Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
The Kubernetes API provides a number of proven patterns to build distributed systems. More and more 3rd-party components are built on-top of Kubernetes and these patterns, providing their own resources stored in the cluster. In this presentation we will discuss CustomResourcesDefinitions and how they can extend the Kubernetes API in a quasi-native way. We look at the features, limits and their future.
Kubernetes is fast becoming the operating system for the Cloud and brings a ubiquity that has the potential for massive benefits for technology organizations. Applications/Microservices are moved to orchestration tools like Kubernetes to leverage features like horizontal autoscaling, fault tolerance, CICD, and more. Apache Solr is an open-source search engine platform built on an Apache Lucene library. It offers Apache Lucene's search capabilities in a user-friendly way. Lucidworks runs over a thousand distributed-mode Apache Solr Clusters spread across several machines for a plethora of use-cases around Search and Analytics. The traffic demands a massive scale which creates scenarios of in-depth micro-management like operating systems upgrade, scaling cluster dynamically, etc, affecting the overall search experience. This talk is focussed on the journey taken by Lucidworks on addressing scaling clusters horizontally and vertically, on the basis of query traffic load, data ingestion throughput or any other relevant metrics by extending capabilities of Kubernetes and Apache Solr to achieve true physical and logical autoscaling, satisfying modern era SLAs and infrastructure cost. The talk concludes with how the solution adopted opens up the future scope of fine-grained scaling of search clusters.
Wouldn't it be great for a new developer on your team to have their dev environment totally set up on their first day? What about having your CI tests running in the background while you work on new features? What about having the confidence that your dev environment mirrors testing and prod? Containers enable this to become reality, along with other great benefits like keeping dependencies nice and tidy and making packaged code easier to share. Come learn about the ways containers can help you build and ship software easily.
- Archeology: before and without Kubernetes
- Deployment: kube-up, DCOS, GKE
- Core Architecture: the apiserver, the kubelet and the scheduler
- Compute Model: the pod, the service and the controller
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
The Kubernetes API provides a number of proven patterns to build distributed systems. More and more 3rd-party components are built on-top of Kubernetes and these patterns, providing their own resources stored in the cluster. In this presentation we will discuss CustomResourcesDefinitions and how they can extend the Kubernetes API in a quasi-native way. We look at the features, limits and their future.
Kubernetes is fast becoming the operating system for the Cloud and brings a ubiquity that has the potential for massive benefits for technology organizations. Applications/Microservices are moved to orchestration tools like Kubernetes to leverage features like horizontal autoscaling, fault tolerance, CICD, and more. Apache Solr is an open-source search engine platform built on an Apache Lucene library. It offers Apache Lucene's search capabilities in a user-friendly way. Lucidworks runs over a thousand distributed-mode Apache Solr Clusters spread across several machines for a plethora of use-cases around Search and Analytics. The traffic demands a massive scale which creates scenarios of in-depth micro-management like operating systems upgrade, scaling cluster dynamically, etc, affecting the overall search experience. This talk is focussed on the journey taken by Lucidworks on addressing scaling clusters horizontally and vertically, on the basis of query traffic load, data ingestion throughput or any other relevant metrics by extending capabilities of Kubernetes and Apache Solr to achieve true physical and logical autoscaling, satisfying modern era SLAs and infrastructure cost. The talk concludes with how the solution adopted opens up the future scope of fine-grained scaling of search clusters.
Wouldn't it be great for a new developer on your team to have their dev environment totally set up on their first day? What about having your CI tests running in the background while you work on new features? What about having the confidence that your dev environment mirrors testing and prod? Containers enable this to become reality, along with other great benefits like keeping dependencies nice and tidy and making packaged code easier to share. Come learn about the ways containers can help you build and ship software easily.
