Defining & Enforcing Policies the GitOps Way

•

1 like•657 views

GitOps is a great way to reliably and securely deploy both the infrastructure and applications in the context of Kubernetes. In this talk we will have a look at how we can use CNCF Open Policy Agent (OPA) to define and enforce policies along the entire supply chain. For example, an OPA Rego-based bot can review Git commits and automatically provide feedback, and in the runtime space the Gatekeeper project can be of great value. Link to YouTube Video of this talk: https://youtu.be/Xe0PDeENMoE Speaker: Michael Hausenblas, Developer Advocate, AWS Bio: Michael is a Developer Advocate at AWS, part of the container service team, focusing on container security. Michael shares his experience around cloud native infrastructure and apps through demos, blog posts, books, and public speaking engagements as well as contributes to open source software. Before AWS, Michael worked at Red Hat, Mesosphere, MapR and in two research institutions in Ireland and Austria.

Technology

© 2020, Amazon Web Services, Inc. or its Affiliates.
Defining and Enforcing Policies the GitOps Way
Michael Hausenblas, AWS
Weave Online User Group, 2020-05-05

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
$ whoami
• Senior Product Developer Advocate in the
AWS container service team
• Previous roles: Red Hat, Mesosphere, MapR, research
• Let’s connect:
• Slack: AWS dev, Kubernetes, CNCF, Weaveworks
• Twitter: @mhausenblas
• Mail: hausenbl@amazon.com

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
programming-kubernetes.info kubernetes-security.info
Current books

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Open Policy Agent (OPA)

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
• A general-purpose policy engine
• CNCF Incubating Project https://www.openpolicyagent.org
• Many integrations, from Kubernetes to WASM
What is OPA?

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
How does OPA work?

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Example 1: counting
policy
data
OPA
query
play.openpolicyagent.org/p/bOlISBZwB3

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Example 2: finding reviewers
policy
data
OPA
query
play.openpolicyagent.org/p/VPe2sIy5PU

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Example 3: verifying approvals
policy
data
OPA
query
play.openpolicyagent.org/p/HJ8124kLZ7

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Kubernetes example
security good practice: use a dedicated service account for an app
check for serviceAccountName in Deployment, if not set the default SA
is used and this means we have a violation

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Using OPA openpolicyagent.org/docs/latest/integration/
OPA
app
HTTP API
Go app
OPA
example: mhausenblas/cidrchk
example: open-policy-agent/kube-mgmt

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Supply Chain

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
GitOps supply chain concept
code repo
config repo
CI container registry Kubernetes cluster

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Policy use cases along the supply chain
• In the context of the IDE/editor
• Part of the repo (bot)
• Part of the CI pipeline
• Part of the runtime (Kubernetes)

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Editor plugin
open-policy-agent/vscode-opa

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Repo action or CI
instrumenta/conftest-action swade1987/deprek8ion

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
In Kubernetes: Gatekeeper
open-policy-agent/gatekeeper

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Resources

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Videos
• Deep Dive: Open Policy Agent
• CNCF webinar: K8s with OPA Gatekeeper
• cloud native dev: Open Policy Agent (OPA)
Tooling
• https://play.openpolicyagent.org
• https://conftest.dev

$© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential • https://kubernetes.io/blog/2019/08/06/opa-gatekeeper-policy-and- governance-for-kubernetes/ • https://aws.amazon.com/blogs/opensource/using-open-policy-agent-on- amazon-eks • https://opensource.com/article/20/3/deprek8 • https://www.infracloud.io/opa-microservices-authorization-simplified/ • https://marcyoung.us/post/gatekeeper-v3/ Articles$

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential
Q & A

Enterprises today require high availability and disaster recovery for critical business systems. One of the advantages Kubernetes can bring to the table is greater reliability and stability. When disaster strikes, cluster or application recovery should be quick and dependable. Paul Curtis, Principal Solutions Architect at Weaveworks will demonstrate how to leverage Weave Kubernetes Platform and GitOps to create disaster recovery plans and highly available clusters with minimal effort on EKS. In this webinar you will learn: The 4 principles of GitOps (operations by pull request) How to build for reproducibility, security and scale with EKS from the start GitOps driven cluster and cluster lifecycle management with WKP

Make stateful apps in Kubernetes a no brainer with Pure Storage and GitOps

Weaveworks

The need for scale and acceleration of code to production are the main drivers behind the rapid adoption of Kubernetes in modern enterprises. Organizations are aiming to deploy thousands of cloud native applications, including stateful applications on premise, in a single cloud or across multiple clouds. Managing these workloads are complex and can often be a challenging task when it comes to automating operational tasks, rolling updates or migrations. In this webinar Weaveworks and Pure will show you how integrated solutions such as the Weave Kubernetes Platform and Pure Service Orchestrator can save you valuable time through efficient, predictable and reliable operations.

從Google cloud看kubernetes服務

inwin stack

This document discusses using Kubernetes services on Google Cloud Platform. It provides an overview of Google Container Engine and how it integrates with GCP services like Cloud Logging, Cloud Monitor, and Stackdriver. It also covers auxiliary GCP services that are useful for continuous integration and continuous delivery (CICD) with Kubernetes on Google Cloud, such as Source Code Repository, Container Registry, Container Builder, and Build Trigger.

An Overview of Spinnaker

Pierre-Nicolas Durette

Spinnaker is a continuous delivery platform by Netflix and open sourced in late 2015. Fast-forward 3 years, Spinnaker can deploy to 9 (!) cloud providers and platforms; with many project contributions coming from the cloud providers themselves (Google, Amazon, Microsoft, etc.). This DevOps Toronto talk will feature a quick overview of what Spinnaker can do. http://decks.pierre-nick.com/201904_Spinnaker_DevOpsTO/ https://github.com/pndurette/spinnaker-playground https://github.com/pndurette/decks

CI and CD with Spinnaker

VMware Tanzu

This document discusses continuous delivery using Spinnaker, an open source continuous delivery platform. It provides an overview of Spinnaker, including how it supports continuous integration and delivery goals like shipping faster and reducing risk. Spinnaker allows automated deployment pipelines across multiple cloud providers and supports features like zero-downtime deployments, rollbacks, and automated canary analysis. The document also describes how Spinnaker integrates with platforms like Cloud Foundry and CI systems like Concourse.

