The overwhelming growth of technologies in the Cloud Native foundation overtook our toolbox and completely changed (well, really enhanced) the Developer Experience.
In this talk, I will try to provide my personal journey from the "Operator's to Developer's chair" and the practices which helped me along my journey as a Cloud-Native Dev ;)
You just got “done” with the transformation of your organization (or parts of it) to leverage more DevOps practices, and now the next hot thing is taking over the industry: containers, Cloud Native, SRE, GitOps, Kubernetes, etc. What’s a DevOps Manager to do? Throw away the last few years and rebrand the team as Cloud Native SREs?
Technological advancement not only provides advancement in “what” a modern technology architecture looks like, it can also provide advancement in the processes and the day to day of an organization’s technology teams. We’ve seen this before in the move from mainframe to client-server, and client-server to Cloud.
In this presentation I’ll talk about the relationship of DevOps to Cloud Native technologies, and help make sense of all the jargon - containers, microservices, orchestration (and Kubernetes), SRE, GitOps, etc. I’ll also talk about how some processes & practices in the world of DevOps change when leveraging these technologies. Attendees will leave with a base understanding of what a DevOps operating model looks like when leveraging modern Cloud Native technologies.
Scaling a Serverless Developer Platform for TeamsMikael Vesavuori
In this presentation, you’ll get a practical high-level overview of how it actually works scaling development activities to many teams using serverless and cloud-native technologies. We’ll look at the tech itself, some example architectures and common concerns to address. While we are AWS-centric here, the lessons learned and advice are transferable to other clouds as well.
First presented at AWS User Group Gothenburg, March 31 2022.
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at OWASP NoVA, Sept 25th, 2018
Tales of the mythical cloud-native platform - Container day 2022Jacopo Nardiello
In this presentation, I'm addressing all the organizational issues related to devops teams and the rise of platform engineering. The good, the bad, and the pitfalls of how to organize your team (effort, skills, and gtd).
The overwhelming growth of technologies in the Cloud Native foundation overtook our toolbox and completely changed (well, really enhanced) the Developer Experience.
In this talk, I will try to provide my personal journey from the "Operator's to Developer's chair" and the practices which helped me along my journey as a Cloud-Native Dev ;)
You just got “done” with the transformation of your organization (or parts of it) to leverage more DevOps practices, and now the next hot thing is taking over the industry: containers, Cloud Native, SRE, GitOps, Kubernetes, etc. What’s a DevOps Manager to do? Throw away the last few years and rebrand the team as Cloud Native SREs?
Technological advancement not only provides advancement in “what” a modern technology architecture looks like, it can also provide advancement in the processes and the day to day of an organization’s technology teams. We’ve seen this before in the move from mainframe to client-server, and client-server to Cloud.
In this presentation I’ll talk about the relationship of DevOps to Cloud Native technologies, and help make sense of all the jargon - containers, microservices, orchestration (and Kubernetes), SRE, GitOps, etc. I’ll also talk about how some processes & practices in the world of DevOps change when leveraging these technologies. Attendees will leave with a base understanding of what a DevOps operating model looks like when leveraging modern Cloud Native technologies.
Scaling a Serverless Developer Platform for TeamsMikael Vesavuori
In this presentation, you’ll get a practical high-level overview of how it actually works scaling development activities to many teams using serverless and cloud-native technologies. We’ll look at the tech itself, some example architectures and common concerns to address. While we are AWS-centric here, the lessons learned and advice are transferable to other clouds as well.
First presented at AWS User Group Gothenburg, March 31 2022.
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at OWASP NoVA, Sept 25th, 2018
Tales of the mythical cloud-native platform - Container day 2022Jacopo Nardiello
In this presentation, I'm addressing all the organizational issues related to devops teams and the rise of platform engineering. The good, the bad, and the pitfalls of how to organize your team (effort, skills, and gtd).
The DevSecOps Builder’s Guide to the CI/CD PipelineJames Wickett
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at LASCON 2018, in Austin, TX.
