In my experience many large enterprises would love the adoption of DevOps to be as simple as bringing Development closer to Operations. In practice they need to consider many development teams, multiple suppliers, multiple service providers, not to mention multiple business divisions. I describe my experiences of implementing Continuous Delivery in large enterprises with heterogeneous technology stacks and share my belief that Platform Applications will be the saviour of enterprise DevOps.
Continuous Delivery for IT Operations TeamsMark Rendell
Mark Rendell leads the DevOps Control Services Centre at Accenture, which provides Continuous Delivery services to projects. He discusses how Continuous Delivery relies on operations teams to provide consistent environments and testing. It also teaches operations teams to adopt practices from developers like infrastructure as code and automated testing. This transition means operations teams focus more on delivering value through software and treating infrastructure like an application.
What are the Cool Kids Doing With Continuous Delivery?CA Technologies
Building a solid application delivery tool chain is no easy task. The popularity of infrastructure configuration management tools like Puppet, Chef, Salt and others are a direct result of the explosion of virtual machines needing to be maintained, configured and provisioned. Learn how you can leverage these trends and combine infrastructure configuration and release automation to build an enterprise class continuous delivery solution for your business.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
Case Study: How CA’s IT Automated Salesforce Deployments with CA Release Auto...CA Technologies
SaaS-based applications like Salesforce.com are increasingly relevant to companies to compete and grow their business. However, the opportunity of faster time to value and availability offered by Cloud and SaaS comes with an urgent need to automate the application development and release processes. Learn how CA’s internal IT team used CA Release Automation to reduce SFDC software deployment times - simplifying and standardizing the release process and minimizing errors.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
Achieving DevOps using Open Source Tools in the EnterpriseCollabNet
Join Tech Mahindra and CollabNet to learn how you can deliver business value more quickly with higher quality using Tech Mahindra ADOPT (Agile DevOps Process Transformation), an offering for enterprise software development teams built and delivered on the CollabNet TeamForge framework for open source tools.
Continuous Delivery for IT Operations TeamsMark Rendell
Mark Rendell leads the DevOps Control Services Centre at Accenture, which provides Continuous Delivery services to projects. He discusses how Continuous Delivery relies on operations teams to provide consistent environments and testing. It also teaches operations teams to adopt practices from developers like infrastructure as code and automated testing. This transition means operations teams focus more on delivering value through software and treating infrastructure like an application.
What are the Cool Kids Doing With Continuous Delivery?CA Technologies
Building a solid application delivery tool chain is no easy task. The popularity of infrastructure configuration management tools like Puppet, Chef, Salt and others are a direct result of the explosion of virtual machines needing to be maintained, configured and provisioned. Learn how you can leverage these trends and combine infrastructure configuration and release automation to build an enterprise class continuous delivery solution for your business.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
Case Study: How CA’s IT Automated Salesforce Deployments with CA Release Auto...CA Technologies
SaaS-based applications like Salesforce.com are increasingly relevant to companies to compete and grow their business. However, the opportunity of faster time to value and availability offered by Cloud and SaaS comes with an urgent need to automate the application development and release processes. Learn how CA’s internal IT team used CA Release Automation to reduce SFDC software deployment times - simplifying and standardizing the release process and minimizing errors.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
Achieving DevOps using Open Source Tools in the EnterpriseCollabNet
Join Tech Mahindra and CollabNet to learn how you can deliver business value more quickly with higher quality using Tech Mahindra ADOPT (Agile DevOps Process Transformation), an offering for enterprise software development teams built and delivered on the CollabNet TeamForge framework for open source tools.
Presentation on Gene Kims - DevOps Enterprise Summit 2021. Anders presents a journey from journey from Monolithic applications to Microservices, On-Premise hosting to Public Cloud and from 3 production deployments per year to 30+ per
day.
DevOps Transformation - technical and organizational goalsAgron Fazliu
The document discusses the technical aspects of a DevOps transformation. It states that technical aspects should include always-ready, automated, uniform, and independent releases on all virtual environments using the latest software inside resilient containers with service discovery and multi-stage history-enabled feedback systems. It then provides explanations for each of these elements across 14 slides to fully define what achieving this technical standard would entail for an organization's processes and infrastructure.
The document discusses dependency injection, including its benefits like loosely coupled classes, increased code reuse, maintainable code, and testable methods. It notes that with dependency injection, all dependencies are specified in one place and class dependencies are clearly visible in the constructor. Examples are provided of how dependency injection can help when requirements change, like needing to support new notification methods or data sources.
This document provides an overview of various DevOps tools across different categories like source code management, continuous integration, infrastructure automation, container management, and more. It discusses the purpose and use of tools in each category. It also notes that the DevOps tools market is large and growing, reaching an estimated $8.8 billion by 2023, and that new tools will continue to emerge as DevOps practices mature.
Drive Continuous Delivery With Continuous TestingCA Technologies
Silos. Lack of visibility. Some agile teams… some not. Manual handoffs. Bottlenecks.
This summer, it’s time to get outside (your old processes) and take some time off (your application release cycle). Take back your weekends and spend more time by the pool. We’ll show you how to automate, orchestrate, and facilitate continuous everything – and that includes continuous testing – one of the biggest bottlenecks of all.
You’ll learn how to:
Automatically shift quality left: Orchestrate and automate testing in every phase of the SDLC with automated promotion and feedback loops
Accelerate testing in the cloud: Test web and mobile apps in parallel – achieve up to 10X improvement in testing time. Use tools of choice while optimizing every aspect of your complex, interdependent multi-application pipelines.
Get started in less than 1 hour…. and for free! Achieve truly automated, continuous delivery (including continuous testing!!!) in the cloud with CA and Sauce Labs.
Try Continuous Delivery Director free:
https://cddirector.io/#/home
Try Sauce Labs free:
https://saucelabs.com/
Everybody loves a good love story. And even more so one that mixes in pop stars and the music business! If you have an interest in hearing about how the benefits of DevOps can help unblock the delivery of IT innovation in your business then you’ll want to hear this story.
DevOps-as-a-Service: Towards Automating the AutomationKeith Pleas
DevOps-as-a-Service: Towards Automating the Automation
Accenture has a global DevOps practice with over 4,400 DevOps trained professionals and 1,700 experts. They provide DevOps services using their ADOP (Accenture DevOps Platform) which is an open source DevOps platform. They offer both dedicated ADOP instances and a managed ADOP service. The presentation discusses automating DevOps processes and tooling as well as the importance of people aspects like culture when adopting DevOps.
DevOps Workshop, DevOps for DoD ProfessionalsTonex
DevOps and DevSecOps are organizational software engineering culture and best practices, aiming to unify software development (Dev), security (Sec) and operations (Ops).
The main feature and goal is to automate, monitor and apply security at all stages of the software life cycle: planning, development, construction, testing, release, delivery, deployment, operation and monitoring.
DoD’s legacy software acquisition and development practices and processes don't provide the agility to deploy new software “at the speed of operations”.
In addition, security is usually an afterthought, not inbuilt from the start of the lifecycle of the appliance and underlying infrastructure. DevOps and DevSecOps are the industry best practice for rapid, secure software development.
With the increasing demand for security development, testing, and deployment of IT professionals to improve business efficiency, DevOps has become a software development process that emphasizes communication and collaboration between products, software developers, and operations professionals .
Tonex Offers DevOps Training Workshop, DevOps for DoD Professionals
The DevOps workshop, The DevOps professional training workshop for DoD professionals will assist you master the art and science knowledge to enhance the event and operation activities of the whole DoD team.
Participants will use configuration management tools such as Puppet, SaltStack, and Ansible to build expertise in continuous deployment. The DoD enterprises DevOps and DevSecOps of the Department of Defense (DoD) focus on DOD needs DevOps to accelerate IT service delivery.
Participants will improve their knowledge and skills in the DevOps field through comprehensive courses covering DevOps, Git and GitHub, Jenkins' CI/CD, configuration management, Docker, Kubernetes and many other concepts.