Modern DevOps with Spinnaker - Olga Kundzich

VMware Tanzu

Spinnaker is an open source multi-cloud continuous delivery platform that allows developers to release software changes continuously and reliably to any cloud environment, including Kubernetes. It provides automated canary analysis, rollback capabilities, and other guardrails to minimize risk during deployments. Spinnaker fits between the develop and operate stages of the DevOps toolchain, integrating with CI/CD tools during development and deployment and monitoring tools during operations. For Kubernetes environments, Spinnaker can deploy any Kubernetes manifests and leverage features like blue/green deployments, rollbacks, and traffic management across multiple Kubernetes clusters. The Spinnaker community is governed by a technical oversight committee and special interest groups, and has a public roadmap for upcoming features

CDK Meetup: Rule the World through IaC

smalltown

[OpenInfra Days Korea 2018] Day 2 - E3-2: "핸즈온 워크샵: Kubespray, Helm, Armada를 ...

OpenStack Korea Community

This document discusses running OpenStack on Kubernetes. It provides instructions for logging into the Kubernetes cluster and OpenStack dashboard. It also summarizes the logging, monitoring, and alerting tools used, including Prometheus for monitoring, Kibana and Elasticsearch for logging, and Alertmanager for alerts. Grafana is used for visualizing metrics and Prometheus is configured to monitor the OpenStack and Kubernetes components.

This document discusses secrets management with HashiCorp Vault. It provides an overview of Vault's capabilities for securely storing and accessing secrets like passwords, API keys and certificates. The document also outlines Pan-Net's experience using Vault, starting with a basic MVP in 2017 and expanding to include self-service, HA capabilities and Gitlab integration over subsequent years. Some limitations of the open source version are noted around advanced topics like geo-redundancy and hardware security modules.

Using source code management patterns to configure and secure your Kubernetes...

Giovanni Galloro

In this session we will show how to set up, from scratch, a git repository to centrally manage, with Anthos Config Management, all the configurations and security policies of multiple Kubernetes clusters in different environments, using git as the source of truth and applying the processes typically used in source code lifecycle. We will also explore what is possible to do with ACM Policy Controller, based on Open Policy Agent Gatekeeper, and configure constraints to enforce many of the possible security policies that an enterprise organization would require.

Openstack days sv building highly available services using kubernetes (preso)

Allan Naim

This document discusses Google Cloud Platform's Kubernetes and how it can be used to build highly available services. It provides an overview of Kubernetes concepts like pods, labels, replica sets, volumes, and services. It then describes how Kubernetes Cluster Federation allows deploying applications across multiple Kubernetes clusters for high availability, geographic scaling, and other benefits. It outlines how to create clusters, configure the federated control plane, add clusters to the federation, deploy federated services and backends, and perform cross-cluster service discovery.

Zero-downtime deployment of Micro-services with Kubernetes

Wojciech Barczyński

Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters

Syah Dwi Prihatmoko

This document discusses how to deploy monitoring and centralized logging on Kubernetes clusters using Prometheus + Grafana and the EFK stack. It provides steps to deploy Kubernetes on Kubic, then install Prometheus + Grafana for monitoring and the EFK (Elasticsearch, Fluentd, Kibana) stack for logging. YAML files and links to deployment guides are referenced to easily set up each component, including configuring Prometheus and Grafana dashboards for visualization.

Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!

smalltown

This document summarizes a talk about building, shipping, and running applications in production using containers on AWS. It discusses migrating an existing service from an on-premise data center to AWS, refactoring the application into microservices and containerizing it using Docker. It then covers setting up a Kubernetes cluster on CoreOS to orchestrate the containers across AWS, addressing challenges like application state, updates and monitoring. Terraform is presented as a way to define infrastructure as code and provision AWS resources. Logging, metrics collection and monitoring the Kubernetes cluster are also discussed.

Kubernetes in kubernetes 搭建高可用環境

inwin stack

Kubernetes in Kubernetes: 搭建高可用環境 discusses running Kubernetes itself on Kubernetes to provide a self-hosted Kubernetes cluster with high availability. It describes how Bootkube can be used to bootstrap an initial control plane and deploy a full self-hosted control plane. It also discusses options for exposing services externally like NodePort, load balancers, Ingress, and using Keepalived for high availability virtual IPs. The document emphasizes that self-hosting Kubernetes makes operations easier and supports disaster recovery for the control plane.

Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery

Andrew Phillips

Automating OpenStack Deployment with Fuel

Tomasz Zen Napierala

Kubernetes Summit 2020 - DevOps: Where is My PodPod

smalltown

This document discusses various strategies for managing Kubernetes clusters and pods, including: - Using separate clusters for different applications, environments, or combinations to balance isolation and resource efficiency - Strategies for placing pods on nodes like node selectors, affinity, taints, and tolerations - The importance of resource management to ensure critical applications have sufficient resources and avoid out-of-resource issues - Mechanisms like pod disruption budgets to handle disruptions gracefully

Helm intro

Haggai Philip Zagury

Helm is a package manager for Kubernetes that makes it easier to deploy and manage Kubernetes applications. It allows you to define, install and upgrade Kubernetes applications known as charts. Helm uses templates to define the characteristics of Kubernetes resources and allows parameterization of things like container images, resource requests and limits. The Helm client interacts with Tiller, the server-side component installed in the Kubernetes cluster, to install and manage releases of charts.

