Cloud Native Summit 2019 Summary

CNS is an international tech conference where you will learn in a friendly and inclusive environment
about the latest innovations and best practices in
o Cloud Native Transformation
o software development
o DevOps principles
o Microservices
o Service Mesh
o Continuous Delivery
o Container technologies
o automating IT operations
o Testing
o Security and more
https://www.cloudnativesummit.co/nz/
Cloud Native Summit

o Cloud-Native is an approach to building and running applications that exploits the advantages of the
cloud computing delivery model.
o It is about how applications are created and deployed, not where
o Apps are loosely coupled, meaning the code is not hard-wired to any of the infrastructure
components, so that the app can scale up and down on demand and embrace the concepts of
immutable infrastructure.
o Not only that, but it even has its own foundation: the Cloud Native Computing Foundation (CNCF),
launched in 2015 by the Linux Foundation.
o https://www.cncf.io/
Cloud Native

Distributed Tracing and Zipkin
Adrian Cole (Pivotal)
Benefits
o See your architecture with live dependency
diagrams built from traces
o Allows for faster identification and isolation of
bugs and performance problems in the dist sys
o Distributed tracing lets you see the path that a
request takes as it travels through a distributed
system.
o Helps gather timing data needed to troubleshoot
latency problems in service architectures, reduce
triage time, visualise latency and understand
complexity
o Includes both the collection and lookup of this
data and one can setup the tracing system from
scratch using Docker
o Zipkin is distributed tracing system created by
Twitter. Compatible with 3rd party libraries,
proxies, etc
For More Info
o https://zipkin.io/
1

o Catalyst Cloud based in NZ is a cloud provider that builds private cloud for customers using the same
technology used by their public cloud.
o OpenStack Magnum is a container orchestration engine provisioning service that make it easy to
deploy, manage, and scale Kubernetes clusters to run containerised applications
Benefits
o Strong Security: Rolling upgrades and patching,
new policies, authentication, etc.
o High Availability/Resiliency
o Performance escalation
For More Info
o https://catalystcloud.nz/services/paas/kubernetes/
Production Ready Kubernetes Clusters
Bruno Lago and Fei Long Wang (Catalyst Cloud)2

o Serverless simply means that you don’t have to manage the servers on which your application runs
o No worry about scaling your application as the load increases, it is handled automatically!
o However when at scale, concurrency problems with bottleneck when spinning up autoscalers that
take 10-15 minutes to spin up
o Lambdas reading from Kinesis streams and SQS
Benefits
o Auto-scaling high demand applications
(millions of requests) without bottleneck
Building Serverless Applications at Scale
Vanessa Thornton (Xero)3
For More Info
o Practice proactive performance testing
o Serverless Artillery (Testing Suite) -
https://github.com/Nordstrom/serverless-artillery
o Jtest
o Roll your own
Problem with many API calls Solution using Kinesis

o IT shift to a modern distributed architecture has left enterprises
unable to monitor, connect, manage, & secure their services in
a consistent way.
o Pilot - Control plane to configure and push service
communication policies.
o Envoy - Network proxy to intercept communication and apply
policies.
o Mixer - Policy enforcement with a flexible plugin model for
providers for a policy.
o Citadel - Service-to-service auth using mutual TLS, with built-in
identity and credential management.
o Galley - Configuration validation, distribution
Benefits
o Service mesh moves these facets out of the
application for better division of labour and...
o Consistency across the fleet
o Centralized control
For More Info
o http://bit.ly/cns-2019
Practical Istio
Zack Butcher (Tetrate)4

o GitOps is a paradigm or a set of practices
that empowers developers to perform tasks
which typically fall under the purview of IT
operations Consistency (Via Versioning)
o The flow
1. Users
2. Git
3. Pipelines
4. Environment
Benefits
o Consistency (Via Versioning)
o Self-service (Via Git)
o Flexibility
For More Info
o https://platform.deloitte.com.au/articles/gitops-
driven-deployments-on-openshift
GitOps Driven Deployments on OpenShift
Everett Toews and Heather Cumberworth-Lane (Deloitte/Education Payroll Ltd)5

o System Quality Attributes:
1. Coding Standards/Design Patterns
2. Templates ( e.g Spring boot actuator template)
3. Client Library (e.g AWS SDK client library)
4. Platform Library
5. Mesh (Istio)
6. Container Orchestration ( Kubernetes and ECS)
Mastering Consistency in Microservices Architectures
Andy Marks (ThoughtWorks)6
21/26 21/30 12/24 16/22 13/30 26/29
Coding Standard Template
Services
Client Library Platform Library Mesh Container
Orchestration
? 75% using
Spring boots
? ? 70% using
Istio
60% Kubernetes
26% Amazon ECS
Survey Results from 30 Tech teams
o Autonomy vs Consistency
o Scaling vs Logging
o Coupling vs Security
o Speed vs Resiliency

o Dev Ops responsibility split
o Event driven architecture
o Event stream to replace logging and metrics
for meaningful reporting
o Instrument everything
o Data platform to allow for more accessibility
to query – allow for data teams, security
teams, networking teams etc.
o Eg. Haystack from Expedia
Observability for Everyone
Inny So and Andrew Jones (Thoughtworks)7