Containers, Serverless, Polyglot Development World, And Others…10 trends resh...PROIDEA
During this presentation, you will learn about the 10 changes that might reshape the developer tools market in the next 10 years. Jarek will discuss containers, serverless functions, and how it all supports an agile and CI/CD experience. The move to a polyglot development world means most applications will be written in a mix of languages, with developers favoring tools that help them navigate easily between languages. Jarek will also walk us through the evolution away from stand-alone developer workstations toward cloud-and-container based development environments offered as a service.
Enhancing Software Engineering Practices at Our Startup.pptxmuktar42
when I assumed the position of Director of Software Engineering at one of my previous early-stage startups, I swiftly recognized opportunities for enhancement. Reflecting on the initial presentation I delivered to the team, I find it holds significant value for startups in similar stages. In this reflective piece, I aim to revisit the insights shared during that pivotal moment, offering valuable lessons for budding startups.
De facto DevOps, de facto Agile. Today DevOps is the Manufacturing Revolution of Our Age. There is no escape for us. When got a DevOps, you got a DevOps.
DevOps simply is the combination of cultural philosophies,practices,and tools that increase an organization’s ability to deliver applications and services at high velocity : evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.
Achieving Technical Excellence in Your Software Teams - from Devternity Peter Gfader
Our industry has a problem: We are not lacking software methodologies, programming languages, tools or frameworks but we need great software engineers.
Great software engineer teams build quality-in and deliver great software on a regular basis. The technical excellence of those engineers will help you escape the "Waterfall sandwich" and make your organization a little more agile, from the inception of an idea till they go live.
I will talk about my experiences from the last 15 years, including small software delivery teams until big financial institutions.
Why would a company like to be "agile"?
How can a company achieve that?
How can you achieve Technical Excellence in your software teams?
What developer skills are more important than languages, methods or frameworks?
This will be an interactive session with a Q&A at the end.
The Panda Experiment - evolution of DevOps culture at HolidayCheckŁukasz Przybył
I was hired for a position called "DevOps Engineer". Over the years I tried to prove that DevOps is a culture, not person in product team. Few months ago we started an experiment and detached all DevOps Engineers from their teams to form a group of floating consultants. In this talk I would like to share with you why we wanted to change, what we have changed and how it turned out.
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
Security is in crisis and it needs a new way to move forward. This talk from Nov 2018, Houston ISSA meeting discusses the tooling needed to rise to the demands of devops and devsecops.
Title: Moving the GitOps ecosystem ever forward
Check the new developments and contributions to GitOps and Agile frameworks.
Come and meet the latest tools in our push forward: Istio, Tekton, Knative and Quarkus.
A talk to introduce Singularity Registry HPC, which allows you to install Singularity, Podman, or Docker containers (and others) as modules on an HPC system (e.g., LMOD or environment modules). Presented 2021.
A session in the DevNet Zone at Cisco Live, Berlin. At the moment, this is the DoE: DevOps of Everything. DevOps is about culture first but many people take shortcuts to tools and workflow. They forgot the essence of DevOps which is about people and not only from Dev to Ops. In this session, we will show you how we are currently building a DevOps culture with a focus on continuous improvement.
What is a DevOps Feedback Loop?
What is a DevOps insanity loop?
How does Enterprise Agile and Enterprise DevOps sync fast moving projects and slow traveling feedback?
How to address the culture, quality, scale, sustainability and security in Enterprise DevOps.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The DevSecOps Builder’s Guide to the CI/CD PipelineJames Wickett
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at LASCON 2018, in Austin, TX.
Containers, Serverless, Polyglot Development World, And Others…10 trends resh...PROIDEA
During this presentation, you will learn about the 10 changes that might reshape the developer tools market in the next 10 years. Jarek will discuss containers, serverless functions, and how it all supports an agile and CI/CD experience. The move to a polyglot development world means most applications will be written in a mix of languages, with developers favoring tools that help them navigate easily between languages. Jarek will also walk us through the evolution away from stand-alone developer workstations toward cloud-and-container based development environments offered as a service.
