiveYan Cui
Yan Cui, an AWS Serverless Hero, will talk about the learnings from using serverless at scale.
He will cover the challenges for observability in serverless asynchronous workloads and the patterns to address those challenges, like using centralized logging, correlation IDs, tracing, lambda extensions.
What's the best way of automating end-to-end, browser-level tests for web apps? In this talk, I compare Selenium, WebDriver, Watir and other libraries, and share experience of automated browser tests on hundreds of different sites. I also give updates on latest developments in open source functional testing tools.
my presentation at houston.rb on Grape, the API builder for rack based systems using a friendly ruby/sinatra like interface. It makes separating out your API from you web app logic really easy.
High Performance JavaScript - WebDirections USA 2010Nicholas Zakas
Ever wonder why the page appears frozen or why you get a dialog saying, “this script is taking too long”? Inside of the browser, JavaScript and the page’s UI are very intertwined, which means they can affect each other and, in turn, affect overall page performance. Ensuring the fastest execution time of JavaScript code isn’t about geek cred, it’s about ensuring that the user experience is as fast and responsive as possible. In a world where an extra second can cost you a visitor, sluggishness due to poor JavaScript code is a big problem. In this talk, you’ll learn what’s going on inside the browser that can slow JavaScript down and how that can end up creating a “slow page”. You’ll also learn how to overcome the conspiracy against your code by eliminating performance bottlenecks.
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open-source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Delivered at JokerConf on October 28, 2021 at 11am MDT: https://jokerconf.com/en/talks/lock-that-sh*t-down-auth-security-patterns-for-apps-apis-and-infra/
In this talk, Chris Mills discusses the historic problems with web apps and which technologies are stepping up to fill the holes. This includes device APIs such as Web Activities, Camera, device orientation and nfc, offline apps (which are finally looking realistic thanks to service workers), installable apps, and high quality games and other immersive high performance experiences using such features as Web audio API, Pointer lock, asm.js and Emscripten.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Angular Summit 2015Matt Raible
Presentation from Angular Summit talk in September 2015. http://angularsummit.com/conference/boston/2015/09/session?id=34190
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project for you and allow you to use Java 7 or 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Grunt or Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry, Heroku and Openshift.
Web developers now have a large number of APIs available allowing them to harness complex functionality via JavaScript and produce ever more interesting web experiences. This presentation looks at where we can from, where APIs are going in the future, and what problems we are currently in the process of solving. This includes Multimedia, Offline, device hardware access, internationalization, and more.
Java REST API Framework Comparison - PWX 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
A. De Biase/C. Quatrini/M. Barsocchi - API Release Process: how to make peopl...Codemotion
We would like to suggest a sustainable delivery process that defeated the chaos caused by their usage complexity and now stakeholders, business, developers, quality assurance and users are happier. Velocity + High Quality = $$$ How can you use this approach to improve your business? What are the reasons why our nerdy world is so resistant to speed up time to market? Come with us in a nice journey through our experience in Hotels.com. Virtualization, parallelism, containers and other nice stuff for a final demo.
Serverless in production (O'Reilly Software Architecture)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.
Serverless in production, an experience reportYan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Serverless Design Patterns (London Dev Community)Yan Cui
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.
How to build a social network on serverlessYan Cui
Many people are building different workloads using serverless technologies these days, but how would a non-trivial system such as a social network look like on serverless?
In this talk Yan will discuss his journey of migrating a social network startup to serverless, and how his team was able to improve performance, scalability and feature delivery using serverless technologies.
Yan will discuss how serverless technologies such as Lambda are used to implement each part of their system, including search, push notifications, timeline, user recommendations, and business intelligence. If you're wondering how serverless can be used to solve a wide variety of challenges in your business, this is the talk for you.
Serverless in production, an experience report (FullStack 2018)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
With third party clients connecting to your service you may find that the assumptions or opinions of a typical rails application are not robust enough. We'll run through some key considerations when building an API that will be consumed by a mobile app.
Serverless in Production, an experience report (AWS UG South Wales)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Serverless in production, an experience report (microservices london)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
In this session, we will look at 10 common use cases for AWS Lambda such as REST APIs, WebSockets, IoT and building event-driven systems. We will also touch on some of the latest platform features such as Provisioned Concurrency, EFS integration and Lambda Destinations and when and where we should use them.
Apply best parts of microservices to serverlessYan Cui
Whenever a new paradigm comes along, we often cast the previous incumbents as relics to be forgotten by history, only to then repeat the same mistakes as they once did. On the surface Serverless has revolutionised how we build and run software, but deep down we are still building microservices and face the same challenges. As more of us adopt Serverless and build increasingly complex systems using this new paradigm, it's important to take a moment to reflect on the lessons others have learnt about building microservices and how they can be applied to our Serverless applications.