Training Objectives
Learn how to build DevOps skills to meet team needs
Increase knowledge and skills in DevOps methodology
Use continuous integration and continuous delivery (CI/CD) to improve the productivity to gain a competitive advantage
Build and deepen knowledge about configuration management and containerization
Gain knowledge of Github, Chef, Jenkins, ChefSpec, Inspec, Test Kitchen, Groovy, Maven and JFrog Artifactory
Become skilled at cloud, source code control, deployment automation and DevOps on cloud platforms
Course Outline:
Introduction to DevOps
DoD DevOps Conceptual Model
DoD DevOps Ecosystem
DevOps Tools and Activities
DevOps Implementation
Overview of DevOps and DevSecOps Product Stack
Audience:
Engineers
Program and Project Managers
Developers
Application Team
Software Engineers, Managers and Directors
IT Executives
Operations Managers
QA and Test Engineers and Managers
Project Managers
Release and Configuration Managers
Scrum Masters
Learn More:
https://www.tonex.com/training-courses/devops-workshop-devops-for-dod/
This document summarizes Derek Weeks' presentation on analyzing open source software supply chains using metrics like time to remediate vulnerabilities, time to update dependencies, and prevalence of stale dependencies. It finds that projects which release frequently, update dependencies quickly, and have larger development teams tend to be more secure, popular, and well-maintained. Projects are clustered into exemplars, laggards, features-first, and cautious groups based on these metrics. Exemplar projects with small, efficient teams are recommended as the best open source suppliers to use. The document advocates for automating security and supply chain management to achieve faster DevOps feedback loops.
DevOps is becoming the latest revolution in the field of Information Technology. DevOps is an extension of agile principles which focuses of user's satisfaction. DevOps is a mix of Product Development, Quality Assurance, and System Operation. It brings down the silos between these departments to increase efficiency in the products of an enterprise.
Nowadays, more and more enterprises are embracing DevOps for its advantages. This presentation is just an introduction of DevOps. People who don't have a deep understanding of computer & IT concepts, can easily follow the commentary on DevOps in this presentation.
Inflectracon2020: Advantages of Integrating a DevSecOps Pipeline with the Spi...Inflectra
Welcome to InflectraCon 2020!
Please enjoy Inflectra's partner presentation on common DevSecOps pipeline concepts and the integration of a typical pipeline with the Spira family of tools. The key takeaways are:
- Explore foundational DevSecOps pipeline concepts, components, and functions.
- Understand how the move to DevSecOps can help detect defects before production quickly and prevent continuous bugs.
- Learn how you can jump-start your efforts and have a working pipeline on your project.
The presentation is by the Inflectra Partner - Coveros. The companion video is available here https://www.youtube.com/watch?v=bTQJtr1Digw
Continuous Delivery in a Legacy Shop - One Step at a TimeGene Gotimer
Not every continuous delivery (CD) initiative starts with someone saying “Drop everything. We’re going to do DevOps.” Sometimes, you have to grow your process incrementally. And sometimes you don’t set out to grow at all—you are just fixing problems with your process, trying to make things better. Gene Gotimer discusses techniques and the chain of tools he has used to bring a DevOps mindset and CD practices into a legacy environment. Gene discusses how his team started fixing problems and making process improvements in development. From there, they tackled one problem after another, each time making the release a little better and a little less risky. They incrementally brought their practices through other environments until the project was confidently delivering working and tested releases every two weeks. Gene shares their journey and the tools they used to build quality into the product, the releases, and the release process.
The document provides an overview of scaling agile practices across distributed teams. It discusses Marc Carrel-Billiard's background and experience at Accenture. It then outlines how two projects at Digiplug, a Digital Supply Chain project and Retail Services Platform, implemented distributed agile practices with offshore teams to achieve mature agile delivery. Key steps included starting with offshore teams in development and testing, then scaling up the offshore teams and distributing operations and design experts.
The document introduces DevOps concepts including why DevOps is needed, its principles and goals. It discusses that DevOps aims to reduce the time between code changes and production deployment while ensuring quality. DevOps promotes a culture of collaboration between development and operations teams through practices like automation, continuous integration/delivery, and sharing of knowledge. It also covers DevOps maturity levels, team topologies and categories of tools that can support DevOps workflows.
CI/CD pipelines help DevOps teams automate and drive scalability of mobile app releases. However, teams still experience friction from all kinds of testing. To speed the flow, organizations are now turning to automated continuous testing (CT) in the pipeline by engaging the test automation and security teams. The latest advancements in functional and performance testing enable organizations to run faster, friction-free pipelines with CI/CD/CT.
Join Perfecto by Perforce Chief Evangelist and author, Eran Kinsbruner, and NowSecure Chief Mobility Officer, Brian Reed, in this webinar. Understand how successful organizations optimize their CI/CD pipelines with automated CT tools for functional and security testing in their build process.
Watch this webinar to learn the following:
- Fundamentals of continuous testing (CT) strategy for CI/CD/CT pipelines.
- How to fit automated security and functional testing together inside a DevOps process.
- Common pitfalls in mobile app security and how to overcome them.
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyPerfecto by Perforce
No matter how good their test automation framework is, QA managers and engineers still get blamed whenever defects escape to production. This begs the question, why are critical defects — whether functional or non functional — escaping to production?
In this virtual session, Eran Kinsbruner, Chief Evangelist at Perfecto by Perforce, will uncover the root causes behind escaped defects in traditional testing cycles. Eran will provide a prescriptive and proven approach to building a solid test automation coverage strategy that reduces such risks.
Best Practices for Shifting Left Performance and Accessibility TestingPerfecto by Perforce
Web and mobile test cycles typically leverage automation frameworks like Selenium and Appium that are mostly focused on functional testing with end-to-end scenarios. But what about nonfunctional testing — including performance, accessibility, security, and UX?
Unfortunately, nonfunctional testing is either left to the end of the cycle or done only partially. Or, it’s outsourced externally, where it is performed manually due to a lack of time and automation abilities.
When nonfunctional testing is overlooked or left until the end of cycle, performance, accessibility, and UX defects can cause brand damage and are more expensive to fix after the fact. Specifically, accessibility defects can also result in expensive complaints or lawsuits.
Learn how you can avoid damaging defects. Join our panel webinar led by Perfecto’s VP of Products Tzvika Shahaf and Chief Evangelist and author Eran Kinsbruner, together with Dylan Barrel, CTO at Deque, and Henrik Rexed, Performance Testing Advocate from Neotys, to learn how you can expand your coverage within the build cycle by shifting automated nonfunctional testing left.
During the webinar, you will learn:
- The key benefits of shifting performance and accessibility testing left.
- Best practices and recommendations on how to succeed in shifting such tests into the build process.
- How to get started with mobile and web performance and accessibility testing.
Dev ops tutorial for beginners what is devops & devops toolsJanBask Training
DevOps Tools Are Used To Offer Improved Performance. You can explore more about above-listed DevOps tools (Puppet, Chef, Sensu, Nagios, Bamboo, Eclipse, Git, Saltstack, Jenkins ) that are used to provide improved performance by DevOps team. DevOps tools are used to improve the developer's efficiency.
LinkedIn provides a technical onboarding program to teach new hires about how LinkedIn builds and operates applications and services. The summary covers the key learning outcomes around LinkedIn's architecture, development process, systems that power the platform, and core values. It also introduces some of the leadership team and major organizational groups within R&D like Product and Engineering.
KCD Munich - Cloud Native Platform Dilemma - Turning it into an OpportunityAndreas Grabner
This talk was given at KCD Munich - July 17 2023
Abstract
“Kubernetes is a platform for building platforms. It’s a better place to start: not the endgame”, tweeted by Kelsey Hightower in November 2017. 6 years later the Cloud Native Community is faced with 159 different CNCF projects to choose from. Entering CNCF can be overwhelming!
Cloud Native Platform Engineering with white papers, best practices and reference architectures are here to convert this dilemma into an opportunity. Internal Developer Platforms (IDP) are being built as we speak enabling organizations to harness the power of Kubernetes as a self-service platform.
Join this talk with Andreas Grabner, CNCF Ambassador, and get some insights on tooling, use cases and best practices so we can all fulfill the idea that Kelsey put out years ago.