Enhancing Software Engineering Practices at Our Startup.pptxmuktar42
when I assumed the position of Director of Software Engineering at one of my previous early-stage startups, I swiftly recognized opportunities for enhancement. Reflecting on the initial presentation I delivered to the team, I find it holds significant value for startups in similar stages. In this reflective piece, I aim to revisit the insights shared during that pivotal moment, offering valuable lessons for budding startups.
De facto DevOps, de facto Agile. Today DevOps is the Manufacturing Revolution of Our Age. There is no escape for us. When got a DevOps, you got a DevOps.
DevOps simply is the combination of cultural philosophies,practices,and tools that increase an organization’s ability to deliver applications and services at high velocity : evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.
Achieving Technical Excellence in Your Software Teams - from Devternity Peter Gfader
Our industry has a problem: We are not lacking software methodologies, programming languages, tools or frameworks but we need great software engineers.
Great software engineer teams build quality-in and deliver great software on a regular basis. The technical excellence of those engineers will help you escape the "Waterfall sandwich" and make your organization a little more agile, from the inception of an idea till they go live.
I will talk about my experiences from the last 15 years, including small software delivery teams until big financial institutions.
Why would a company like to be "agile"?
How can a company achieve that?
How can you achieve Technical Excellence in your software teams?
What developer skills are more important than languages, methods or frameworks?
This will be an interactive session with a Q&A at the end.
The Panda Experiment - evolution of DevOps culture at HolidayCheckŁukasz Przybył
I was hired for a position called "DevOps Engineer". Over the years I tried to prove that DevOps is a culture, not person in product team. Few months ago we started an experiment and detached all DevOps Engineers from their teams to form a group of floating consultants. In this talk I would like to share with you why we wanted to change, what we have changed and how it turned out.
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
Security is in crisis and it needs a new way to move forward. This talk from Nov 2018, Houston ISSA meeting discusses the tooling needed to rise to the demands of devops and devsecops.
Title: Moving the GitOps ecosystem ever forward
Check the new developments and contributions to GitOps and Agile frameworks.
Come and meet the latest tools in our push forward: Istio, Tekton, Knative and Quarkus.
A talk to introduce Singularity Registry HPC, which allows you to install Singularity, Podman, or Docker containers (and others) as modules on an HPC system (e.g., LMOD or environment modules). Presented 2021.
A session in the DevNet Zone at Cisco Live, Berlin. At the moment, this is the DoE: DevOps of Everything. DevOps is about culture first but many people take shortcuts to tools and workflow. They forgot the essence of DevOps which is about people and not only from Dev to Ops. In this session, we will show you how we are currently building a DevOps culture with a focus on continuous improvement.
What is a DevOps Feedback Loop?
What is a DevOps insanity loop?
How does Enterprise Agile and Enterprise DevOps sync fast moving projects and slow traveling feedback?
How to address the culture, quality, scale, sustainability and security in Enterprise DevOps.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
2. Who am I?
Krisztian Papp
Email: krisztian@letscode.hu
Twitter: @tacsiazuma
Podcast speaker / Software dev / Blogger
Screencast creator: https://app.letscode.hu
Private pilot
@Cloudera
3. Rural development
“What is a countryside?”
“How can you differentiate it from the city?”
“What is a city?”
4. What is DevOps?
- Product?
- Toolchain?
- Job title?
- Containers?
- Kubernetes?
- CI/CD?
- Goal?