Spinnaker on Kubernetes

Jinwoong Kim

This document summarizes a presentation about Spinnaker on Kubernetes. It introduces Spinnaker as an open source multi-cloud continuous delivery platform initially developed by Netflix. It describes how Spinnaker can be used to manage Kubernetes clusters and deployments through concepts like accounts, server groups, load balancers and pipelines. The document also compares Spinnaker to alternatives like Jenkins and discusses best practices for productionizing Spinnaker on Kubernetes.

Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI

Mitchell Pronschinske

This document discusses using GitLab CI/CD to provision and manage infrastructure with Terraform Cloud (TFC). It begins with an agenda that includes an introduction to Terraform and TFC, integrating them with GitLab, and demos of using GitLab CI/CD pipelines with TFC for infrastructure as code. It then provides bios of two presenters and discusses how GitLab offers a single platform to plan, code, test, secure and release applications. The document concludes by pointing to additional resources on using GitLab CI with Terraform.

Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...

Sanjeev Rampal

Introduction to the architecture of Cisco Container Platform. This is a new offering from Cisco and is an enterprise grade Multi-Cloud Kubernetes based Container platform.. The presentation covers overall architecture, internal details on networking storage, operations and automation as well as multi-cloud features including the use of this platform alongwith hosted Kubernetes offerings from AWS (EKS) and Google (GKE)

Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly

smalltown

This document discusses Kubernetes multi-cluster management and monitoring. It introduces the benefits of using a centralized "center cluster" to manage multiple tenant clusters, including configuration management using GitOps, centralized monitoring using Prometheus and Loki, and centralized logging using Elasticsearch. It also discusses platform options for managing multiple Kubernetes clusters, recommending Rancher as a server-side solution that provides configuration, management, security, and upgrades across clusters.

DevOps Days Galway 2017

Miguel Castilho Dias

The document introduces Kubernetes federation and provides steps to set up a federated Kubernetes environment. It discusses Kubernetes architecture and components. It then demonstrates setting up a federated control plane across multiple clusters using kubefed, and joining additional clusters located in different regions/clouds. Finally it shows demos of basic usage as well as use cases for high availability, cloud bursting, and law enforcement scenarios across the federated environment.

Kubernetes extensibility: crd & operators

Giacomo Tirabassi

Summit openshift-on-openstack

Pippo620677

This document compares using Kubernetes directly on OpenStack infrastructure (IaaS) versus using OpenShift on OpenStack. OpenShift is described as Kubernetes but with an enterprise focus. It provides a Platform as a Service (PaaS) that abstracts away much of the complexity of managing containers. Using OpenShift on OpenStack combines the benefits of containers with the flexibility of virtual machines and leverages OpenStack services like Swift, Cinder, and load balancers. The document outlines deployment architectures for both Magnum and OpenShift on OpenStack and invites the reader to try out exercises for each approach.

An intro to Kubernetes operators

J On The Beach

An Operator is an application that encodes the domain knowledge of the application and extends the Kubernetes API through custom resources. They enable users to create, configure, and manage their applications. Operators have been around for a while now, and that has allowed for patterns and best practices to be developed. In this talk, Lili will explain what operators are in the context of Kubernetes and present the different tools out there to create and maintain operators over time. She will end by demoing the building of an operator from scratch, and also using the helper tools available out there.

OpenStack on Kubernetes (BOS Summit / May 2017 update)

rhirschfeld

This document discusses using Kubernetes as an underlay platform for OpenStack. Some key points: 1. Kubernetes is becoming more widely used and understood by operators compared to OpenStack. Using Kubernetes as an underlay could improve simplicity, stability, and upgrade processes for OpenStack. 2. There are still many technical challenges to address, such as networking, storage, tooling to manage OpenStack on Kubernetes, and ensuring containers meet Kubernetes' immutable infrastructure requirements. 3. Using Kubernetes as an underlay risks further confusing the messaging around OpenStack by implying Kubernetes is more stable or a replacement target. Clear communication will be important to avoid undermining OpenStack.

Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...

Amazon Web Services

Developers and management can seem at cross purposes when one group looks at technologies and the other looks at organizational issues. Both groups are looking for ways to deliver value faster, leaner, and at less cost. There are technological avenues for accomplishing these goals, including DevOps and serverless architectures. However, these approaches also have organizational implications, as they change the nature and content of communication between teams. In this session, we cover the technology benefits and organizational transformations involved in DevOps and serverless architectures. This session is part of the re:Invent Developer Community Day, six community-led sessions where AWS enthusiasts share technical insights on trending topics based on first-hand experiences and knowledge shared within local AWS communities.

DVC303-Technological Accelerants for Organizational Transformation

Amazon Web Services

The document discusses technological accelerants for organizational transformation, including serverless computing and DevOps practices. It provides examples from companies that have adopted DevOps and serverless architectures to break down silos between teams, make work visible through dashboards, identify process bottlenecks, and fix problems early. iRobot is discussed as a case study of a company that transformed to a serverless production cloud and analytics platform. While the cloud and serverless architectures provide benefits, they also present new challenges around visibility, unexpected problems due to increased scale, and ensuring organizational structure changes to align with new technical architectures.

What's hot

Secrets management vault cncf meetup

Juraj Hantak

Using source code management patterns to configure and secure your Kubernetes...

Giovanni Galloro

Openstack days sv building highly available services using kubernetes (preso)

Allan Naim

Zero-downtime deployment of Micro-services with Kubernetes

Wojciech Barczyński

Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters

Syah Dwi Prihatmoko

Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!

smalltown

Kubernetes in kubernetes 搭建高可用環境

inwin stack

Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery

Andrew Phillips

Automating OpenStack Deployment with Fuel

Tomasz Zen Napierala

Kubernetes Summit 2020 - DevOps: Where is My PodPod

smalltown

Helm intro

Haggai Philip Zagury

Spinnaker on Kubernetes

Jinwoong Kim

Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI

Mitchell Pronschinske

Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...