Presentation on Gene Kims - DevOps Enterprise Summit 2021. Anders presents a journey from journey from Monolithic applications to Microservices, On-Premise hosting to Public Cloud and from 3 production deployments per year to 30+ per
day.
DevOps Transformation - technical and organizational goalsAgron Fazliu
The document discusses the technical aspects of a DevOps transformation. It states that technical aspects should include always-ready, automated, uniform, and independent releases on all virtual environments using the latest software inside resilient containers with service discovery and multi-stage history-enabled feedback systems. It then provides explanations for each of these elements across 14 slides to fully define what achieving this technical standard would entail for an organization's processes and infrastructure.
The document discusses dependency injection, including its benefits like loosely coupled classes, increased code reuse, maintainable code, and testable methods. It notes that with dependency injection, all dependencies are specified in one place and class dependencies are clearly visible in the constructor. Examples are provided of how dependency injection can help when requirements change, like needing to support new notification methods or data sources.
This document provides an overview of various DevOps tools across different categories like source code management, continuous integration, infrastructure automation, container management, and more. It discusses the purpose and use of tools in each category. It also notes that the DevOps tools market is large and growing, reaching an estimated $8.8 billion by 2023, and that new tools will continue to emerge as DevOps practices mature.
Drive Continuous Delivery With Continuous TestingCA Technologies
Silos. Lack of visibility. Some agile teams… some not. Manual handoffs. Bottlenecks.
This summer, it’s time to get outside (your old processes) and take some time off (your application release cycle). Take back your weekends and spend more time by the pool. We’ll show you how to automate, orchestrate, and facilitate continuous everything – and that includes continuous testing – one of the biggest bottlenecks of all.
You’ll learn how to:
Automatically shift quality left: Orchestrate and automate testing in every phase of the SDLC with automated promotion and feedback loops
Accelerate testing in the cloud: Test web and mobile apps in parallel – achieve up to 10X improvement in testing time. Use tools of choice while optimizing every aspect of your complex, interdependent multi-application pipelines.
Get started in less than 1 hour…. and for free! Achieve truly automated, continuous delivery (including continuous testing!!!) in the cloud with CA and Sauce Labs.
Try Continuous Delivery Director free:
https://cddirector.io/#/home
Try Sauce Labs free:
https://saucelabs.com/
Everybody loves a good love story. And even more so one that mixes in pop stars and the music business! If you have an interest in hearing about how the benefits of DevOps can help unblock the delivery of IT innovation in your business then you’ll want to hear this story.
DevOps-as-a-Service: Towards Automating the AutomationKeith Pleas
DevOps-as-a-Service: Towards Automating the Automation
Accenture has a global DevOps practice with over 4,400 DevOps trained professionals and 1,700 experts. They provide DevOps services using their ADOP (Accenture DevOps Platform) which is an open source DevOps platform. They offer both dedicated ADOP instances and a managed ADOP service. The presentation discusses automating DevOps processes and tooling as well as the importance of people aspects like culture when adopting DevOps.
DevOps Workshop, DevOps for DoD ProfessionalsTonex
DevOps and DevSecOps are organizational software engineering culture and best practices, aiming to unify software development (Dev), security (Sec) and operations (Ops).
The main feature and goal is to automate, monitor and apply security at all stages of the software life cycle: planning, development, construction, testing, release, delivery, deployment, operation and monitoring.
DoD’s legacy software acquisition and development practices and processes don't provide the agility to deploy new software “at the speed of operations”.
In addition, security is usually an afterthought, not inbuilt from the start of the lifecycle of the appliance and underlying infrastructure. DevOps and DevSecOps are the industry best practice for rapid, secure software development.
With the increasing demand for security development, testing, and deployment of IT professionals to improve business efficiency, DevOps has become a software development process that emphasizes communication and collaboration between products, software developers, and operations professionals .
Tonex Offers DevOps Training Workshop, DevOps for DoD Professionals
The DevOps workshop, The DevOps professional training workshop for DoD professionals will assist you master the art and science knowledge to enhance the event and operation activities of the whole DoD team.
Participants will use configuration management tools such as Puppet, SaltStack, and Ansible to build expertise in continuous deployment. The DoD enterprises DevOps and DevSecOps of the Department of Defense (DoD) focus on DOD needs DevOps to accelerate IT service delivery.
Participants will improve their knowledge and skills in the DevOps field through comprehensive courses covering DevOps, Git and GitHub, Jenkins' CI/CD, configuration management, Docker, Kubernetes and many other concepts.
Training Objectives
Learn how to build DevOps skills to meet team needs
Increase knowledge and skills in DevOps methodology
Use continuous integration and continuous delivery (CI/CD) to improve the productivity to gain a competitive advantage
Build and deepen knowledge about configuration management and containerization
Gain knowledge of Github, Chef, Jenkins, ChefSpec, Inspec, Test Kitchen, Groovy, Maven and JFrog Artifactory
Become skilled at cloud, source code control, deployment automation and DevOps on cloud platforms
Course Outline:
Introduction to DevOps
DoD DevOps Conceptual Model
DoD DevOps Ecosystem
DevOps Tools and Activities
DevOps Implementation
Overview of DevOps and DevSecOps Product Stack
Audience:
Engineers
Program and Project Managers
Developers
Application Team
Software Engineers, Managers and Directors
IT Executives
Operations Managers
QA and Test Engineers and Managers
Project Managers
Release and Configuration Managers
Scrum Masters
Learn More:
https://www.tonex.com/training-courses/devops-workshop-devops-for-dod/
This document summarizes Derek Weeks' presentation on analyzing open source software supply chains using metrics like time to remediate vulnerabilities, time to update dependencies, and prevalence of stale dependencies. It finds that projects which release frequently, update dependencies quickly, and have larger development teams tend to be more secure, popular, and well-maintained. Projects are clustered into exemplars, laggards, features-first, and cautious groups based on these metrics. Exemplar projects with small, efficient teams are recommended as the best open source suppliers to use. The document advocates for automating security and supply chain management to achieve faster DevOps feedback loops.
DevOps is becoming the latest revolution in the field of Information Technology. DevOps is an extension of agile principles which focuses of user's satisfaction. DevOps is a mix of Product Development, Quality Assurance, and System Operation. It brings down the silos between these departments to increase efficiency in the products of an enterprise.
Nowadays, more and more enterprises are embracing DevOps for its advantages. This presentation is just an introduction of DevOps. People who don't have a deep understanding of computer & IT concepts, can easily follow the commentary on DevOps in this presentation.
Inflectracon2020: Advantages of Integrating a DevSecOps Pipeline with the Spi...Inflectra
Welcome to InflectraCon 2020!
Please enjoy Inflectra's partner presentation on common DevSecOps pipeline concepts and the integration of a typical pipeline with the Spira family of tools. The key takeaways are:
- Explore foundational DevSecOps pipeline concepts, components, and functions.
- Understand how the move to DevSecOps can help detect defects before production quickly and prevent continuous bugs.
- Learn how you can jump-start your efforts and have a working pipeline on your project.
The presentation is by the Inflectra Partner - Coveros. The companion video is available here https://www.youtube.com/watch?v=bTQJtr1Digw
Continuous Delivery in a Legacy Shop - One Step at a TimeGene Gotimer
Not every continuous delivery (CD) initiative starts with someone saying “Drop everything. We’re going to do DevOps.” Sometimes, you have to grow your process incrementally. And sometimes you don’t set out to grow at all—you are just fixing problems with your process, trying to make things better. Gene Gotimer discusses techniques and the chain of tools he has used to bring a DevOps mindset and CD practices into a legacy environment. Gene discusses how his team started fixing problems and making process improvements in development. From there, they tackled one problem after another, each time making the release a little better and a little less risky. They incrementally brought their practices through other environments until the project was confidently delivering working and tested releases every two weeks. Gene shares their journey and the tools they used to build quality into the product, the releases, and the release process.
The document provides an overview of scaling agile practices across distributed teams. It discusses Marc Carrel-Billiard's background and experience at Accenture. It then outlines how two projects at Digiplug, a Digital Supply Chain project and Retail Services Platform, implemented distributed agile practices with offshore teams to achieve mature agile delivery. Key steps included starting with offshore teams in development and testing, then scaling up the offshore teams and distributing operations and design experts.