7. Back to the origins
Source: https://ew.com/article/2015/07/02/back-to-the-future-anniversary-reviews/
8. PDD (punch card driven development)
Source: https://www.bcs.org/articles-opinion-and-research/what-were-punch-cards-and-how-did-they-change-business/
- Write code by hand
- Hand it over
- Receive the punched
cards
- Hand it to ops
- Receive output
9. PDD (punch card driven development)
- Development is slow
- Debugging is hard
- Logs do not exists (the OS uses all the HDD)
- The speed is restricted by the mainframe
10. Samba driven development (PHP)
- No version control
- The network share is slow
- People stepping on each other
- Debugging is hard
- Logs exists but might be inaccessible
- Developing on prod
12. Modern punch card (banks)
- No environment to run
- Handmade package
- Merge hell
- Compiled by hand
- Deployment_instructions.docx
- No fast feedback
16. How did we reach this?
Source: https://www.gisreportsonline.com/r/french-bureaucracy/
17. Adding some agile to the mix
- Small iterations
- No merge hell
- Possible to release often
- Approval chain
- Release is still a literal event
18. How can we match up
the speed?
- Product?
- Toolchain?
- Job title?
- Containers?
- Kubernetes?
- CI/CD?
19. A story of poorly implemented “devops”
- Terraform
- Kubernetes
- IaaC
- Missing and/or outdated documentation
- No self-service
- 2 weeks to get a slack response from the SRE
20. What is DevOps?
- Product?
- Toolchain?
- Job title?
- Containers?
- Kubernetes?
- CI/CD?
- Goal?
21. DevOps is ...
- A mindset
- A shared attitude
- A way to confidently develop software
- A culture to be nurtured and improved
- Collaborative
- Iterative
- Learning
- Mentoring
- …and so much more
Agrár szak
Vidékfejlesztés, heti 4 óra tömbösítve
Mi az a vidék?
Ugyanez a kérdés az év végéig, de senki se tudja igazán
hogy kapcsolódik ez a vidék dolog ide
A devops fogalmával hasonló a helyzet
Product - azure devops?
Toolchain - verziókövetés, monitoring, stb?
Devops engineer?
Konténerek, az olyan menő
K8s az még menőbb
ci/cd ez már biztos az lesz, megnyomoma gombot és kint van prodon
A devops lenne a cél?
Ha csak a szóösszetételt nézzük, akkor ez a két fél van a játékban, de igazából nem igaz
A fejlesztő fejleszteni akar, hiszen az viszi előre a céget
A tesztelő tesztelni az új dolgokat, hiszen az adja a munkáját
Az üzemeltetés pedig nyugodtan aludni
Na de menjünk kicsit vissza az időben és nézzük meg, hogy is ment ez régebben
Hogy nézett ki a devops akkoriban?
A lyukkártya pakli első kártyáján volt név, cim, telefonszám, hogy tudják kihez tartozik az adott job.
A lyukkártyákat, amikor beütötted, akkor a tetejére gépelte a szöveges formáját, ez segitette a fejlesztöt, hogy időben észrevegye, ha valami nem stimmel.
Sorszámot is tudtak gépelni rá, hogyha véletlen valaki leejti, akkor könnyen sorba tudja rendezni, hisz lehet ez nem a fejlesztője volt és még ő se tudná a sorrendet. Sőt, volt olyan gép, ami a sorszám alapján sorbarendezte, csak piszok drága volt.
A kártyák egyik sarkán volt egy kis lecsipés, ami megakadályozta, hogy forditva kerüljön be a gépbe, és aztán mindenféle huncutságot okozzon
Nincs version control, vagy ha van a samba miatt bitang lassú, ftp se a legkényelmesebb, de ami ott van, az ott van
Menjünk egy kicsit előre az időben
Megirod a kódot egy olyan helyen, aminek köze sincs az éleshez, nem is tudod elindítani sok esetben.
