The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
VSHNs public employee handbook.vshn.ch is created and published using GitLab and GitLab pipelines. In this talk, Aarno will show you the process from Asciidoc sources in the Git repo all the way to being deployed on APPUiO.ch Kubernetes.
In diesem Meetup möchten wir über Service Meshes sprechen. Was ist ein Service Mesh genau und wie funktioniert es? Wir klären euch auf!
Wir starten den Abend mit einem Beispiel-Anwendung an der wir euch zeigen wie man Retry-, Timeout-Management sowie Circuit Breaker als Code implementiert um eine widerstandsfähige und belastbare Microservice zu erhalten. Des Weiteren zeigen wir auch die Implementierung von mutual TLS mit der eine sichere Kommunikation gewährleistet ist.
Im Anschluss schauen wir uns nach einer Einleitung zu den Grundlagen von Service Meshes an wie man mit Hilfe von Istio die oben beschriebenen Funktionen abstrahieren und vom Code in die Infrastruktur verlagern kann. Abschließen geben wir einen Ausblick auf weitere Funktionen von Istio wie A/B testing und Fault Injection.
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl
Whether you want to get started with Governance or improve your current process, this talk will show you how to improve your compliance by implementing policy-based CI/CD (Continuous Integration / Continuous Delivery) with GitLab CI and Open Policy Agent.
Philippe and Nico will tell you all the details about Open Policy Agent and how you can easily integrate it into your existing CI/CD pipelines. Join our session to learn how to improve compliance, from gating your dependencies to controlling your infrastructure.
Is your kubernetes negative or positive LibbySchulze
This document summarizes an on-demand webinar about Kubescape, an open-source tool for testing Kubernetes security and compliance. It discusses how Kubescape allows scanning a Kubernetes cluster or configuration files against multiple frameworks with a single click. The webinar demonstrates running an initial scan in under 3 minutes, analyzing results, and integrating Kubescape into CI/CD pipelines and clusters. It also introduces the ARMO platform for securing the full Kubernetes development lifecycle.
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Red Hat Developers
When you hear the term "MBaaS," or "Red Hat Mobile," there is usually a lot of discussion about powerful scaling, back-end integrations, hosting options, containerization, etc. However, we can't forget what that "M" stands for, and why the platforms exist in the first place, which is to develop and deliver top-notch mobile applications to your users. In this session, we'll review what makes all of this possible—client SDKs, hybrid solutions like Cordova, and Xamarin, and our own Build Farm and Unified Push server. Not stopping there, our AppForms support makes it a snap to tie in back-end systems all the way to your app. And this is all backed by various templates, guides, and new open source resources that will help you get started and join the fun.
1. The document discusses secrets management in automation workflows and how Rundeck solutions can help with key storage and integration with secrets providers.
2. It describes how Rundeck provides built-in key storage and plugins that allow integration with popular secrets managers to securely provision, access, and revoke secrets in automation jobs and workflows.
3. The presentation includes a demo of configuring secrets in Rundeck jobs using both the built-in key storage and an integration with Thycotic secrets manager.
NGINX Controller: Configuration, Management, and Troubleshooting at Scale NGINX, Inc.
Speakers:
Alan Murphy, Regional Solution Architect for APAC NGINX, Inc.
Karthik Krishnaswamy, Senior Product Marketing Manager at NGINX, Inc.
About the webinar
Deploying and managing applications at scale always presents challenges. Infrastructure has to be configured and provisioned quickly across multiple public and private clouds. There’s ever-increasing pressure to maintain reliability, performance, and availability of business applications across this disparate infrastructure. Easy workflows for infrastructure and DevOps, as well as self-service management capabilities for developers, are needed to accelerate application deployment. The result? Enterprises are able to innovate and bring apps to market faster.
That’s where NGINX Controller comes in. Controller helps users manage multiple NGINX instances at scale with centralized configuration, monitoring, alerting, and troubleshooting.
The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
VSHNs public employee handbook.vshn.ch is created and published using GitLab and GitLab pipelines. In this talk, Aarno will show you the process from Asciidoc sources in the Git repo all the way to being deployed on APPUiO.ch Kubernetes.
In diesem Meetup möchten wir über Service Meshes sprechen. Was ist ein Service Mesh genau und wie funktioniert es? Wir klären euch auf!
Wir starten den Abend mit einem Beispiel-Anwendung an der wir euch zeigen wie man Retry-, Timeout-Management sowie Circuit Breaker als Code implementiert um eine widerstandsfähige und belastbare Microservice zu erhalten. Des Weiteren zeigen wir auch die Implementierung von mutual TLS mit der eine sichere Kommunikation gewährleistet ist.
Im Anschluss schauen wir uns nach einer Einleitung zu den Grundlagen von Service Meshes an wie man mit Hilfe von Istio die oben beschriebenen Funktionen abstrahieren und vom Code in die Infrastruktur verlagern kann. Abschließen geben wir einen Ausblick auf weitere Funktionen von Istio wie A/B testing und Fault Injection.
GitLab Commit: Enhance your Compliance with Policy-Based CI/CDNico Meisenzahl
Whether you want to get started with Governance or improve your current process, this talk will show you how to improve your compliance by implementing policy-based CI/CD (Continuous Integration / Continuous Delivery) with GitLab CI and Open Policy Agent.
Philippe and Nico will tell you all the details about Open Policy Agent and how you can easily integrate it into your existing CI/CD pipelines. Join our session to learn how to improve compliance, from gating your dependencies to controlling your infrastructure.