The document introduces DevOps concepts including why DevOps is needed, its principles and goals. It discusses that DevOps aims to reduce the time between code changes and production deployment while ensuring quality. DevOps promotes a culture of collaboration between development and operations teams through practices like automation, continuous integration/delivery, and sharing of knowledge. It also covers DevOps maturity levels, team topologies and categories of tools that can support DevOps workflows.
CI/CD pipelines help DevOps teams automate and drive scalability of mobile app releases. However, teams still experience friction from all kinds of testing. To speed the flow, organizations are now turning to automated continuous testing (CT) in the pipeline by engaging the test automation and security teams. The latest advancements in functional and performance testing enable organizations to run faster, friction-free pipelines with CI/CD/CT.
Join Perfecto by Perforce Chief Evangelist and author, Eran Kinsbruner, and NowSecure Chief Mobility Officer, Brian Reed, in this webinar. Understand how successful organizations optimize their CI/CD pipelines with automated CT tools for functional and security testing in their build process.
Watch this webinar to learn the following:
- Fundamentals of continuous testing (CT) strategy for CI/CD/CT pipelines.
- How to fit automated security and functional testing together inside a DevOps process.
- Common pitfalls in mobile app security and how to overcome them.
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyPerfecto by Perforce
No matter how good their test automation framework is, QA managers and engineers still get blamed whenever defects escape to production. This begs the question, why are critical defects — whether functional or non functional — escaping to production?
In this virtual session, Eran Kinsbruner, Chief Evangelist at Perfecto by Perforce, will uncover the root causes behind escaped defects in traditional testing cycles. Eran will provide a prescriptive and proven approach to building a solid test automation coverage strategy that reduces such risks.
Best Practices for Shifting Left Performance and Accessibility TestingPerfecto by Perforce
Web and mobile test cycles typically leverage automation frameworks like Selenium and Appium that are mostly focused on functional testing with end-to-end scenarios. But what about nonfunctional testing — including performance, accessibility, security, and UX?
Unfortunately, nonfunctional testing is either left to the end of the cycle or done only partially. Or, it’s outsourced externally, where it is performed manually due to a lack of time and automation abilities.
When nonfunctional testing is overlooked or left until the end of cycle, performance, accessibility, and UX defects can cause brand damage and are more expensive to fix after the fact. Specifically, accessibility defects can also result in expensive complaints or lawsuits.
Learn how you can avoid damaging defects. Join our panel webinar led by Perfecto’s VP of Products Tzvika Shahaf and Chief Evangelist and author Eran Kinsbruner, together with Dylan Barrel, CTO at Deque, and Henrik Rexed, Performance Testing Advocate from Neotys, to learn how you can expand your coverage within the build cycle by shifting automated nonfunctional testing left.
During the webinar, you will learn:
- The key benefits of shifting performance and accessibility testing left.
- Best practices and recommendations on how to succeed in shifting such tests into the build process.
- How to get started with mobile and web performance and accessibility testing.
Dev ops tutorial for beginners what is devops & devops toolsJanBask Training
DevOps Tools Are Used To Offer Improved Performance. You can explore more about above-listed DevOps tools (Puppet, Chef, Sensu, Nagios, Bamboo, Eclipse, Git, Saltstack, Jenkins ) that are used to provide improved performance by DevOps team. DevOps tools are used to improve the developer's efficiency.
LinkedIn provides a technical onboarding program to teach new hires about how LinkedIn builds and operates applications and services. The summary covers the key learning outcomes around LinkedIn's architecture, development process, systems that power the platform, and core values. It also introduces some of the leadership team and major organizational groups within R&D like Product and Engineering.
KCD Munich - Cloud Native Platform Dilemma - Turning it into an OpportunityAndreas Grabner
This talk was given at KCD Munich - July 17 2023
Abstract
“Kubernetes is a platform for building platforms. It’s a better place to start: not the endgame”, tweeted by Kelsey Hightower in November 2017. 6 years later the Cloud Native Community is faced with 159 different CNCF projects to choose from. Entering CNCF can be overwhelming!
Cloud Native Platform Engineering with white papers, best practices and reference architectures are here to convert this dilemma into an opportunity. Internal Developer Platforms (IDP) are being built as we speak enabling organizations to harness the power of Kubernetes as a self-service platform.
Join this talk with Andreas Grabner, CNCF Ambassador, and get some insights on tooling, use cases and best practices so we can all fulfill the idea that Kelsey put out years ago.
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...Siva Rama Krishna Chunduru
Understand DevOps and it's fitment to various types of applications.
Understand various Organization Roles after Org-restructure.
Understand the way to measure the success.
The DevOps paradigm - the evolution of IT professionals and opensource toolkitMarco Ferrigno
This document discusses the DevOps paradigm and tools. It begins by defining DevOps as focusing on communication and cooperation between development and operations teams. It then discusses concepts like continuous integration, delivery and deployment. It provides examples of tools used in DevOps like Docker, Kubernetes, Ansible, and monitoring tools. It discusses how infrastructure has evolved to be defined through code. Finally, it discusses challenges of security in DevOps and how DevOps works aligns with open source principles like meritocracy, metrics, and continuous improvement.
This document summarizes the DevOps paradigm and tools. It discusses how DevOps aims to improve communication and cooperation between development and operations teams through practices like continuous integration, delivery, and deployment. It then provides an overview of common DevOps tools for containers, cluster management, automation, CI/CD, monitoring, and infrastructure as code. Specific tools mentioned include Docker, Kubernetes, Ansible, Jenkins, and AWS CloudFormation. The document argues that adopting open source principles and emphasizing leadership, culture change, and talent growth are important for successful DevOps implementation.
This document discusses the software development lifecycle (SDLC) and DevOps. It provides an overview of the SDLC phases and Agile Scrum framework. It describes the need for DevOps by explaining problems that can occur when development and operations teams are separated. It proposes DevOps as a solution to automate software delivery and infrastructure changes through a cross-functional team and toolchain. The document outlines various tools used in a DevOps toolchain for version control, IDEs, project management, continuous integration, testing, security, collaboration and more. It concludes by discussing future plans to implement OpenStack, Docker and gain experience with Amazon Web Services.
Tejaswi Desai Resume ASP Dot Net WPF WCF MVC LINQ AgileTejaswi Desai
This document provides a summary of Tejaswi Desai's work experience and qualifications. She has over 12 years of experience in software engineering across roles such as developer, program management, and delivery management. She has expertise in Microsoft technologies and experience with delivery models like Agile. She holds an MCA and is MCPDEA certified. She has worked on projects for clients such as Accenture, ICICI Lombard, and JP Morgan Chase.
DCSF19 How To Build Your Containerization Strategy Docker, Inc.
Lee Namba, Docker
The Docker Enterprise container platform helps organizations deploy and manage applications faster and it secures the application pipeline at a lower cost than traditional application delivery models. But it takes more than just great technology to achieve the desired results. The organization and culture of your enterprise directly impacts what you transform, how it’s done, and who does it. Success requires a strategy for how you will govern the container platform environment, how to assess your application estate, what your delivery pipeline will look like, and how to ensure developers, operators, security teams and others play nicely together. In this talk I will cover topics such as different types of workloads (legacy, microservices, FaaS, big data and more), how your org chart can influence whether you deploy CaaS (Containers as a Service) vs CLaaS (Clusters as a Service), how "shifting left" can determine if you can outsource, centralized vs distributed CI/CD and how containers play a role, transforming your pets into cattle, how giant whale balloons are used for onboarding, and a prescriptive and comprehensive methodology for successfully deploying containers into your enterprise.
This document discusses strategies for modernizing applications and moving workloads to Kubernetes and container platforms like Pivotal Container Service (PKS). It recommends identifying candidate applications using buckets based on factors like programming language, dependencies, and access to source code. It outlines assessing applications' business value and technical quality using Gartner's TIME methodology to prioritize efforts. The document provides an overview of PKS and how it can provide benefits like increased speed, stability, scalability and cost savings. It recommends starting projects by pushing a few applications to production on PKS to measure ROI metrics.