Kézzel gyártott archivum, van hogy speciális IDE plugin kell hozzá fix IDE verzióval
Ha többen dolgoznak, akkor hosszas feature branchek, már ha vannak branchek
Kézzel van lefordítva, ez is lehet nem is portolható máshova, vagy ha igen nincs doksi hogy kell, lassú onboarding
Deployhoz instrukciók leírva
Ops megkapja, szombat hajnalkor elpattan
Ha valamit elszúrtál fél éve, akkor a release napján kapd elő a fejedből, mert fixálni kéne
Kezdetben nem volt ellenségeskedés és bürokrácia az ops és dev team közt
A gond az, hogy az ownership a fejlesztőknél sokszor már ott megszűnik, hogy becommitolta a kódot.
Valami kijut az élesre és ott nem jó, akkor megy az ujjal mutogatás
Erre értelemszerűen az ops bevédi magát, hogy oké, csak akkor mehet ki, ha QA letesztelte a stagen
QA signoff
Dev team: jaj, hotfix, gyors hadd menjen ki, QA nem tudta még tesztelni, lécci
Bumm, eltörik élesen
OPS bedurvul
Egyre több approval kell hogy kimenjen valami
Hiába van valami készen, várni kell, hogy kijusson
Apró iterációk
Rövid életű branchek
Kevesebb merge hell, ha van egyáltalán
Sűrűn van lehetőség releaselni
Ki kell várni az approveokat, le kell szervezni a release meetinget, kiválasztani a dátumot, behivni rá a fejeseket, stb
Hogyan lehetne a két csapat sebességét egy szintre hozni?
Sokan esküsznek mindenféle eszközre, de azok nem fogják megoldani a gondokat.
Az, hogy majd felveszünk egy embert, aki hídként szolgál az ops és a dev csapat között egy téveszme
A konténerizéció, kubernetes csak egy eszköz, ami persze segít majd az út során, de nem megoldás
CI/CD, jól hangzik, de ez sem fogja megoldani a gondot, kitoljuk élesre és majd lesz valami?
Adott egy projekt, át kell migrálni egyik infráról, amit eddig mi menedzseltünk egy másikra
Minden buzzword adott, terraform, kubernetes, infra as a code
A gond csak az volt, hogy hiányos, régi doksikon át kellett ezt megtenni
Semmi self service, mindent be kell hányni nekünk a repoba, amivel nem is lenne baj
Csak semmi guidance, hogy is kellene eligazodni a dolgokon és 2 hét mire slacken válaszol az SRE… egy senior director kérdésére.
Először is ez egy mindset, amit valahogy magunkénak kell tudni
De nem csak megunknak, hanem másoknak is, ugyanis ebben mindenki benne van, nem csak a devops engineer, ahogy szokták mondani
A cél az, hogy úgy tudjunk szoftvert fejleszteni, szállitani, hogy nem ütközünk lépten nyomon akadályokba
Ahogy az előadás címe is mondja, ez egy kultúra, kultúrális változást igényel, ami baromi nehéz és sokáig tart
Ahogy mondtam, ebben együtt vagyunk benne, össze kell dolgozni a dev és ops teamnek is benne
Iterativ, mivel nem fog elsőre sikerülni, sőt másodjára sem, mivel mindig van hova fejlődni
Tanulni kell hozzá, a dev csapatnak egy kicsit az opstól, az opsnak pedig a devtől, mert van átfedés, hogy jobban megértsék egymást. Legjobb ha céges szinten megy, meetupok, brown bagek, stb.
És segíteni is kell hozzá egymásnak, csapaton belül vagy azok közt
Rengeteg mindent lehetne még hozzátenni, hogy mi az és mi nem az, vagy épp mi a rossz gyakorlat, de nem férne bele az időnkbe…
Itt van három ajánlott irodalom azoknak, akiket érdekel a téma
A devops handbook az ilyen case study gyűjtemény, különböző cégektől
A Continous delivery kicsit régebbi, de nagyon sok koncepciót szült amiket ma a devops szó mögé sorakoztatnak fel
Az SRE könyv az a google saját kis sztorijait tartalmazza, hogy mentek félre dolgok, hogy fixálták meg azokat, hogy zajlott a root cause analysis és ilyenek