Sanjeev Rampal

Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly

smalltown

DevOps Days Galway 2017

Miguel Castilho Dias

Kubernetes extensibility: crd & operators

Giacomo Tirabassi

Summit openshift-on-openstack

Pippo620677

An intro to Kubernetes operators

J On The Beach

OpenStack on Kubernetes (BOS Summit / May 2017 update)

rhirschfeld

What's hot (20)

Secrets management vault cncf meetup

Using source code management patterns to configure and secure your Kubernetes...

Openstack days sv building highly available services using kubernetes (preso)

Zero-downtime deployment of Micro-services with Kubernetes

Deploy Prometheus - Grafana and EFK stack on Kubic k8s Clusters

Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!

Kubernetes in kubernetes 搭建高可用環境

Spinnaker Summit 2019: Where are we heading? The Future of Continuous Delivery

Automating OpenStack Deployment with Fuel

Kubernetes Summit 2020 - DevOps: Where is My PodPod

Helm intro

Spinnaker on Kubernetes

Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI

Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...

Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly

DevOps Days Galway 2017

Kubernetes extensibility: crd & operators

Summit openshift-on-openstack

An intro to Kubernetes operators

OpenStack on Kubernetes (BOS Summit / May 2017 update)

Similar to Defining & Enforcing Policies the GitOps Way

Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...

Amazon Web Services

DVC303-Technological Accelerants for Organizational Transformation

Amazon Web Services

More Containers Less Operations

Donnie Prakoso

CI/CD pipelines on AWS - Builders Day Israel

Amazon Web Services

Enabling Big Data Computing at Pfizer with AWS Service Catalog and AWS Lambda...

Amazon Web Services

In this session, data analysts, big data administrators, system administrators, developers, and IT managers learn how to create a robust computing environment for their own teams. As enterprises move to the cloud—providing secure, governed turnkey solutions at scale to a broad set of users faces its own challenges—organizations need to ensure charge back and tracking mechanisms while also rapidly creating new turnkey solutions that are readily available to a broad set of end users to keep up with innovation. With AWS Service Catalog, AWS Lambda, Amazon CloudWatch Events, Amazon DynamoDB, and AWS CloudFormation, Pfizer’s Big Data team is defining and enabling the next paradigm of computing at Pfizer.

Serverless CI/CD on AWS Webinar

Amazon Web Services

Severless 應用讓開發人員可以不需要管理基礎建設，只需與專注在應用與創新上快速開發迭代，也不需要為閒置的主機資源付費，這讓許多開發者從過去的框架與運維的限制當中解放了出來。然而，一個 Serverless 的應用在 AWS 上面要如何更好地進行 CI/CD 與更好的部署呢？本次線上研討會講師將會介紹從 AWS re:Invent 2017 以來包括 AWS Lambda 與 API Gateway 在 DevOps 場景的一系列改進，包括 AWS Lambda weighted alias, API Gateway traffic shifting, AWS SAM(Serverless Application Model) 最新支持以及 CodeDeploy 的最新支援。藉由參加這次線上研討會您將能學會如何更安全與優雅地部署一個 Serverless 應用到生產環境！

[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...

Amazon Web Services

Innovate - Breaking Down The Monolith

ShouvikKnightmare

The document discusses breaking down monolithic applications into microservices using containers. It covers why containers help with dependencies and portability. Popular patterns for decomposing monoliths like decoupling APIs and background tasks are presented. Security advantages of containers like controlling access between services is covered. Practical tips like gradual decomposition and focusing on long-running processes are provided. An overview of AWS container services like ECS, EKS, and Fargate is given.

Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit

Amazon Web Services

Kubernetes offers a powerful abstraction layer for managing containerized infrastructure. Amazon EKSmakes it easy to run Kubernetes on AWS without having to manage the Kubernetes Control Plane. In this session, see how Amazon EKS makes deploying Kubernetes on AWS simple and scalable, including networking, security, monitoring, and logging. Learn what we’re doing to make AWS an even better place to run Kubernetes and watch a demo of AWS customers starting to use Amazon EKS.

PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...

Amazon Web Services

Come learn how Elastic Beanstalk can help you go from code to running application in a matter of minutes, without the need to provision or manage any of the underlying Amazon Web Services (AWS) resources. Hear how Qualcomm is able to migrate application to AWS faster than before through Forge, an internally built application platform that leverages Elastic Beanstalk to simplify the development and deployment of applications to AWS with security and organizational best practices out of the box.

AWS STARTUP DAY 2018 I If, how and when to adopt microservices

AWS Germany

The document discusses adopting a microservices architecture and provides guidance on when and how to transition from a monolithic architecture. It notes that monoliths can work well for simple applications but don't scale as the application and company grow. It then outlines some of the challenges of monolithic architectures including long development cycles and difficulty adding new features. The document introduces microservices as a way to decompose an application into smaller, independent services. It provides examples of microservice anatomy and principles for designing microservices including using appropriate tools, secure service communication, and being considerate within the ecosystem. Finally, it acknowledges that transitioning to microservices is a journey that requires planning and coordination.

Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...

Amazon Web Services

The document discusses how application platforms and AWS can work together to help customers build and modernize hybrid applications. It describes how application platforms provide capabilities for self-service provisioning, automation, and standards-based development that integrate well with the elasticity, availability, and security of AWS. The document outlines a hybrid journey where applications can start on application platforms and gradually move capabilities to AWS for better performance, cost optimization, and scalability.

Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...

Amazon Web Services

Day Two Operations of Kubernetes on AWS (GPSTEC309) - AWS re:Invent 2018

Amazon Web Services

You've spent the time designing, architecting, setting up, and configuring your Kubernetes cluster. Now, it's on to day two. "Day two" refers to the functions of scaling, optimizing, monitoring, securing, and in general keeping the lights on. In this talk, we discuss the tools that you have available to help you build a reliable and resilient Kubernetes cluster and run workloads in production. We discuss how to control the network, secure your environment using threat detection, scan your containers for vulnerabilities, use monitoring tools, and create scalable containers and clusters.