- Archeology: before and without Kubernetes
- Deployment: kube-up, DCOS, GKE
- Core Architecture: the apiserver, the kubelet and the scheduler
- Compute Model: the pod, the service and the controller
DevoxxFR 2015 Talk http://cfp.devoxx.fr/2015/talk/WXY-1157/Scaling_Docker_with_Kubernetes
Kubernetes is an open source project to manage a cluster of Linux containers as a single system, managing and running Docker containers across multiple Docker hosts, offering co-location of containers, service discovery and replication control. It was started by Google and now it is supported by Microsoft, RedHat, IBM and Docker Inc amongst others.
Once you are using Docker containers the next question is how to scale and start containers across multiple Docker hosts, balancing the containers across them. Kubernetes also adds a higher level API to define how containers are logically grouped, allowing to define pools of containers, load balancing and affinity.
Kube Overview and Kube Conformance Certification OpenSource101 RaleighBrad Topol
This is my Introduction to Kubernetes and Overview of the Kubernetes Conformance Certification Program talk presented at OpenSource101 Raleigh on Feb 17, 2018
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsIT Arena
Philipp lives to demo interesting technology. Having worked as a web, infrastructure, and database engineer for over ten years, Philipp is now working as a developer advocate at Elastic — the company behind the open-source Elastic Stack consisting of Elasticsearch, Kibana, Beats, and Logstash. Based in Vienna, Austria, he is constantly traveling Europe and beyond to speak and discuss open-source software, search, databases, infrastructure, and security.
Speech overview:
“Containers are the new ZIP format to distribute software” is a fitting description of today’s development world. However, it is not always that easy and this talk highlights the development of Elastic’s container strategy over time:
Docker images: A new distribution model.
Docker Compose: Local demos and a little more.
Helm Chart: Going from demo to production.
Kubernetes Operator: Full control with upgrades, scaling,…
Besides the strategy, we are also discussing specific technical details and hurdles that appeared during the development. Or why the future will be a combination of Helm Chart and Operator (for now).
Containers, cluster management, microservices, Kubernetes and many other buzzwords are flying around us all the time. Our team is building solutions that make it easy to cope with all the complexity around cluster infrastructure. In this talk we present the project we are working on, namely running Kubernetes on top of the Mesos cluster scheduler. Furthermore we show DCOS which makes it easy to deploy and run Kubernetes with a single command.
Kubernetes Architecture - beyond a black box - Part 2Hao H. Zhang
This continues the Kubernetes architecture deep dive series. (Part 1 see https://www.slideshare.net/harryzhang735/kubernetes-beyond-a-black-box-part-1)
In Part 2 I'm going to cover the following:
- Kubernetes's 3 most import design choices: Micro-service Choreography, Level-Triggered Control, Generalized Workload and Centralized Controller
- Default scheduler limitation and community's next step
- Interface to production environment
- Workload abstraction: strength and limitations
This concludes my work and knowledge sharing about Kubernetes.
XP Days Ukraine 2015 Talk http://xpdays.com.ua/programs/scaling-docker-with-kubernetes/
Kubernetes is an open source project to manage a cluster of Linux containers as a single system, managing and running Docker containers across multiple Docker hosts, offering co-location of containers, service discovery and replication control. It was started by Google and now it is supported by Microsoft, RedHat, IBM and Docker Inc amongst others.
Once you are using Docker containers the next question is how to scale and start containers across multiple Docker hosts, balancing the containers across them. Kubernetes also adds a higher level API to define how containers are logically grouped, allowing to define pools of containers, load balancing and affinity.
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinQiming Teng
This is a talk from the Austin OpenStack summit. It demonstrates how a resilient, elastic and load-balanced cluster can be deployed using senlin, heat, ceilometer, lbaas v2, nova.
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleAlessandro Gallotta
Microservices and containers are revolutionizing the way we deploy applications and maintain infrastructure. But as many have found containers still have a key problem: monitoring and troubleshooting them can be impractical, painful, and sometimes impossible. With the rise of microservice based architectures and orchestration tools such as Kubernetes and Mesos, managing this has become even harder.