The Nature and Characteristics of Adopting Hybrid Cloud
Mandi Buswell (RedHat)8
Hybrid cloud is a combination of public and private clouds
o The interconnection is multi-layered
o Burstable/elastic compute
o Network interconnectivity
o Storage and data
o The considerations at all levels need to be aligned
o Abstraction
o Orchestration/Automation/Operational Control
o Visibility/Connectivity
o Portability/Sustainability/Scalability
o Security/Reliability
o Open or closed?
o Principles of reference for hybrid cloud
o Infrastructure software across all footprints and intelligent
routing
o Cloud-native app platforms
o Management and automation
o Open/standards based
o Security first
Four Core Scenarios of
Hybrid Cloud Deployments

o Portable open source serverless Kubernetes
o Build
o Easy-to-use, simple source-to-container builds
o Focus on writing code
o Serving
o Run serverless containers on Kubernetes
o Takes care of networking, scaling (even to zero) and revision tracking
o Focus on core logic
o Eventing
o Universal description, delivery and management of events
o Build modern apps by attaching compute to data stream
with declarative event connectivity and developer-friendly object model
o Middleware tools that allow for extending Kubernetes to run anywhere
o Knative
o OpenFaaS
o Keda
Serverless runtimes on top of Kubernetes: a developer guide
Scott Coulton (Microsoft)9

o Asynchronous. Resilience, flexibility, replay
o What is an event? A fact with no expectation of future consequences.
o Immutable, grows over time, cannot be retracted
o Embrace eventual consistency
o Allows you to have your data ready for future forecasting and queries
Preparing for the event-driven world
Kiru Samapathy (Thoughtworks)10

o Containers are just processes, have their own filesystem and network but share a kernel
o Workload or cluster compromise
o Defence - Minimise container image attack surface
o Supply chain (deps, images, git),
o Pipeline controls (Secrets Mgmt, Gitops)
o Infrastructure
o Linux security (Apparmor)
o Cluster (RBAC)
o Network (network policy)
o Use recommended controllers and restrictions
o Think of security at the design process
o Perform threat modelling
o Document data flow and attack trees
o Make security everyone’s job and part of your org’s culture (DevSecOps)
o Slides - tiny.cc/iyfsaz
Kubernetes Security Low-Hanging Fruit
Luke Bond (Control Plane)11

o The complexity is real. Innovate.
o Subtraction. Remove yourself. Let others take over.
o Cropping. Move yourself from one team to another.
o Adopted observability strategy
o Alerting strategy
o Getting Insights into your application right from code commit and the impact of each code change
o Identifying Patterns and trends across your digital footprint
o Establishing reasonable thresholds and minimising alerting fatigue
o Ingest-store-visualise to break down system of systems - embrace controlled vs chaos engineering
o Accountability and Responsibility - Gaining full visibility into your applications, dependencies and
containers and the relationships between them
Escaping Enterprise Complexity
Diana Omuoyo & Nik Jain (New Relic)12

o Metrics. Sequence of data points, measuring the same thing over time
o Histograms and tracing
o 3D Observability to understand the system and removing bottlenecks
o Being able to identify and isolate the bug easily allows for BeachOps
o All for customer happiness
Metrics, Histograms, Traces
Annie Lin (VMWare)13

Will open-source (Kubernetes) be able to compete with enterprise?
o Kubernetes is the new Linux – however not always the right choice
o Open source awesome but way too many options
o Tie it to business value and solving customer problems
o Technical debt – security, compliance etc but especially adoption
o Open standard and open cloud for open source - enterprise offers support
o Commercial model wraps around open source to make it possible through vendors
o Open source drives maturity of features that drives feature dev and adoption
o Kubernetes made it more secure or made attack surface bigger by being more complex?
- larger adoption means larger risk, however more eyes to spot vulnerabilities
o Need more maturity on standards like the electricity industry
Panel
Kelly Griffin (Ranchers Labs), Mandi Buswell (RedHat),
Roman Tarnavski (VMWare), Bruno Lago (Catalyst Cloud)14

Cloud Native Summit 2019 Summary

More Related Content

What's hot

Similar to Cloud Native Summit 2019 Summary

More from Everett Toews

Recently uploaded

Cloud Native Summit 2019 Summary