This document discusses strategies for modernizing applications and moving workloads to Kubernetes and container platforms like Pivotal Container Service (PKS). It recommends identifying candidate applications using buckets based on factors like programming language, dependencies, and access to source code. It outlines assessing applications' business value and technical quality using Gartner's TIME methodology to prioritize efforts. The document provides an overview of PKS and how it can provide benefits like increased speed, security, scalability and cost savings. It recommends starting projects by pushing a few applications to production on PKS to measure ROI metrics.
Agile & DevOps - It's all about project successAdam Stephensen
The document provides information on DevOps practices and tools from Microsoft. It discusses how DevOps enables continuous delivery of value through integrating people, processes, and tools. Benefits of DevOps include more frequent and stable releases, lower change failure rates, and empowered development teams. The document provides examples of DevOps scenarios and recommends discussing solutions and migration plans with Microsoft.
Platform governance, gestire un ecosistema di microservizi a livello enterpriseGiulio Roggero
A livello enterprise, le moderne architetture distribuite coinvolgono molti team differenti, centinaia di sviluppatori e operations e migliaia microservizi ed API in produzione. Come si può gestire questa
e o
un'esplosione di costi e preservando il time-to-market?
Automated software modernisation is the best solution that is fast, low cost, preserves legacy value and is less risky by comparison to the traditional methodology of a re-write or replacement by packaged ERP. Object Management Groups (OMGs) Model Driven Architecture (MDA) methodology provides an automated model-driven reverse engineering and forward engineering process called Architecture Driven Modernisation (ADM) which has already been successfully adopted by a variety of high profile organisations such as Boeing, U.S. Air Force, Raytheon, EDS, Thales (European Aerospace) and numerous governments worldwide.
WORPCLOUD LTD is focused on being an Automated Software Modernisation Expert. We use OMG compliant tools and parsing techniques to extract all system information, business semantics and software artifacts into an XML repository called the Abstract Syntax Tree Metamodel. Next we use MDAs automated transformation procedures to generate new source code of your choice. Manual architecting of the target system are also performed before the transformation thus ensuring; speed, low cost and accuracy of the automated process combined with the flexibility & insight of human analysis.
Research reveals that application modernisation and migration budgets are currently very strong, covering between 25% to 71% of most companies IT budgets in 2013/2014. This clearly indicates that application modernisation is one of the most significant issues affecting companies – due to high software maintenance costs, low business flexibility and crippled integration and interoperability. Software modernisation is the sole remedy for these problems and your organisation can make huge savings by modernising.
Automated software modernisation is the best solution that is fast, low cost, preserves legacy value and is less risky by comparison to the traditional methodology of a re-write or replacement by packaged ERP. Object Management Groups (OMGs) Model Driven Architecture (MDA) methodology provides an automated model-driven reverse engineering and forward engineering process called Architecture Driven Modernisation (ADM) which has already been successfully adopted by a variety of high profile organisations such as Boeing, U.S. Air Force, Raytheon, EDS, Thales (European Aerospace) and numerous governments worldwide.
WORPCLOUD LTD is focused on being an Automated Software Modernisation Expert. We use OMG compliant tools and parsing techniques to extract all system information, business semantics and software artifacts into an XML repository called the Abstract Syntax Tree Metamodel. Next we use MDAs automated transformation procedures to generate new source code of your choice. Manual architecting of the target system are also performed before the transformation thus ensuring; speed, low cost and accuracy of the automated process combined with the flexibility & insight of human analysis.
Research reveals that application modernisation and migration budgets are currently very strong, covering between 25% to 71% of most companies IT budgets in 2013/2014. This clearly indicates that application modernisation is one of the most significant issues affecting companies – due to high software maintenance costs, low business flexibility and crippled integration and interoperability. Software modernisation is the sole remedy for these problems and your organisation can make huge savings by modernising.
This document discusses improving developer experience through a developer portal. It outlines some common developer pain points such as lack of standardization and visibility. A developer portal can help address these issues by providing easy access to services, standardized configurations, and visibility into operations. The document then introduces SCB TechX's Self-Service Portal, which aims to enable product teams to quickly ship code securely through automation and best practices for operations and security.
Tarun Prakash Singh is a senior system engineer with over 2 years of experience in IT. He has expertise in Adobe Experience Manager (AEM) and has worked on projects for AT&T including their BrandCenter, Cricket, SNR, and Copyright applications. His responsibilities included AEM administration, development, testing, and troubleshooting. He is proficient in technologies such as Java, Linux, HTML, CSS, and databases like MongoDB. He holds a B.Tech in Computer Engineering and is looking for new opportunities to utilize his skills and contribute to an organization.
DCEU 18: How To Build Your Containerization StrategyDocker, Inc.
Lee Namba - EMEA Professional Services Manager, Docker
The Docker Enterprise container platform helps organizations deploy and manage applications faster and it secures the application pipeline at a lower cost than traditional application delivery models. But it takes more than just great technology to achieve the desired results. The organization and culture of your enterprise directly impacts what you transform, how it’s done, and who does it. Success requires a strategy for how you will govern the container platform environment, how to assess your application estate, what your delivery pipeline will look like, and how to ensure developers, operators, security teams and others play nicely together. In this talk I will cover topics such as different types of workloads (legacy, microservices, FaaS, big data and more), how your org chart can influence whether you deploy CaaS (Containers as a Service) vs CLaaS (Clusters as a Service), how "shifting left" can determine if you can outsource, centralized vs distributed CI/CD and how containers play a role, transforming your pets into cattle, how giant whale balloons are used for onboarding, and a prescriptive and comprehensive methodology for successfully deploying containers into your enterprise.
A Software Factory Integrating Rational & WebSphere Toolsghodgkinson
The document discusses how a large automotive retailer integrated Rational Software Architect, WebSphere Message Broker, and Rational Team Concert into a software factory to develop an integration layer between a new point of sale system and SAP backend. Key challenges included a multi-vendor global team and parallel development of UI, integration, and backend layers. The software factory employed model-driven development, continuous integration, and practices like architectural modeling in UML, automated WSDL generation, tracking work items and impediments, and collaborative configuration management to help coordinate distributed development and integrate results.
DevOps methodology is now much easier than ever before With this, the industry has not only gotten rid of the rigidity that existed between the teams that took part in the development lifecycle but also the ways in which the DevOps way of Software Development can be inculcated into the project streams.
Similar to Breaking the 2 Pizza Paradox with your Platform as an Application (20)
1) The document discusses Accenture's DevOps capability group and their focus on DevOps transformations with clients. It describes how the group is embedded in wider client delivery and support within Accenture.
2) The group aims to scale DevOps adoption by starting small with continuous delivery pipelines and then expanding automation and sharing successes enterprise-wide.
3) The group provides services like training, consultancy, tools, and platforms to help clients replicate successes and improve DevOps capabilities over time.
Config Management Camp 2017 - If it moves, give it a pipelineMark Rendell
A talk dedicated to improving the quality of infrastructure code using free open source software. We used to say "if it moves, lock it down in version control" and then the concept of a Continuous Delivery pipeline came along and the advice progressed to "if it moves, lock it down in version control and build a Continuous Delivery pipeline to test and release every change continuously". This advice is still more commonly followed in application code than infrastructure and platform code. I will talk about how we have seasoned this dogfood by making CD of infrastructure code easier. The solution “ADOP” is free and open source and currently makes building a pipeline for a Chef Cookbook, Ansible Playbook or Docker image almost trivial. I will describe and demo the solution including how to adopt it, where I think it is going next, and how valuable we have found it.
http://cfgmgmtcamp.eu/schedule/testing/mark-rendell.html
This document discusses overcoming impediments to continuous delivery. It identifies key impediments as people, infrastructure, software products, and complexity. The document emphasizes establishing configuration management, treating infrastructure as code, and automating delivery pipelines to enable continuous delivery. Integrated pipelines that bring together CI and integration testing are recommended to help overcome impediments.