Serverless in production, an experience report (BuildStuff)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.
Serveless design patterns (VoxxedDays Luxembourg)Yan Cui
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your AWS account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with AWS Lambda, and learn how to pick the right event source based on the tradeoffs you want. Amongst the many patterns we'll explore, here are a few to whet your appetite : pub-sub, cron, push-pull, saga and decoupled invocation.
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with Lambda, and how to pick the right event source based on the tradeoffs you want. Here are a few patterns that we'll cover in the talk: pub-sub, cron, push-pull, saga and decoupled invocation.
Serverless in production, an experience report (codemotion milan)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
Yan Cui - Serverless in production, an experience report - Codemotion Milan 2017Codemotion
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures? In this talk Yan will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Delivered at the Serverless Summit 2022. Learn how to design serverless systems and tip the balance of trade-offs in your favour.
To learn how to build production-grade serverless applications, check out my upcoming workshops at productionreadyserverless.com and get 15% off with the code "serverlesssummit22".
At the heart of every event-driven architecture is a conduit for messages to flow through. AWS offers many services that can act as such conduit - EventBridge, SNS, SQS, Kinesis, DynamoDB streams, MSK, IOT Core and Amazon MQ just to name a few! These services have different characteristics and trade-offs around performance, scalability and cost. Picking the right service for your workload is not always easy. In this talk, let’s talk about how to pick the right messaging service to use in your event-driven architecture and play the game of trade-offs to your advantage.
How to choose the right messaging service for your workloadYan Cui
At the heart of every event-driven architecture is a conduit for messages to flow through. AWS offers many services that can act as such conduit - EventBridge, SNS, SQS, Kinesis, DynamoDB streams, MSK, IOT Core and Amazon MQ just to name a few! These services have different characteristics and trade-offs around performance, scalability and cost. Picking the right service for your workload is not always easy. In this talk, let’s talk about how to pick the right messaging service to use in your event-driven architecture and play the game of trade-offs to your advantage.
Patterns and practices for building resilient serverless applications.pdfYan Cui
Lambda gives you multi-AZ out-of-the-box, but still, things can go wrong in production. There are region-wide outages, and performance degradation in services your function depends on can cause it to time out or error. And what if you're dealing with downstream systems that just aren't as scalable and can't handle the load you put on them? The bottom line is many things can go wrong and they often do at the worst of times. The goal of building resilient systems is not to prevent failures, but to build systems that can withstand these failures. In this talk, we will look at a number of practices and architectural patterns that can help you build more resilient serverless applications. Such as multi-region, active-active, employing DLQs and surge queues. We'll also see how we can use chaos experiments to help us identify failure modes before they manifest in production.
How to ship customer value faster with step functionsYan Cui
Learn all about AWS Step Functions and how to use them to model business workflows and ship customer values quickly. In this session, we will talk about what is Step Functions, how to model business workflows as state machines, real-world case studies, and design patterns. By the end of this webinar, you should have a good idea of where Step Functions fit into your application and why you should use them (and why not!) to model workflows instead of building a custom solution yourself.
One of the key characteristics of serverless components is the pay-per-use pricing model. For example, with AWS Lambda, you don’t pay for the uptime of the underlying infrastructure but for the no. of invocations and how long your code actually runs for.
This important characteristic removes the need for many premature micro-optimizations as your cost is always tightly linked to usage and minimizes waste. As a result, many applications would run at a fraction of the cost if they were moved to serverless.
The pay-per-use pricing model also enables more accurate cost prediction and monitoring based on your application’s throughput. This gives rise to the notion of FinDev, where finance and development can intersect and allows optimization to be targeted to give the optimal return-on-invest on the engineering efforts.
And by building your application on serverless components, you can also leverage it as a business advantage and offer a more competitive, usage-based pricing to your customers. Which is going to be crucial at a time when businesses all around the world are affected by COVID and are looking for better efficiencies.
In this webinar, we will cover topics such as:
- How does the cost of serverless differ from serverful applications?
- How to predict and monitor cost in serverless applications?
- When should you optimize for cost?
- How can you leverage usage-based pricing as a business advantage?
Why your next serverless project should use AWS AppSyncYan Cui
In this webinar, Yan Cui and Lumigo Software Engineer Guy Moses will discuss some of the power of GraphQL and AppSync and why AppSync + Lambda + DynamoDB should be your stack of choice in 2021 and beyond!