Using real tools, in live environments, Alessandro Gallotta will walk through various hands-on scenarios including how to:
-visualize physical vs logical architectures of Kubernetes/Mesos deployments
-understand performance at the microservice/app level for orchestrated systems
-identify & surface system activity of individual Docker containers
-extract process & app-level metrics inside containers with non-intrusive methods
-troubleshoot detailed network activity in distributed containers
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
Kubernetes can run application containers on clusters of physical or virtual machines.
It can also do much more than that.
Kubernetes satisfies a number of common needs of applications running in production, such as co-locating helper processes, mounting storage systems, distributing secrets, application health checking, replicating application instances, horizontal auto-scaling, load balancing, rolling updates, and resource monitoring.
However, even though Kubernetes provides a lot of functionality, there are always new scenarios that would benefit from new features. Ad hoc orchestration that is acceptable initially often requires robust automation at scale. Application-specific workflows can be streamlined to accelerate developer velocity.
This is why Kubernetes was also designed to serve as a platform for building an ecosystem of components and tools to make it easier to deploy, scale, and manage applications. The Kubernetes control plane is built upon the same APIs that are available to developers and users, implementing resilient control loops that continuously drive the current state towards the desired state. This design has enabled Apache Stratos and a number of other Platform as a Service and Continuous Integration and Deployment systems to build atop Kubernetes.
This presentation introduces Kubernetes’s core primitives, shows how some of its better known features are built on them, and introduces some of the new capabilities that are being added.
In this meetup, Liran Cohen, Cloud platform & DevOps Team Leader, will talk about some of Kubernetes key concepts. We will learn about the architecture of the system; the different resources available in the system; the problems it’s trying to solve, and the model that it uses to manage containerized application deployments.
DevoxxFR 2015 Talk http://cfp.devoxx.fr/2015/talk/WXY-1157/Scaling_Docker_with_Kubernetes
Kubernetes is an open source project to manage a cluster of Linux containers as a single system, managing and running Docker containers across multiple Docker hosts, offering co-location of containers, service discovery and replication control. It was started by Google and now it is supported by Microsoft, RedHat, IBM and Docker Inc amongst others.
Once you are using Docker containers the next question is how to scale and start containers across multiple Docker hosts, balancing the containers across them. Kubernetes also adds a higher level API to define how containers are logically grouped, allowing to define pools of containers, load balancing and affinity.
Kube Overview and Kube Conformance Certification OpenSource101 RaleighBrad Topol
This is my Introduction to Kubernetes and Overview of the Kubernetes Conformance Certification Program talk presented at OpenSource101 Raleigh on Feb 17, 2018
Philipp Krenn, Elastic. From Containers to Kubernetes OperatorsIT Arena
Philipp lives to demo interesting technology. Having worked as a web, infrastructure, and database engineer for over ten years, Philipp is now working as a developer advocate at Elastic — the company behind the open-source Elastic Stack consisting of Elasticsearch, Kibana, Beats, and Logstash. Based in Vienna, Austria, he is constantly traveling Europe and beyond to speak and discuss open-source software, search, databases, infrastructure, and security.
Speech overview:
“Containers are the new ZIP format to distribute software” is a fitting description of today’s development world. However, it is not always that easy and this talk highlights the development of Elastic’s container strategy over time:
Docker images: A new distribution model.
Docker Compose: Local demos and a little more.
Helm Chart: Going from demo to production.
Kubernetes Operator: Full control with upgrades, scaling,…
Besides the strategy, we are also discussing specific technical details and hurdles that appeared during the development. Or why the future will be a combination of Helm Chart and Operator (for now).
Containers, cluster management, microservices, Kubernetes and many other buzzwords are flying around us all the time. Our team is building solutions that make it easy to cope with all the complexity around cluster infrastructure. In this talk we present the project we are working on, namely running Kubernetes on top of the Mesos cluster scheduler. Furthermore we show DCOS which makes it easy to deploy and run Kubernetes with a single command.