An ignite sticking up for DevOps teams and asking for them not to be written off completely. Originally presented at DevOps Days 2014 London. Dates back to 2014: https://vimeo.com/79377205
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Climate Impact of Software Testing at Nordic Testing Days
Breaking the 2 Pizza Paradox with your Platform as an Application
1. Breaking the 2 Pizza Paradox with
your Platform as a Application
Mark Rendell
mark.rendell@accenture.com
@markosrendell
http://markosrendell.wordpress.com
2. Day Job
“Develop and Operate Platforms optimised for rapid delivery”
A globally networked pool of resources providing
projects the option to have key areas of their DevOps
delivered as a service. By emphasising Continuous
Delivery, we are able to vastly improve your Software
Delivery Lifecycle at all each stages including
Transformation, Mobilisation and Assessment
Software Configuration Management
Release Management
Environment Management
We can…
1. Take a project from a standing-start to a working Development
and Tools infrastructure in days
2. Increase Agility by using our pioneering methods for Continuous
Delivery
3. Increase productivity and predictability through fully automated
environments
4. Reduce Cost by using proven processes and
expertise to reduce errors and downtime
Build & Deploy Automation
Continuous Delivery
Tools
5. Increase quality and efficiency
Infrastructure as code
CloudPaaS
DCSC
@markosrendell
12. Idea
Value
Idea Plan Develop Package Deploy Test Release Operate
Problem Space
Content Management System
Portal
ERP System
CRM System
@markosrendell
14. Idea Plan Develop Package Deploy Test Release Operate
@markosrendell
Enterprise
Architects
Project Rel 1 Team
Project
Rel. 2
Team
Legacy
System
Operations
Team
Legacy System App
Maint, Team
Server and
Storage
Team
Networks
Team
DBA Team
UI Design
Team
Project
Rel. 3
Team
Enterprise Systems
Dev Team
SysAdmin Team
16. Enterprise
Architects
Project Rel 1 Team
Project
Rel. 2
Team
Legacy
System
Operations
Team
Legacy System App
Maint, Team
Server and
Storage
Team
Networks
Team
DBA Team
UI Design
Team
Project
Rel. 3
Team
Enterprise Systems
Dev Team
SysAdmin Team
Idea Plan Develop Package Deploy Test Release Operate
@markosrendell
Content Management System
Portal
ERP System
CRM System
17. Enterprise
Architects
Project Rel 1 Team
Project
Rel. 2
Team
Legacy
System
Operations
Team
Legacy System App
Maint, Team
Server and
Storage
Team
Networks
Team
DBA Team
UI Design
Team
Project
Rel. 3
Team
Enterprise Systems
Dev Team
SysAdmin Team
Idea Plan Develop Package Deploy Test Release Operate
Content Management System
Portal
ERP System
CRM System
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
@markosrendell
18. Idea Plan Develop Package Deploy Test Release Operate
Enterprise
Architects
Project Rel 1 Team
Project
Rel. 2
Team
Legacy
System
Operations
Team
Legacy System App
Maint, Team
Server and
Storage
Team
Networks
Team
DBA Team
UI Design
Team
Project
Rel. 3
Team
Enterprise Systems
Dev Team
SysAdmin Team
Content Management System
Portal
ERP System
CRM System
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
@markosrendell
Services
Development and Operations Team
Development and Operations Team
Development and Operations Team
19. DevOps definition (of the moment):
Organising for throughput by
forming teams that both
Develop and Operate
Products end-to-end
@markosrendell
20. Enterprise
Architects
Project Rel 1 Team
Project
Rel. 2
Team
Legacy
System
Operations
Team
Legacy System App
Maint, Team
Server and
Storage
Team
Networks
Team
DBA Team
UI Design
Team
Project
Rel. 3
Team
Enterprise Systems
Dev Team
SysAdmin Team
Idea Plan Develop Package Deploy Test Release Operate
SysAdmin Team
Content Management System
Portal
ERP System
CRM System
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Legacy
System
Operations
Team
Networks
Team
DBA Team
@markosrendell
Server and
Storage
Team
SysAdmin Team
Services
21. Enterprise
Architects
Project Rel 1 Team
Project
Rel. 2
Team
Legacy
System
Operations
Team
Legacy System App
Maint, Team
Server and
Storage
Team
Networks
Team
DBA Team
UI Design
Team
Project
Rel. 3
Team
Enterprise Systems
Dev Team
SysAdmin Team
Content Management System
Portal
ERP System
CRM System
Idea Plan Develop Package Deploy Test Release Operate
Services
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Platform Application
@markosrendell
23. Idea Plan Develop Package Deploy Test Release Operate
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Development and Operations Team
Content Management System
Portal
ERP System
CRM System
Platform
Development and Operations Team
@markosrendell
26. Engineered
Sonar Code
Analysis
Run Unit Tests
Package
Committer: jdoe
Story:25
Commit ID: 113
https://github.com/bbatsov/rubocop
http://rspec.info/
Platform data
centre
Dev/Test data
centre
Prod data centre
Create
Platform
Test Platform
Create
Platform
Test Platform
Create
Platform
Test Platform
@markosrendell
27. Platform and basic infra automation >
Virtual Private Cloud
Networks
Virtual Machines
Re-creatable
@markosrendell
30. Business Applications
Security model
Deployment architecture
Logical environment separation
Third Party Installations
Platform Infrastructure orchestration
Basic Infrastructure orchestration
Hardware management
Interface
Opinions
Business Applications
Platform Interface (Opinions)
@markosrendell
31. Release Manageable
Sonar Code
Analysis
Run Unit Tests
Package
Committer:
jdoe
Story:25
Commit ID: 113
Platform data centre Dev/Test data centre Prod data centre
Create Platform Test Platform Create Platform Test Platform Create Platform Test Platform
@markosrendell
32. Integration Tested
@markosrendell
Whole Solution
Version: 46
Website
Version: 12
Order
Service
Version: 1.0.2.12
Email
Service
Version: 1.0.0.3
Payment
Service
Version: 1.2.0.23
Deployment
tools
Version: 1.2.3.2
Platform
Version: 83
Cloud
Foundry
Version: 23
MySQL
Version: 12
Cassandra
Version: 24
RabbitMQ
Version: 12
Infrastructure
Version: 19
33. Platform data centre: v1.3.9
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Platform
Proddatacentre:v1.3.9
Nonproddatacentre:v1.3.9
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
PT env deploy Run Tech Tests
Production
deploy
PT env deploy Run Tech Tests
Production
deploy
PT env deploy Run Tech Tests
Production
deploy
PT env deploy Run Tech Tests
Production
deploy
@markosrendell
Integration Tested
34. Proddatacentre:v1.3.9
Nonproddatacentre:v1.3.9
Platform data centre: v1.4.4
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Platform
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
PT env deploy Run Tech Tests
CT env
deploy
Production
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
PT env deploy Run Tech Tests
CT env
deploy
Production
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
PT env deploy Run Tech Tests
CT env
deploy
Production
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
PT env deploy Run Tech Tests
CT env
deploy
Production
deploy
Check
in
@markosrendell
Integration Tested
35. Proddatacentre:v1.3.9
Nonproddatacentre:v1.4.4
Platform data centre: v1.4.4
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Platform
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
@markosrendell
Integration Tested
36. Proddatacentre:v1.3.9Proddatacentre:v1.4.4
Nonproddatacentre:v1.4.4
Platform data centre: v1.4.4
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Compile
and package
Unit Tests
Platform env
deploy
Monitoring testsCheck
in
Platform PT env deploy Run Tech Tests
Production
deploy
PT env deploy Run Tech Tests
Production
deploy
PT env deploy Run Tech Tests
Production
deploy
PT env deploy Run Tech Tests
Production
deploy
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
Compile
and package
Static Code
Analysis
Unit Tests
Run Functional
Tests
Run Security
Tests
CT env
deploy
Check
in
@markosrendell
Integration Tested
38. Develop and Operate Platforms
optimised for rapid delivery
A globally networked pool of resources providing
projects the option to have key areas of their DevOps
delivered as a service. By emphasising Continuous
Delivery, we are able to vastly improve your Software
Delivery Lifecycle at all each stages including
Transformation, Mobilisation and Assessment
Software Configuration Management
Release Management
Environment Management
We can…
1. Take a project from a standing-start to a working Development
and Tools infrastructure in days
2. Increase Agility by using our pioneering methods for Continuous
Delivery
3. Increase productivity and predictability through fully automated
environments
4. Reduce Cost by using proven processes and
expertise to reduce errors and downtime
Build & Deploy Automation
Continuous Delivery
Tools
5. Increase quality and efficiency
Infrastructure as code
CloudPaaS
DCSC
@markosrendell@markosrendell
39. Insurer
Enterprise Scale is Heterogeneous
Bank Retailer
Government
Service
Government
Service
Cloud
Broker
Retailer
Retailer
Retailer