Modernizing on EKS (Keynote)- AWS Container Day 2019 Barcelona

Amazon Web Services

Advanced Techniques for Securing Web Applications

Amazon Web Services

AWS - Advanced Techniques for securing web applications

Amazon Web Services

Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018

Amazon Web Services

Operational Excellence with Containerized Workloads Using AWS Fargate (CON320...

Amazon Web Services

The document discusses operational excellence with containerized workloads using AWS Fargate. It provides an overview of AWS Fargate and how it allows customers to run containerized applications without having to manage Amazon EC2 instances. It then discusses how Fargate provides an elastic and integrated service with the AWS ecosystem. Case studies are also presented of companies like Turner and Corteva Agriscience that have migrated workloads to AWS Fargate to reduce costs and improve agility.

Introduction to Serverless on AWS - Builders Day Jerusalem

Amazon Web Services

Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, we will learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers.

Similar to Defining & Enforcing Policies the GitOps Way (20)

Technological Accelerants for Organizational Transformation - DVC303 - re:Inv...

DVC303-Technological Accelerants for Organizational Transformation

More Containers Less Operations

CI/CD pipelines on AWS - Builders Day Israel

Enabling Big Data Computing at Pfizer with AWS Service Catalog and AWS Lambda...

Serverless CI/CD on AWS Webinar

[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...

Innovate - Breaking Down The Monolith

Run Kubernetes with Amazon EKS - SRV318 - Chicago AWS Summit

PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...

AWS STARTUP DAY 2018 I If, how and when to adopt microservices

Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...

Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...

Day Two Operations of Kubernetes on AWS (GPSTEC309) - AWS re:Invent 2018

Modernizing on EKS (Keynote)- AWS Container Day 2019 Barcelona

Advanced Techniques for Securing Web Applications

AWS - Advanced Techniques for securing web applications

Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018

Operational Excellence with Containerized Workloads Using AWS Fargate (CON320...

Introduction to Serverless on AWS - Builders Day Jerusalem

More from Weaveworks

Weave AI Controllers (Weave GitOps Office Hours)

Weaveworks

LLMs are one of the rising workloads on Kubernetes and so are the complexities of deploying, managing and fine-tuning them. With this latest extension we can offer a strong blueprint for enterprises on how to keep LLMs OCI contained with the use of Kubernetes, Flux and Weave AI Controllers. The Highlights: * Simplified deployment, management, and fine-tuning of LLMs on any Kubernetes infrastructure. * Strong security and governance ensured through GitOps workflows and a robust signing and verification process. The Whys: * Security, Governance & Compliance: Ensures vulnerability-free and compliant deployments. * Seamless Integration: Works with existing systems, including Red Hat OpenShift. * GitOps for Productivity & Collaboration: Leverages the power of Flux and Kubernetes for automated, streamlined workflows. The Weave AI Controllers are an out of the box extension for Flux and are shipped and supported with Weave GitOps Assured (https://www.weave.works/product/gitops) and Enterprise (https://www.weave.works/product/gitops-enterprise/). Read our latest blog for more information (https://www.weave.works/blog/weave-ai-controllers) and visit GitHub to get started - https://github.com/weave-ai/weave-ai

Flamingo: Expand ArgoCD with Flux (Office Hours)

Weaveworks

Flamingo is an open source tool that allows for integrated use of both Flux and ArgoCD, the two leading GitOps solutions available today. * See how to integrate the two most used CNCF projects together to create flexible and extensible GitOps solutions. * Learn how to use Flux’s powerful and secure controllers with ArgoCD’s web-based GUI. * Understand how Flamingo provides a path towards Platform Engineering for ArgoCD users. * Explore extending ArgoCD to manage Infrastructure as Code through Flux’s Terraform Controller. For more information visit: https://github.com/flux-subsystem-argo/flamingo

Webinar: Capabilities, Confidence and Community – What Flux GA Means for You

Weaveworks

Flux, the original GitOps project, began its development in a small London office back in 2017 with the goal to bring continuous delivery (CD) to developers, platform and cluster operators working with Kubernetes. From donating the project to the CNCF, its continued growth within the cloud native community, to its achievement of passing rigorous battle tests for security, longevity and governance, it’s little wonder that Flux v2 has reached yet another celebratory milestone – General Availability (GA). Flux is the GitOps platform of choice for many enterprise companies such as SAP, Volvo Cars, and Axel Springer; and is embedded within AKS, Azure Arc and EKS Anywhere. It provides extensive automation to CI/CD, security and audit trails, and reliability through canary deployments and rollback capabilities. Join this webinar by Flux maintainers and creators and discover: * Latest release features and roadmap for the future. * Interesting use cases for Flux (e.g security). * Flux capabilities you may not be aware of (e.g. extensions). * Joining the vibrant Flux community. * How to leverage Flux in a supported enterprise environment today.

Six Signs You Need Platform Engineering

Weaveworks

Although not an entirely new concept, Platform Engineering and Internal Developer Platforms (IDPs) are all the rage due to their potential to increase development velocity and deployment frequency while boosting reliability and security. Join Joe Dahlquist, VP of PMM and Mohamed Ahmed, VP of Developer Platforms at Weaveworks to learn the 6 tell-tale signs your company should implement a platform engineering approach. The webinar draws on hundreds of conversations with SRE’s, developers, and platform engineering teams to help you better understand what works, what doesn’t and what might be missing from your strategy. Attendees can apply these learnings to their first (or next) developer platform regardless of your build vs. buy journey. You will learn: * The difference between Internal Developer Platforms and Platform Engineering * Why platform engineering now? * How Dev and Ops benefit from an IDP * 6 tell-tale signs to start platform engineering * Drafting your platform engineering strategy - where to begin and what to avoid