Kubernetes Architecture - beyond a black box - Part 2Hao H. Zhang
This continues the Kubernetes architecture deep dive series. (Part 1 see https://www.slideshare.net/harryzhang735/kubernetes-beyond-a-black-box-part-1)
In Part 2 I'm going to cover the following:
- Kubernetes's 3 most import design choices: Micro-service Choreography, Level-Triggered Control, Generalized Workload and Centralized Controller
- Default scheduler limitation and community's next step
- Interface to production environment
- Workload abstraction: strength and limitations
This concludes my work and knowledge sharing about Kubernetes.
XP Days Ukraine 2015 Talk http://xpdays.com.ua/programs/scaling-docker-with-kubernetes/
Kubernetes is an open source project to manage a cluster of Linux containers as a single system, managing and running Docker containers across multiple Docker hosts, offering co-location of containers, service discovery and replication control. It was started by Google and now it is supported by Microsoft, RedHat, IBM and Docker Inc amongst others.
Once you are using Docker containers the next question is how to scale and start containers across multiple Docker hosts, balancing the containers across them. Kubernetes also adds a higher level API to define how containers are logically grouped, allowing to define pools of containers, load balancing and affinity.
Deploy an Elastic, Resilient, Load-Balanced Cluster in 5 Minutes with SenlinQiming Teng
This is a talk from the Austin OpenStack summit. It demonstrates how a resilient, elastic and load-balanced cluster can be deployed using senlin, heat, ceilometer, lbaas v2, nova.
Monitoring microservices: Docker, Mesos and Kubernetes visibility at scaleAlessandro Gallotta
Microservices and containers are revolutionizing the way we deploy applications and maintain infrastructure. But as many have found containers still have a key problem: monitoring and troubleshooting them can be impractical, painful, and sometimes impossible. With the rise of microservice based architectures and orchestration tools such as Kubernetes and Mesos, managing this has become even harder.
Using real tools, in live environments, Alessandro Gallotta will walk through various hands-on scenarios including how to:
-visualize physical vs logical architectures of Kubernetes/Mesos deployments
-understand performance at the microservice/app level for orchestrated systems
-identify & surface system activity of individual Docker containers
-extract process & app-level metrics inside containers with non-intrusive methods
-troubleshoot detailed network activity in distributed containers
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
Kubernetes can run application containers on clusters of physical or virtual machines.
It can also do much more than that.
Kubernetes satisfies a number of common needs of applications running in production, such as co-locating helper processes, mounting storage systems, distributing secrets, application health checking, replicating application instances, horizontal auto-scaling, load balancing, rolling updates, and resource monitoring.
However, even though Kubernetes provides a lot of functionality, there are always new scenarios that would benefit from new features. Ad hoc orchestration that is acceptable initially often requires robust automation at scale. Application-specific workflows can be streamlined to accelerate developer velocity.
This is why Kubernetes was also designed to serve as a platform for building an ecosystem of components and tools to make it easier to deploy, scale, and manage applications. The Kubernetes control plane is built upon the same APIs that are available to developers and users, implementing resilient control loops that continuously drive the current state towards the desired state. This design has enabled Apache Stratos and a number of other Platform as a Service and Continuous Integration and Deployment systems to build atop Kubernetes.
This presentation introduces Kubernetes’s core primitives, shows how some of its better known features are built on them, and introduces some of the new capabilities that are being added.
In this meetup, Liran Cohen, Cloud platform & DevOps Team Leader, will talk about some of Kubernetes key concepts. We will learn about the architecture of the system; the different resources available in the system; the problems it’s trying to solve, and the model that it uses to manage containerized application deployments.
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB
MongoDB Kubernetes operator and MongoDB Open Service Broker are ready for production operations. Learn about how MongoDB can be used with the most popular container orchestration platform, Kubernetes, and bring self-service, persistent storage to your containerized applications. A demo will show you how easy it is to enable MongoDB clusters as an External Service using the Open Service Broker API for MongoDB
Session talk presented at Innosoft 2022.11.11 University of Sevilla.
Presented the concept of Infrastructure as Core and its practical approach using Hashicorp Terraform a a tool to provision in the cloud. Examples with AWS are provided in a Guthub repository.