Energy Provider
Energy
Provider
@markosrendell
Trading Platform
41. Platform
Development and
Operations Team
Platform
Development and
Operations Team
Platform
Development and
Operations Team
Platform
Development and
Operations Team
Platform
Development and
Operations TeamPlatform
Development and
OperationsTeam
Platform
Development and
Operations Team
Platform
Development and
Operations Team
Platform
Development and
Operations Team
Platform
Development and
Operations Team Platform
Development and
Operations Team
Platform
Development and
Operations Team
@markosrendell
Insurer
Bank Retailer
Government
Service
Government
Service
Cloud
Broker
Retailer
Retailer
Retailer
Energy Provider
Energy
Provider
Trading Platform
Divide and deliver
44. Sharing over shared
Platform
Development and
Operations Team
Shared Tools Service
@markosrendell
Insurer
Bank Retailer
Government
Service
Government
Service
Cloud
Broker
Retailer
Retailer
Retailer
Energy Provider
Trading
Platform
Energy
Provider
48. “Top 5 Takeaways”
@markosrendell
1. Optimise for throughput not efficiency
2. Build end to end teams
3. Treat the platform as an application
4. Implement Continuous Delivery for
your platform and via your platform
5. Lower the barrier to adoption
49. What I’m looking for help with
@markosrendell
• Collaboration on our forthcoming DevOps
Platform open source project
• More sharing of:
• Platform opinions
• How to subdivide big platforms into smaller components
• Successes doing this
The benefits treating your Platform as an Application
Work for Accenture and have the absolute pleasure of
running a team of around 180 people who are all heavily into DevOps P
We work on 10s engagements,
Which means 100s of environments,
and thousands of git repos
and maybe 10s of thousands of Jenkins jobs and monitoring checks P
More about my team later when I talk about putting my theories into practice
I’m gonna start with what I think we are trying to achieve with DevOps
The simplest way I can think about our objective is as follows:
Someone has an idea.
They need to get it implemented and in front of customers so that as soon a possible
If the idea is good the business will start generating more value P
If not, well at least we learnt quickly
If that change involves an IT system, we’re interested in helping make this as easy as possible P
I think it’s an earned indulgence that if you are presenting on DevOps, you get to add a definition to the mix.
Right now, I’m going for this:
<click>
We value enhancing IT System to meet the business’ needs
over
IT operating efficiency P
So it’s all about throughput of change. P
I’m not saying we aren’t conscious of costs, of course we are
But we need to be very up front that DevOps is not about replacing the IT folk with automation and building a factory of robots,
It does seem to have been a bit of a popular idea lately that the robots are coming for our jobs…
No. DevOps, is about making IT within an organisation, and hence the business better.
So why might improving throughput be so hard? P
We all know how to draw a diagram of DevOps
Draw two circles and you are halfway there P
You’ll note I’ve drawn on a few typical enterprise systems – a Portal, an ERP system, a CRM systems, standard stuff.
Both teams interact with these systems in different ways…
And neither team interacts well with each other P
So is this what DevOps looks like in an enterprise? P
Well actually… No… Absolutely not!
I have never seen anything this simple
This looks lovely
This is a far more typical example
A nightmare of lots of teams, everywhere!
This was from somewhere I worked several years back.
I drew this slide a week ago and I still keep on remembering more teams. P
Far from a one development team, there were at least 5 teams, some working on the same code just targeting different releases P
And far from one IT Ops team,
there was a Server team, the DBAs,
the SysAdmins (actually one team for Windows, one for Linux – don’t put those guys together… P
I believe this is far closer to the organisation structure that most enterprises have to consider when looking at to increase throughput P
So why don’t we just do this…
Try building a massive team? P
Obviously this is just unrealistic
Inevitably a team of this scale would be unmanageable,
it will subdivide
and organisational muscle memory would restore things to exactly how they were P
Beside which, not only giant teams, but large teams are it generally considered quite bad.
For example Jeff Bezos from Amazon is reported to recommend teams that can all be fed with two pizzas. P
When I quote this, it always provokes a great discussion about how many people that actually means.
There’s always at least one person who claims they could eat 2 pizzas to them self.
But anyway, it’s designed to mean that teams should not be bigger than 6-8 people. P
How in a big enterprise, do you create end-to-end teams to deliver high throughput complex IT
without the side effect of large teams?
This is what I call: “The Two Pizza Paradox.” P
Einstein is reported to have said:
“If I had an hour to solve a problem I'd spend 55 minutes thinking about the problem and 5 minutes thinking about solutions.”
Well I’m not claiming to be Einstein and we don’t have an hour.
So let’s spend a couple of minutes visualising the problem space P
<click>
This is a simple abstraction of the end to end software lifecycle
And our problem is getting working solutions through this end-to-end P
<click>
And let’s not forget that we have a lot of systems that may be impacted by the change
This list is definitely too short for most enterprises and I’d expect far more systems
Now traditionally what do we do with our people? P
Especially in operations, we group them by skillset.
Let’s put the database experts in a DBA team
Let’s group the systems administrators (don’t mix Windows and Linux)
Let’s put the Java developers over there
The testers over there
It’s really a lot more like we’re organising a zoo. P
And with a zoo you certainly aren’t thinking about getting the animals to collaborate towards a common goal P
No when you organise a zoo, you are trying to stop animals eating each other, Or worse eating people! P
The zoo metaphor goes even further for me because ironically zoos necessarily a great environment for nature to thrive in
If you think about a rainforest there is an amazing thriving autonomous ecosystem
filled with incredible symbiotic relationships P
Zoos take a lot of money and micro management just to keep running.
Let’s think back to traditional teams P
They are literally scattered over the process we are trying to optimise
I haven’t even tried to draw lines of communication on here
Conway would have a field day
So what can we do?
Well I think we have to rethink our lines of division
And we have to go back to prioritising our products.
<click>
These are the things we need to optimise for
There are what we need to protect end to end.
So let’s create end to end teams to develop and operate products. P
Each product now just has one owning team primality concerned with it’s welfare and hence their ability to evolve it as fast as the business needs,
Now to keep team sizes down, we may well need to decompose products
And the logical conclusion here is implementing a microservices architecture…
Valuable and trendy!
I feel another DevOps definition coming on…
DevOps means Organising for throughput by
forming teams that both
Develop and Operate
Products end-to-end
So I think re-interpreting the name puts us on a pretty good path.
So this approach has a lot of promise for applications
But what about these guys …
<click>
The problem with this approach is that it doesn’t necessarily improve the quality of our platform
and these typical very technical, traditionally operations concerns P
We could consider trying to embed them also into the end to end application teams
But in reality that is going to cause those teams to get too big.
And it is also likely to lead to duplication and potentially un-necessary complexity and fragmentation. P
So let’s recognise that the platform is also a first class product P
It will also benefit from an end to end team
And potentially we now have a new approach and a new mind-set for something that has traditionally been
very hard to define and had ownership shared by lots of teams,
And we have a way to tackle something I think is almost always the greatest constraint to throughput
So let’s define a platform application
Essentially it is the thing on which everything else is run <click>
Everything else could be called your business applications
I think so platform-centrically, I think of them as guest applications
So what does a platform need to do, to provide this service?
Well it’s all an exercise of abstracting away un-necessary detail
Or if you like encapsulating complexity.
<click> Firstly it needs to be the only thing aware of hardware
and we need to ensure that we have full programmatic access to control that.