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
Patterns and practices for building resilient serverless applicationsYan Cui
Lambda gives you multi-AZ out-of-the-box, but still, things can go wrong in production. There are region-wide outages, and performance degradation in services your function depends on can cause it to time out or error. And what if you're dealing with downstream systems that just aren't as scalable and can't handle the load you put on them? The bottom line is many things can go wrong and they often do at the worst of times. The goal of building resilient systems is not to prevent failures, but to build systems that can withstand these failures. In this talk, we will look at a number of practices and architectural patterns that can help you build more resilient serverless applications. Such as multi-region, active-active, employing DLQs and surge queues. We'll also see how we can use chaos experiments to help us identify failure modes before they manifest in production
How to bring chaos engineering to serverlessYan Cui
You might have heard about chaos engineering in the context of Netflix and Amazon, and how they kill EC2 servers in production at random to verify that their systems can stay up in the face of infrastructure failures. But did you know that the same ideas can be applied to serverless applications? Yes, despite not having access to the underlying servers, we can still apply principles of chaos engineering to uncover failure modes in our system (and there are plenty!) so we can build a defence against them and make our serverless applications more robust and more resilient!
Migrating existing monolith to serverless in 8 stepsYan Cui
Refactoring a monolith to serverless can be intimidating, but there are discrete steps that you can take to simplify the process. In this talk, AWS Serverless Hero Yan Cui outlines 8 steps to successfully refactor your monolith and highlight key decision points such as language and tooling choices.
Building a social network in under 4 weeks with Serverless and GraphQLYan Cui
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
FinDev as a business advantage in the post covid19 economyYan Cui
The impact COVID19 has had on consumer economy, ripples out to other service providers - analytics tools, etc because everyone is going to be squeezed. And the variable-cost (or pay-as-you-use) pricing model will be more appealing as companies tighten up their budgets for non-essential services/tools.
AWS has improved Lambda cold starts by leaps and bounds in the last year. But for performance-sensitive applications such as user-facing APIs, Lambda cold starts are still a thorn in one’s side, especially when working with languages such as Java and .Net Core.
In this webinar, we will dive into strategies for improving cold start latency and how to mitigate them altogether with Provisioned Concurrency, and how Lumigo helps you optimize your use of Provisioned Concurrency.
A chaos experiment a day, keeping the outage awayYan Cui
Presented at ServerlessDays Warsaw
Recording: https://youtu.be/21HprKZQczs
You might have heard about chaos engineering in the context of Netflix and Amazon, and how they kill EC2 servers in production at random to verify that their systems can stay up in the face of infrastructure failures. But did you know that the same ideas can be applied to serverless applications? Yes, despite not having access to the underlying servers, we can still apply principles of chaos engineering to uncover failure modes in our system (and there are plenty!) so we can build defence against them and make our serverless applications more robust and more resilient!
One of the most common performance issues in serverless architectures is elevated latencies from external services, such as DynamoDB, ElasticSearch or Stripe.
In this webinar, we will show you how to quickly identify and debug these problems, and some best practices for dealing with poor performing 3rd party services.
How to ship customer value faster with step functionsYan Cui
In this talk, I'm gonna tell you all about AWS Step Functions - how it works, when to use it, and some tips on how to accelerate app development so you can ship customer values faster.
Recording: coming soon
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
48. no. of DynamoDB tables
no. of API Gateway regional APIs
no. of API Gateway edge-optimized APIs
no. of Kinesis shards
no. of IAM roles
no. of S3 buckets
no. of CloudFormation stacks
no. of SNS subscription filters
no. of SSM parameters
…
Resource Limits
59. the platforms need to do better at educating users on
how to choose between different services
60. SNS vs SQS vs Kinesis vs MKS?
the platforms need to do better at educating users on
how to choose between different services
61. ordering
replay events
Kinesis SQS SNS
by shard
none (standard)
global (FIFO)
none
up to 7 days none none
mode
retry
batched batched (up to 10) singular
retried until
success
retry + DLQ retry + DLQ
concurrency 1 per shard auto-scaled fan-out!!!
subscribers many one-to-one many
110. ordering
replay events
Kinesis SQS SNS
by shard
none (standard)
global (FIFO)
none
up to 7 days none none
mode
retry
batched batched (up to 10) singular
retried until
success
retry + DLQ retry + DLQ
concurrency 1 per shard auto-scaled fan-out!!!
subscribers many one-to-one many
114. ordering
replay events
Kinesis SQS SNS
by shard
none (standard)
global (FIFO)
none
up to 7 days none none
mode
retry
batched batched (up to 10) singular
retried until
success
retry + DLQ retry + DLQ
concurrency 1 per shard auto-scaled fan-out!!!
subscribers many one-to-one many