Federated Kubernetes: As a Platform for Distributed Scientific ComputingBob Killen
A high level overview of Kubernetes Federation and the challenges encountered when building out a Platform for multi-institutional Research and Distributed Scientific Computing.
In this talk, a closer look into the lifecycle of operators will be presented. With an understanding of how operators evolve, it becomes clear what
challenges during operator upgrades. A brief overview of lifecycle management tools such as Helm, OLM, and Carvel is presented in this context. In particular, it will be discussed whether these tools can help, which restrictions apply and where further development would be desirable.
At the end of this talk, you will know what operator lifecycle management is about, what its challenges are, and which tools may be used to reduce operational friction.
This talk was given by Julian Fischer for DoK Day Europe @ KubeCon 2022.
Link: https://youtu.be/_lQhoCUQReU
https://go.dok.community/slack
https://dok.community/
From the DoK Day EU 2022 (https://youtu.be/Xi-h4XNd5tE)
The ability to extend Kubernetes with Custom Resource Definitions and respective controllers has led to the OperatorSDK, which became
the de facto standard for data service automation on Kubernetes. There are countless operator implementations available, and new operators are
being released on a daily basis. Organizations managing hundreds of Kubernetes clusters for dozens of developer teams are also challenged to
manage the lifecycle of hundreds of Kubernetes operators. The goal is to keep the operational overhead to a minimum.
In this talk, a closer look into the lifecycle of operators will be presented. With an understanding of how operators evolve, it becomes clear what
challenges during operator upgrades. A brief overview of lifecycle management tools such as Helm, OLM, and Carvel is presented in this context. In particular, it will be discussed whether these tools can help, which restrictions apply and where further development would be desirable.
At the end of this talk, you will know what operator lifecycle management is about, what its challenges are, and which tools may be used to reduce operational friction.
-----
Julian Fischer, CEO of anynines, has dedicated his career to the automation of software operations. In more than fifteen years, he has built several application platforms. He has been using Kubernetes, Cloud Foundry, and BOSH in recent years. Within platform automation, Julian has a strong focus on data service automation at scale.
Web scale infrastructures with kubernetes and flannelpurpleocean
La capacità di rispondere in poche frazioni di secondo alle richieste degli utenti - indipendentemente dal loro numero - è un fattore determinante per il successo dei servizi sul web. Secondo Amazon, bastano 100 millisecondi di latenza nella risposta per generare una perdita economica di circa l'1% sul
fatturato [1]. In base alle statistiche di Google AdWords, inoltre, il 2015 ha sancito l’ufficiale superamento del numero di interazioni mobile rispetto a quelle desktop [2], con la conseguente riduzione della durata media delle sessioni di navigazione web.
In uno scenario di questo tipo, la razionalizzazione dell’utilizzo delle risorse hardware e la capacità di scalare rispetto al numero di utenti sono fattori determinanti per il successo del business.
In questo talk racconteremo la nostra esperienza di migrazione di soluzioni e-commerce di tipo enterprise in Magento da un’architettura basata su VM tradizionali ad una di tipo software-defined basata su Kubernetes, Flannel e Docker. Discuteremo, quindi, delle reali difficoltà da noi incontrate nel porting su container di soluzioni in produzione e daremo evidenza di come, alla fine di questo lungo viaggio, i nostri sforzi siano stati concretamente premiati dall’aumento di resilienza, affidabilità e automazione della soluzione finale.
A supporto della conversazione, mostreremo i risultati dei benchmark da noi condotti per valutare la scalabilità della nuova architettura presentando delle evidenze delle reali capacità di Kubernetes come strumento di orchestrazione di servizi erogati in Docker container.
Concluderemo l’intervento presentando il nostro progetto di distribuzione geografica dei nodi master di Kubernetes facendo uso di reti SD-WAN per garantire performance e continuità di servizio della soluzione.
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB
MongoDB Kubernetes operator is ready for prime-time. Learn about how MongoDB can be used with most popular orchestration platform, Kubernetes, and bring self-service, persistent storage to your containerized applications.