Now both of these are taken care of for you if you use Infrastructure as a service (or IaaS) – which I highly recommend
<click> Next we need to recognise the need to support high-availability, auto recovery and auto-scaling. Essentially we need the platform to have inbuilt logic for handling failure and a dynamic workload.
<click>We need to handle installation and configuration of all software that sits on top of the operating system, but below the business applications, so this could be a MySQL installation, or RabbitMQ etc.
<click>Next we need a strategy for producing different test environments. A good platform application will have a well defined approach for easily creating, re-creating and deleting environments – and needs to be self service
<click>A great platform application will also take care of supporting easy deployments of the business applications onto it – it needs to be very easy to use.
<click>Finally like all applications, security and in particular role based access control is an essential concern. For an application as powerful as this we need to be able to control it’s use. P
So if we use a model like this, we can start to recognise the logical product that we have to work on.
The great thing about defining your platform as an application is that it suddenly has a lot more in common with the other applications
<click>
All components need to be developed and supported and owned end to end
All teams are essentially doing the same process:
Controlling scope, developing code, testing it,
managing dependencies with other applications
releasing it,
ideally doing Continuous Delivery
So could you just use a public PaaS?
If you can find one the with features and terms and conditions that suit your needs then it’s a real option.
Personally I haven’t seen that many enterprises doing this
SaaS yes, IaaS increasingly, PaaS no.
Overall I think really the most important question should be:
– is your platform part of your business differentiation?
If so you are going to have to build it.
As a believer in platforms, I think generally it is worth self-managing
Just like business applications for example a CRM system, with a platform you also have the option to build or buy off the shelf
P
Having spent many years battling COTS products and trying to do build and deployment automation with them… I have a learnt preference to build
P
Having said that, we built a platform for a UK public service and used community cloud foundry and it worked out very well
So to explore the idea a little further I’m going to go through a number of things you do with a good platform application
The first is that you need to engineer it like any other application.
This means building one or more Continuous Delivery pipelines
The normal rules apply
Start with everything in version control,
have some static code analysis
Have some run time tests
Deploy and run an instance
And run your tests continuously
For the case of the platform the good thing is that there is already standard practice for this – called monitoring!
You must be able to recreate the platform from scratch
I think it was Martin Fowler who first compared rebuilding a data centre from scratch as being like a phoenix bird rising from the ashes
In my team we like to treat phoenix as a verb.
“When did we last phoenix the platform instance.?”
And this really should mean everything
The network and base servers
The Third Party Installations and configuration
And all of the application code, configuration and base data deployment
All applications need a interface to let other applications know how to work with them and the platform is no different.
These are often called platform opinions P
In the case of platform applications, the interfaces tells business applications what they need to do so that they can be hosted. P
Typical opinions might be views on how and where to log
What package format you need to produce so that you application can be deployed
How you application consumes configuration values
The 12 Factor App is a great example of this
Very clearly written and very easy to find P
When you have strong platform opinions, I think the old adage “good boundaries make good neighbours” fits very nicely. P
If we’ve defined an interface or set of opinions for out platform we have to recognise that change is inevitable.
So we need a clear approach to releasing new versions of our platform application. P
Semantic versioning is a release version naming standard
where the numbers reflect the compatibility of the release relative to earlier releases.
I think it can nicely be applied to platforms as well.
There are three levels of change and very simple interpretation would be:
A minor means minimal testing,
a medium release means testing is required
and a major release means application re-work is probably required. P
It’s great to have a very clear, standardised, visible way of demonstrating that something in the underlying infrastructure has changed.
And once we recognise that our platform application changes, we need to support testing the integration of the upgraded platform with other systems.
This is the component breakdown structure from a recent project I was working on
The platform components are over on the right.
In this case our platform application was an extended version of cloud foundry.
We started by building our own “platform development” instance of the platform.
We built pipelines for those components and when we were confident, we created an instance for people to test their applications in
Once they were happy we could build an instance for production and they could start releasing code
Whenever we needed to update our platform application, we needed to agree the upgrade of the non-production instance
And after we’d upgraded that, we couldn’t release to production until
Production was also upgraded
So let’s talk about this in practice
I mentioned earlier that I run a team of people into DevOps, but I wasn’t much more specific than that.
What we actually consider ourselves to do is:
Operate like a very accommodating in house platform-as-a-service (or Paas) provider.
So we develop and operate tools and automated environments as a service
with a focus on maximising the agility and predictability of our customer’s delivery.
And is an approach that I think will work for others.
By accommodating, I mean that within reason, we will produce a platform to support whatever is requested
If someone needs a platform that supports Hybris, We say yes
Java? Yes
Adobe Experience Manager? Yes
Websphere Commerce Server? Ye-es
You get the picture …
So in my job, Enterprise scale looks a little bit like this.
I’ve got 10s of projects to support
Each wanting a platform where they can release rapidly
So a fairly heterogeneous landscape, but nothing wildly more complicated than I believe many enterprises have to contend with
So I need to keep things small and simple
We divide up the problem
Each engagement gets it’s own team and they have their own platform application to develop and operate
And of course they get their own pizzas
The team is responsible end-to-end for their platform application
And primarily concerned with the throughput that the platform supports
And hence their impact on the performance of the business they support
So we just keep repeating that pattern
And if we find we have a really big platform.
And people are going hungry (not enough pizza)
We divide things up again
We need to decompose the platform into smaller components
Usually dividing according to groups of hosted business applications
And build teams around those
We do have room for some shared services
So for example we have a tools platform that services multiple clients
- but not all.
Our emphasis is on promoting the act of sharing ideas, techniques and software i.e. tools and scripts
over trying to get everyone into a multi tenancy solution which might enforce choices or constraints they don’t need.
One of the biggest keys to establishing continuous delivery as a way of working
is lowering as far as possible the barrier to adopting tools and automation
If getting started is takes a lengthy tool assessment process, procurement, installation, configuration,
Engagements may run away and be forging manual habits before you know it.
We’ve tackled this by basically automating to the extreme spinning up tools and reference implementations.
In fact we’ve got it down to 10 minutes to go from nothing to all of these tools pre-configured and usable.
Leaving use to focus on the environments.
We call this our DevOps platform (partly because with a name like that – who could not want it)
And we’re hoping to open source it fairly soon.
And when we need to get started for a particular technology for example:
Mule ESB, Or NodeJS, Or Hybris
We have a concept of bootstraps P
Far from being just designs or reference architectures, they are effectively plugins to the platform that enable us to add:
the means to create the environments,
example code,
and example continuous delivery jobs for a particular technology.
So when one exists, we re-use and extend it and if not, we build it.
It’s far easier for people to see and experience what good looks like rather than stare at a representation of it on a page.
So it’s very key to us that we make everything as easy to re-use as possible.
However, no-one is forced to use anything for example Git and Jenkins,
I’ve found people are far more motivated if you empower them to make the right choices for themselves
And I think even more motivated if they know others are going to be interested in reusing their work.
So this has the effect that unofficial or rather unenforced standards do start to emerge.
And we continuously improve organically.
So my key takeaways are as follows
(no pizza pun intended)
Optimise for throughput not efficiency – I do see people talking about efficiency through automation still and as a movement I think we need to defend against that logic
Build end to end teams – I really see no better re-interpretation of the word DevOps than saying that team should develop and operate things.
Treat the platform as an application – I think I’ve said enough about that
Implement Continuous Delivery for your platform and via your platform – i.e. eat your own dog food (and wash it down with your own champagne)
5. Lower the barrier to adoption – DevOps is hard, I’m a firm believer in starting small and avoiding anything that just can be avoided
And here is where I’d like help
Firstly
It’s a little early for me to ask, but when you see our DevOps platform open source project launched, please take a look
Secondly if you are working with platform applications please share more with the community.
For example documenting your own platform opinions or version of the 12 factor app
Documenting how you’ve decomposed a big platform application into smaller concerns
And finally show off, if this is working for you don’t take it for granted, please spread the word.
So this takes me to the end
I hope I’ve inspired you to think a little differently about platform applications
And some of you will be interested to try some of this at home
Thanks very much for listening!