SRE and GitOps for Building Robust Kubernetes Platforms.pdf

Weaveworks

In today's technology-driven landscape, ensuring the reliability and stability of systems is critical for organizations to deliver exceptional user experiences. Site Reliability Engineering (SRE) has emerged as a proven methodology to achieve operational excellence and elevate performance. By combining SRE and GitOps, organizations can leverage the benefits of both methodologies. GitOps provides a reliable and auditable approach to managing infrastructure and application changes, ensuring that all deployments are version-controlled and consistent across environments. This aligns with the SRE principle of implementing standardized and automated processes for maintaining system reliability. Join our live webinar as we introduce the fundamentals and significance of SRE and GitOps, and provide actionable strategies for implementation. We’ll also explore the features of Weave GitOps that integrate SRE and GitOps practices to streamline workflows to support system reliability and stability. You will learn: An overview and correlation of key SRE and GitOps best practices The 5 keys DORA metrics for measuring performance of software delivery. How to leverage continuous delivery and progressive delivery to enhance application stability. How Weave GitOps can reliably simplify the management of infrastructure and applications, with real-world customer examples illustrating their impact.

Webinar: End to End Security & Operations with Chainguard and Weave GitOps

Weaveworks

One of the key values of GitOps relies on its fully declarative single source of truth in Git for the desired state of your entire system – configuration that continuously reconciles with the runtime of the system. Validating committer identity in your Git repository is a critical component towards a secure GitOps solution. Although basic capabilities are provided by Git service providers, more granular controls for governance and compliance are a requirement to satisfy most enterprise grade implementations. How do you keep that end to end process secure, from Git to Runtime? Join Weaveworks and Chainguard for a live webinar where we will look at how Chainguard Enforce for Git together with Weave GitOps Enterprise Policy Engine allows you to secure your end to end GitOps workflows, from Git to Runtime. You will learn how to: - Use Chainguard Enforce for Git to ensure only authorized GitOps tooling can modify your desired state. - Provide a secure identity to Weave GitOps Enterprise for all Git operations. - Use Weave GitOps Policy Engine to guarantee compliance on admission.

Flux Beyond Git Harnessing the Power of OCI

Weaveworks

Watch the recap: https://youtu.be/gKR95Kmc5ac In this KubeCon Europe 2023 session, Stefan and Hidde will talk about the latest developments of Flux around the Open Container Initiative (OCI). The focus will be on how OCI can serve as the single source of truth for both application code (container images) and configuration (OCI artifacts). We will start by explaining how Flux can be used as a package manager for distributing Kubernetes configs and Terraform modules as OCI artifacts. Afterwards, we will demonstrate how to build a secure delivery pipeline that leverages Flux integrations with GitHub Actions and keyless signatures from Sigstore Cosign. Lastly, we will touch upon the upcoming plans for 2023 and the significance of OCI in the future of continuous delivery with Flux.

Automated Provisioning, Management & Cost Control for Kubernetes Clusters

Weaveworks

In today’s economic climate, IT departments are feeling the pressure to reduce costs which can have a significant effect on development teams, and more specifically, Kubernetes strategies. For many organizations, there is a good chance that many Kubernetes resources are overprovisioned, and it’s often difficult to visualize which processes are responsible for this unnecessary spend. Weaveworks has joined forces with KubeCost to show you how to “do more with less” by easily integrating a Kubernetes FinOps solution into your existing workflows and seamlessly automating the provisioning and management of FinOps enabled Kubernetes clusters from a single UI / dashboard. Join this webinar to discover best practices for monitoring and reducing Kubernetes spend, while balancing cost, performance, and reliability. What you’ll learn: - Best practices for implementing a FinOps strategy in your organization. - Cluster management and templating capabilities using Weave GitOps for automating FinOps. - How to use predefined, automated policies for reliable cost control across your Kubernetes environment.

How to Avoid Kubernetes Multi-tenancy Catastrophes

Weaveworks

This document summarizes a webinar about implementing multi-tenancy in Kubernetes without catastrophes using GitOps. It recommends 5 easy steps: 1) implement a zero trust posture, 2) apply least privilege practices, 3) use policies to enforce governance, 4) leverage GitOps audit capabilities, and 5) reduce the blast radius. The webinar discusses how Weaveworks' Workspaces product establishes boundaries and defines access controls to securely support multiple teams deploying applications.

Building internal developer platform with EKS and GitOps

Weaveworks

An internal developer platform (IDP) is a set of standardized tools and technologies that enables development teams to self-service, offering convenient access to resources they need to create and deploy compliant code. The ultimate goal is to facilitate automation, autonomy and productivity across large teams. However, creating an IDP is highly complex, especially when bridging hybrid scenarios. In fact, build timelines can take anywhere between one to two years! In this Techstrong Learning Experience, we will discuss how platform engineers can more efficiently build an IDP with Amazon EKS and Weave GitOps and accelerate cloud-native adoption while speeding up migration of existing applications to the cloud. Our experts will also introduce EKS Blueprints, a collection of infrastructure-as-code (IaC) modules like Terraform and AWS Cloud Development Kit (AWS CDK) that will help you configure and deploy consistent EKS clusters across on-premises and cloud. Key Takeaways: - Why you should build a self-service IDP - How to leverage EKS, GitOps and EKS Blueprints to build your IDP - A review of use cases and benefits of an IDP

GitOps Testing in Kubernetes with Flux and Testkube.pdf

Weaveworks

GitOps is amazing... until you can't apply it! This has been the case mostly for testing where it continues to be more of a push than a pull in organizations' DevOps pipelines. Join us in this talk to learn the benefits of improving your existing testing pipeline with Testkube, an open source project that brings tests inside your Kubernetes cluster, and FluxCD adding the GitOps sprinkles to testing! Speaker: Abdallah Abedraba, Product Leader at Testkube Abdallah works at Testkube, a Kubernetes native testing framework. In his prior experiences, he has tried everything from software engineering to product management, and now working as a Developer Advocate, on open source (a dream of his!) evangelizing all things Testing and Kubernetes. In his free time, he enjoys attending developer conferences and meetups, as well as spending time at the movies and actively listening to music.