Kuryr-Kubernetes: The perfect match for networking cloud native workloads - I...Cloud Native Day Tel Aviv
The Kuryr project offers an interesting approach to network cloud native workloads, by enabling container orchestration engines to consume network services from OpenStack Neutron.With pod-in-VM support, Kuryr-Kubernetes enables a whole slew of new hybrid workloads, like bare metal or in-VM pods accessing services that run on VMs, multiple COEs (e.g. Docker Swarm to Kubernetes), and more. Unified networking simplifies deployment, configuration and provides single pane of glass into management and troubleshooting.
Let’s dive into Kuryr Kubernetes and learn how different open source technologies can complement each other in order to enable number of complicated deployment scenarios.
A brief study on Kubernetes and its componentsRamit Surana
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.
Kubernetes is designed to be an extensible system. But what is the vision for Kubernetes Extensibility? Do you know the difference between webhooks and cloud providers, or between CRI, CSI, and CNI? In this talk we will explore what extension points exist, how they have evolved, and how to use them to make the system do new and interesting things. We’ll give our vision for how they will probably evolve in the future, and talk about the sorts of things we expect the broader Kubernetes ecosystem to build with them.
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on KubernetesAthens Big Data
Title: Run Spark and Flink Jobs on Kubernetes
Speaker: Chaoran Yu (https://linkedin.com/in/chaoran-yu-97b1144a/)
Date: Thursday, November 14, 2019
Event: https://meetup.com/Athens-Big-Data/events/265957761/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
5. Kubernetes
Operator
5
- Extend Kubernetes API with
additional objects
- Encapsulate operational
know-how of your application
- Manages your application as a
Kubernetes native object
- Your application is represented
via a CustomResourceDefinition
6. More on Operators
- Run inside K8S cluster (e.g. as a Deployment)
- Implements an CRUD API for CustomResources (CR)
- Asynchronously responds to changes to CRs _after_ they are
written by the Kubernetes API server
- Each change triggers a reconcile() run, where the operational
know-how of your Operator lives
- reconcile() tries to bring the current state of your application to
the desired (as per spec) state
7. Kubernetes Operators and Resources
Resource Schemas are seperated into three sections:
- Spec. Defines the desired state of the resource as specified by user.
- Status. Publishes the resource state as observed by the Operator.
- Metadata. Contains information common to most resources about
the object such as object name, annotations, labels and more.
Operators usually only read the Spec, while they might both read and
update Status and Metadata
8. Main Purpose: Reconciling Desired and Actual States
- Operators create Watches for
Resources they manage
- For every CRUD operation on a
watched Resource, reconcile() is
triggered
- Operator might create new Resources
that are owned by the Operator
- Those resources have
metadata.ownerReferences
Kubernetes
API
Operator
watch v1.MyRes
Create MyRes “demo”
reconcile(
) triggeredFetch v1.MyRes “demo”
check MyRes
current state and
desired stare
Create v1.Pod “demoPod”
update MyRes
stateUpdate v1.MyRes “demo”
9. Popular Operators
- prometheus-operator probably most widely adopted one
- Many other Operators available for managing your applications on
Kubernetes:
- etcd-operator, mongodb-operator,
confluent-operator
- Awesome list:
- https://github.com/operator-framework/awesome-operators
11. Tribefire’s Application Deployment Model
tribefire-master
control-center
modeler
explorer
custom-cartridges
SQL DB
ETCD
ActiveMQ 3rd Party
Services
12. Managing Tribefire on Kubernetes: TribefireOperator
- Manages our Tribefire platform on Kubernetes
- Tribefire is a model-driven application delivery platform
- Consists of several components like master, control-center, etc
- Tribefire is represented via TribefireRuntime CRD on K8S
- TribefireOperator maps CRD to Kubernetes native resources
such as Pods, Services, Ingresses etc.
13. TribefireOperator: Mapping K8S native resources
Deployment
Kubernetes Cluster
Service
Ingress
Secrets
tribefire-operator
<<custom resource>>
TribefireRuntime
The operator watches CRUD of
TribefireRuntime resources
and acts accordingly by CRUD’ing
the required Kubernetes native
objects
14. Representing Tribefire as a CRD: TribefireRuntime
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: tribefireruntimes.tribefire.cloud
spec:
group: tribefire.cloud
names:
kind: TribefireRuntime
plural: tribefireruntimes
shortNames:
- tf
scope: Namespaced
subresources:
status: {}
versions:
- name: v1alpha1
storage: true
served: true
apiVersion: tribefire.cloud/v1alpha1
kind: TribefireRuntime
metadata:
name: infracoders
namespace: tribefire
spec:
domain: tribefire.cloud
databaseType: cloudSql
backend:
type: etcd
components:
- name: tribefire-master
type: Services
logLevel: FINE
logJson: false
env:
- name: "TRIBEFIRE_HOST"
value: "demo.svc"
resources:
requests:
memory: "512Mi"
cpu: "500m"
limits:
memory: "2048Mi"
cpu: "2000m"
- name: tribefire-control-center
type: ControlCenter
TribefireRuntime CRD:
deployed “once” to K8S by
cluster-admin. Declares a
new CustomResource by
describing its metadata and
specification
TribefireRuntime
CR: deployed by
Tribefire users,
describing the specific
Tribefire components
and capabilites that are
needed.
15. TribefireRuntime CRs are Kubernetes native objects
apiVersion: tribefire.cloud/v1alpha1
kind: TribefireRuntime
metadata:
name: infracoders
namespace: demo
spec:
domain: tribefire.cloud
databaseType: cloudSql
backend:
type: etcd
components:
- name: tribefire-master
type: Services
logLevel: FINE
logJson: false
env:
- name: "TRIBEFIRE_HOST"
value: "demo.svc"
resources:
requests:
memory: "512Mi"
cpu: "500m"
limits:
memory: "2048Mi"
cpu: "2000m"
- name: tribefire-control-center
type: ControlCenter
> kubectl create -f tribefire-infracoders.yaml
tribefireruntime.tribefire.cloud/infracoders created
> kubectl get tf -n demo
NAME STATUS AGE
infracoders unavailable 10s
tfdemo-dev available 2d
datapedia available 2w
> kubectl get tf -n demo -o wide
NAME STATUS AGE DOMAIN DATABASE BACKEND UNAVAILABLE
infracoders unavailable 18s tribefire.cloud cloudsql activemq tribefire-master
tfdemo-dev available 2d tribefire.cloud cloudsql etcd
Datapedia available 2w tribefire.cloud cloudsql etcd
> kubectl edit tf -n demo infracoders
tribefireruntime.tribefire.cloud/infracoders edited
> kubectl delete tf -n demo infracoders
tribefireruntime.tribefire.cloud "infracoders" deleted
16. Accessing the TribefireRuntime CR via Kubernetes API
/apis/tribefire.cloud/v1alpha1/namespaces/infracoders/
/apis/
tribefire.cloud/v1alpha1/
namespaces/infracoders/
tribefireruntimes/demo
spec.version
spec.group
metadata.namespace
spec.names.plural
metadata.name
spec.scope: Namespaced
> kubectl proxy --port=8080
Starting to serve on 127.0.0.1:8080...
> curl localhost:8080/apis/tribefire.cloud/v1alpha1/namespaces/infracoders/tribefireruntimes/demo
… huge json response here…
17. CustomResource and RBAC
- Managing deployments
manually requires that every
user has privileges to create
Deployments, Services etc
- With operators, you only need
permission to deploy your
CustomResource
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: tribefire-runtime-admin
namespace: demo
rules:
- apiGroups:
- tribefire.cloud
resources:
- "*"
verbs:
- "*"
Users that want to manage
TribefireRuntimes only
need permissions for the
tribefire.cloud APIs
19. CustomResource and Default Values
- There is no way to specify defaults in a
CRD - OpenAPI spec does allow that but
Kubernetes doesn’t
- Setting defaults via the first Reconcile run
inside the operator might work, but can
introduce race conditions
- Setting defaults via (mutating) Webhooks is
the only safe way to handle defaults in a
CR.