Intro to GitOps with Weave GitOps, Flagger and Linkerd

Weaveworks

Implementing Flux for Scale with Soft Multi-tenancy

Weaveworks

Soft multi-tenancy can be hard to achieve and secure. Multiple tenants sharing the same cluster means there are global objects, like Custom Resource Definitions (CRDs), namespaces, and so on, that you don’t want tenants controlling. Platform admins, cluster admins, and tenants, should be separated, with dedicated namespaces, role bindings, node groups, taints and tolerations, etc. With Flux, tenant isolation is enforced by default, so you don’t have to worry about accidental tenant cross-over / cross-contamination. In this session, Priyanka “Pinky” Ravi, Developer Experience Engineer at Weaveworks, will walk you through how to set up multi-tenancy on an existing Kubernetes cluster and manage several tenants within the cluster. Take advantage of the benefits that come with infrastructure as code.

Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS

Weaveworks

Join Leo Murillo, Principal Solutions Architect at Weaveworks and Rama Ponnuswami, Sr. Container Specialist at AWS, as they walk through accelerating Multi-stage delivery on GitOps. If you already have EKS-A, you are ready to automate the release of multistage delivery. Thus, allowing you to deploy more often and reliably with less overhead. In this Webinar, we cover: - Best practices for CI/CD, GitOps and Application Pipeline Management. - Simple cluster management across Kubernetes hybrid infrastructure. - Multistage deployments using Weave GitOps for EKS and EKS-A using a single UI dashboard.

The Story of Flux Reaching Graduation in the CNCF

Weaveworks

This document summarizes the evolution of Flux from version 1 to version 2. It describes how Flux started as a tool to ensure cluster state matches Git config and has become a multi-tenant continuous delivery platform. It outlines key milestones such as graduating from CNCF sandbox to incubation and hitting over 4,000 stars. It also provides an overview of Flux version 2's architecture and growing set of capabilities around areas like GitOps, Helm, Kustomize, security, and support for artifacts from container registries.

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...

Weaveworks

In this session, we’ve partnered with Upbound to showcase how to effectively manage application delivery while maintaining a high level of security using Weave GitOps and Upbound. Managing a stateful application deployment with a relational database, Weave GitOps can recognize if there is a policy violation and correct it before deploying the application. Join us as we demonstrate the scenarios where: All changes to application configuration are managed through Git workflows Upbound’s Universal Crossplane allows you to build, deploy, and manage your cloud platforms GitOps provides an extra layer of security by removing the need for direct access to Kubernetes clusters Policy-as-Code guarantees security, resilience and coding standards compliance Watch the recording: xx

Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...

Weaveworks

In a joint webinar with Traefik Labs, we show how Traefik Hub, a SaaS-based cloud native networking platform, helps you publish your containers securely in seconds with tunnels, OIDC authentication and automated TLS certificate management. And, how you can combine that with Weave GitOps to achieve continuous application delivery using progressive delivery strategies for risk-free and reliable deployments. Security is key, so we showcase multi-tenancy for full RBAC across the different deployment stages, and trusted delivery best practices for continuous security and compliance baked in. Learn how: - To utilize canary deployments for reliable and risk-free application deployments. - GitOps lets you automate and secure the publishing of containers at the edge consistently. - Easy it is to deploy, update and manage your application workloads on Kubernetes. - To publish containers securely using tunnels, OIDC authentication and TLS certificate management.

Flux’s Security & Scalability with OCI & Helm Slides.pdf

Weaveworks

Flux Security & Scalability using VS Code GitOps Extension

Weaveworks

Recently Flux has released two new features (OCI and Cosign) for scalable and secure GitOps. Juozas Gaigalas, a Developer Experience Engineer at Weaveworks, will demonstrate how developers and platform engineers can quickly create scalable and Cosign-verified GitOps configurations using VS Code GitOps Tools extension. New and experienced Flux users can learn about Flux’s OCI and Cosign support through this demo.

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps

Weaveworks

Deploying secure, cloud native stateful applications requires a high level of performance across hybrid and multi-cloud environments. Using the scalable, highly performant storage provided by Ondat in combination with Weave GitOps Trusted Delivery, you can shift left security and accelerate software development. Watch this on-demand webinar as we demonstrate how: - All changes to application configuration are managed through Git workflows GitOps provides an extra layer of security by removing the need for direct access to Kubernetes clusters. - Policy-as-Code guarantees security, resilience and coding standards compliance. - To dynamically provision highly available persistent volumes by simply deploying Ondat anywhere with a simple operator profile. - All data services such as replication, compression and encryption, are optimized and accelerated to scale on any platform with Ondat’s low latency data plane.

More from Weaveworks (20)

Weave AI Controllers (Weave GitOps Office Hours)

Flamingo: Expand ArgoCD with Flux (Office Hours)

Webinar: Capabilities, Confidence and Community – What Flux GA Means for You

Six Signs You Need Platform Engineering

SRE and GitOps for Building Robust Kubernetes Platforms.pdf

Webinar: End to End Security & Operations with Chainguard and Weave GitOps

Flux Beyond Git Harnessing the Power of OCI

Automated Provisioning, Management & Cost Control for Kubernetes Clusters

How to Avoid Kubernetes Multi-tenancy Catastrophes

Building internal developer platform with EKS and GitOps

GitOps Testing in Kubernetes with Flux and Testkube.pdf

Intro to GitOps with Weave GitOps, Flagger and Linkerd

Implementing Flux for Scale with Soft Multi-tenancy

Accelerating Hybrid Multistage Delivery with Weave GitOps on EKS

The Story of Flux Reaching Graduation in the CNCF

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossp...

Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...

Flux’s Security & Scalability with OCI & Helm Slides.pdf

Flux Security & Scalability using VS Code GitOps Extension

Deploying Stateful Applications Securely & Confidently with Ondat & Weave GitOps

Recently uploaded

Skybuffer SAM4U tool for SAP license adoption

Tatiana Kojar

Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool. SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.

Energy Efficient Video Encoding for Cloud and Edge Computing Instances

Alpen-Adria-Universität

Introduction of Cybersecurity with OSS at Code Europe 2024

Hiroshi SHIBATA

I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems. The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS. Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application. I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.

Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...

Tatiana Kojar

Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI. With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

akankshawande

Letter and Document Automation for Bonterra Impact Management (fka Social Sol...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365. Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf

Chart Kalyan

Trusted Execution Environment for Decentralized Process Mining

LucaBarbaro3

AWS Cloud Cost Optimization Presentation.pptx

HarisZaheer8

This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.

Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...

saastr

Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf

Malak Abu Hammad

Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers: * What is Vector Search? * Importance and benefits of vector search * Practical use cases across various industries * Step-by-step implementation guide * Live demos with code snippets * Enhancing LLM capabilities with vector search * Best practices and optimization strategies Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications. #MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology

Digital Marketing Trends in 2024 | Guide for Staying Ahead

Wask

https://www.wask.co/ebooks/digital-marketing-trends-in-2024 Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.

Generating privacy-protected synthetic data using Secludy and Milvus

Zilliz

During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.

Presentation of the OECD Artificial Intelligence Review of Germany

innovationoecd

Monitoring and Managing Anomaly Detection on OpenShift.pdf

Tosin Akinosho

Monitoring and Managing Anomaly Detection on OpenShift Overview Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices. Key Topics Covered 1. Introduction to Anomaly Detection - Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems. 2. Understanding Edge (IoT) - Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source. 3. What is ArgoCD? - Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices. 4. Deployment Using ArgoCD for Edge Devices - Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD. 5. Introduction to Apache Kafka and S3 - Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions. 6. Viewing Kafka Messages in the Data Lake - Learn how to view and analyze Kafka messages stored in a data lake for better insights. 7. What is Prometheus? - Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices. 8. Monitoring Application Metrics with Prometheus - Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system. 9. What is Camel K? - Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes. 10. Configuring Camel K Integrations for Data Pipelines - Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow. 11. What is a Jupyter Notebook? - Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text. 12. Jupyter Notebooks with Code Examples - Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.

leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...

alexjohnson7307

Choosing The Best AWS Service For Your Website + API.pptx

Brandon Minnick, MBA

Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API? Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose? Which one is cheapest? Which one is fastest? Which one will scale to meet our needs? Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!

Nordic Marketo Engage User Group_June 13_ 2024.pptx

MichaelKnudsen27

Recommendation System using RAG Architecture

fredae14

Operating System Used by Users in day-to-day life.pptx

Pravash Chandra Das

Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes. Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions. Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻 The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️ Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution. The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟

Recently uploaded (20)

Skybuffer SAM4U tool for SAP license adoption

Energy Efficient Video Encoding for Cloud and Edge Computing Instances

Introduction of Cybersecurity with OSS at Code Europe 2024

Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

Letter and Document Automation for Bonterra Impact Management (fka Social Sol...

How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf

Trusted Execution Environment for Decentralized Process Mining

AWS Cloud Cost Optimization Presentation.pptx

Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...

Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf

Digital Marketing Trends in 2024 | Guide for Staying Ahead

Generating privacy-protected synthetic data using Secludy and Milvus

Presentation of the OECD Artificial Intelligence Review of Germany

Monitoring and Managing Anomaly Detection on OpenShift.pdf

leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...

Choosing The Best AWS Service For Your Website + API.pptx

Nordic Marketo Engage User Group_June 13_ 2024.pptx

Recommendation System using RAG Architecture

Operating System Used by Users in day-to-day life.pptx

Defining & Enforcing Policies the GitOps Way

2. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential $ whoami • Senior Product Developer Advocate in the AWS container service team • Previous roles: Red Hat, Mesosphere, MapR, research • Let’s connect: • Slack: AWS dev, Kubernetes, CNCF, Weaveworks • Twitter: @mhausenblas • Mail: hausenbl@amazon.com

5. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential • A general-purpose policy engine • CNCF Incubating Project https://www.openpolicyagent.org • Many integrations, from Kubernetes to WASM What is OPA?

10. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Kubernetes example security good practice: use a dedicated service account for an app check for serviceAccountName in Deployment, if not set the default SA is used and this means we have a violation

11. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Using OPA openpolicyagent.org/docs/latest/integration/ OPA app HTTP API Go app OPA example: mhausenblas/cidrchk example: open-policy-agent/kube-mgmt

14. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Policy use cases along the supply chain • In the context of the IDE/editor • Part of the repo (bot) • Part of the CI pipeline • Part of the runtime (Kubernetes)

20. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential Videos • Deep Dive: Open Policy Agent • CNCF webinar: K8s with OPA Gatekeeper • cloud native dev: Open Policy Agent (OPA) Tooling • https://play.openpolicyagent.org • https://conftest.dev

21. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential • https://kubernetes.io/blog/2019/08/06/opa-gatekeeper-policy-and- governance-for-kubernetes/ • https://aws.amazon.com/blogs/opensource/using-open-policy-agent-on- amazon-eks • https://opensource.com/article/20/3/deprek8 • https://www.infracloud.io/opa-microservices-authorization-simplified/ • https://marcyoung.us/post/gatekeeper-v3/ Articles

Defining & Enforcing Policies the GitOps Way

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Defining & Enforcing Policies the GitOps Way

Similar to Defining & Enforcing Policies the GitOps Way (20)

More from Weaveworks

More from Weaveworks (20)

Recently uploaded

Recently uploaded (20)

Defining & Enforcing Policies the GitOps Way