API HTTP
Handler
API Request
Authn/Authz
Mutating
Admission
Controllers
Object
Validator
Etcd
Persistence
Handler
Validating
Admission
Controllers
Mutating
Webhook
Handler
The handler receives
Admission request
including the object
under admission. It can
either directly admit or
decline the request, or
return a set of JSON
patches to mutate the
object under admission.
20. Running pre-delete hooks via Finalizers
- Used to trigger cleanup logic such as
de-provisioning databases or
storage
- Resource deletion cannot proceed
until finalizers are gone
- metadata.deletionTimestamp
as a marker that the resource
handled by the Operator is being
deleted
apiVersion: tribefire.cloud/v1alpha1
kind: TribefireRuntime
metadata:
creationTimestamp: 2019-01-14T09:33:46Z
finalizers:
- default.finalizers.tribefire.cloud
generation: 2
labels:
stage: staging
name: infracoders
namespace: demo
When the Operator has
finished cleanup task, it
has to remove the
finalizer(s) accordingly in
order to release the
resource and let
Kubernetes delete the
resource
21. Provide feedback to users via /status subresource
- Show the current state of your
custom resource
- Use observedGeneration to check if
the .spec of your resource has
changed
- Implement status.conditions to
support synchronous tasks via
kubectl wait --for=condition=available
status:
components:
- name: tribefire-services
status: available
urls:
- https://ic.staging.tribefire.cloud/services
- name: tribefire-demo-cartridge
status: available
conditions:
- lastTransitionTime: 2019-01-14T09:39:08Z
lastUpdateTime: 2019-01-14T09:39:08Z
message: TribefireRuntime fully available
reason: TribefireRuntimeBecameAvailable
status: "True"
type: Available
observedGeneration: 2
status: available
22. Using OpenAPI for Validation
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
...
subresources:
status: {}
validation:
openAPIV3Schema:
spec:
properties:
backend:
properties:
parameters:
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
type:
enum:
- etcd
- activemq
type: string
type: object
apiVersion: tribefire.cloud/v1alpha1
kind: TribefireRuntime
metadata:
name: infracoders
namespace: tribefire
spec:
domain: tribefire.cloud
databaseType: cloudSql
backend:
parameters:
- name: url
value: http://tf-etcd-cluster-client.etcd:2379
type: etcd
components:
- name: tribefire-master
type: Services
logLevel: FINE
logJson: false
…
Use the OpenAPI section in your CRD
to enforce a schema on your custom
resources. For instance you might
want to restrict backend.type to
have etcd and activemq as the only
valid inputs
23. Using Events to trace appliction state changes
- Emitted via EventRecorder in k8s.io/client-go
- Records important information about state changes
- Visibility via kubectl describe tf
- Useful for monitoring (checkout heptio-eventrouter or bitnami’s kubewatch)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ComponentDeployment 22m tribefire Created tribefire-cartridge tribefire-demo-cartridge
Normal SecretBootstrap 22m tribefire Created database secret
Normal SecretBootstrap 22m tribefire Created database service account
Normal SecretBootstrap 22m tribefire Created image pull secret
Normal ComponentDeployment 22m tribefire Created tribefire-master
Normal ComponentDeployment 22m tribefire Created control-center
Normal ComponentDeployment 22m tribefire Created explorer
Normal DatabaseBootstrap 22m tribefire Created database tfdemo-dev-operator-demo
Normal RuntimeReconciled 22m tribefire TribefireRuntime reconciled
Normal ComponentAvailable 21m tribefire Status for 'control-center' switched: 'unavailable' to 'available'
Normal ComponentAvailable 21m tribefire Status for 'explorer' switched: 'unavailable' to 'available'
Normal ComponentAvailable 21m tribefire Status for 'tribefire-master' switched: 'unavailable' to 'available'
24. Outlook on Future Topics
- Deploying and Managing Operators
- Handling multiple CRD versions
- Metrics