Is your kubernetes negative or positive LibbySchulze
This document summarizes an on-demand webinar about Kubescape, an open-source tool for testing Kubernetes security and compliance. It discusses how Kubescape allows scanning a Kubernetes cluster or configuration files against multiple frameworks with a single click. The webinar demonstrates running an initial scan in under 3 minutes, analyzing results, and integrating Kubescape into CI/CD pipelines and clusters. It also introduces the ARMO platform for securing the full Kubernetes development lifecycle.
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Red Hat Developers
When you hear the term "MBaaS," or "Red Hat Mobile," there is usually a lot of discussion about powerful scaling, back-end integrations, hosting options, containerization, etc. However, we can't forget what that "M" stands for, and why the platforms exist in the first place, which is to develop and deliver top-notch mobile applications to your users. In this session, we'll review what makes all of this possible—client SDKs, hybrid solutions like Cordova, and Xamarin, and our own Build Farm and Unified Push server. Not stopping there, our AppForms support makes it a snap to tie in back-end systems all the way to your app. And this is all backed by various templates, guides, and new open source resources that will help you get started and join the fun.
1. The document discusses secrets management in automation workflows and how Rundeck solutions can help with key storage and integration with secrets providers.
2. It describes how Rundeck provides built-in key storage and plugins that allow integration with popular secrets managers to securely provision, access, and revoke secrets in automation jobs and workflows.
3. The presentation includes a demo of configuring secrets in Rundeck jobs using both the built-in key storage and an integration with Thycotic secrets manager.
NGINX Controller: Configuration, Management, and Troubleshooting at Scale NGINX, Inc.
Speakers:
Alan Murphy, Regional Solution Architect for APAC NGINX, Inc.
Karthik Krishnaswamy, Senior Product Marketing Manager at NGINX, Inc.
About the webinar
Deploying and managing applications at scale always presents challenges. Infrastructure has to be configured and provisioned quickly across multiple public and private clouds. There’s ever-increasing pressure to maintain reliability, performance, and availability of business applications across this disparate infrastructure. Easy workflows for infrastructure and DevOps, as well as self-service management capabilities for developers, are needed to accelerate application deployment. The result? Enterprises are able to innovate and bring apps to market faster.
That’s where NGINX Controller comes in. Controller helps users manage multiple NGINX instances at scale with centralized configuration, monitoring, alerting, and troubleshooting.
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...Nico Meisenzahl
Cloud native environments are a double edged sword - used right, the benefits are immense. However, it also introduces multiple entry points for example security breaches.
In this session, Nico will show how application vulnerabilities make it easy to hijack a Kubernetes cluster. He will also talk about why it's important to implement zero-trust to prevent data leaks and malicious workloads from being executed on a hijacked cluster.
In addition, you will learn how GitLab can protect you from being hijacked. Nico will talk about how to create more secure applications by using Static Application Security Testing (SAST) as well as how to secure your Kubernetes cluster with Container Host Security, Container Network Security or a Web Application Firewall.
Deep Visibility: Logging From Distributed MicroservicesAaronLieberman5
Visibility into any system is a key component of creating a supportable platform. Without proper logging, support can be costly and inefficient. With the emergence of APIs, microservices, and distributed, decoupled architectures, logging becomes even more important because there are more components that make up a system than ever before. This is beneficial from the standpoint of creating reliable systems, but logging frameworks need to adapt to this architecture because the premise of logging remains the same as it always has: log clear messages that are easy to read with the goal of enhancing visibility into a system.
In this Meetup hosted by Big Compass, we will explore techniques of logging from the typical iPaas or always-on managed system like a custom application on an EC2, and we will balance that with a discussion on logging from serverless microservices such as AWS Lambda also. We’ll walk through a real system we have created and discuss how a logging framework can be created using AWS serverless services to enhance the visibility and supportability of the system.
You will learn:
• Common best practices and blind spots of logging
• Differences of logging from always-on systems versus serverless services (AWS Lambda)
• Successful use cases where logging has been implemented to improve supportability of a system
Who should attend:
• IT leaders who want to decrease support cost and have a system visibility pain point
• Developers struggling with implementing a robust, highly visible logging solution
• Anyone considering using serverless technology for an upcoming implementation
Reasons to attend:
• Create a logging framework that garners deep visibility and a great experience for users, no matter the underlying architecture
This document provides instructions for setting up an NIG project from an SVN repository in Rational Software Architect. The steps include installing prerequisite plugins, checking out the main "nig" project and its subprojects from the SVN URL, importing the subprojects into the workspace, running a Maven build on the main project, adding the EAR project to WebSphere Application Server, and starting the server to deploy the application.
Deploying Anything as a Service (XaaS) Using Operators on KubernetesAll Things Open
This document discusses deploying software-as-a-service (XaaS) applications using operators on Kubernetes. It defines operators as collections of custom resource definitions and controllers that manage the lifecycle of those resources. Operators can deploy applications and dependencies within or outside the Kubernetes cluster. The document provides examples of when to use operators for internal resources like databases, as well as managed cloud services. It also discusses where to find operators and how to deploy common ones like Elasticsearch, AWS services, and Kafka.
Microservice API Gateways with NGINX
Slides from talk given on Tuesday August 2nd, 2017 at the Denver Open Source Users Group (DOSUG).
(NGINX is pronounced "engine x".)
Microservices are a popular architectural solution. Clients of microservices may experience some difficulty keeping track of the various instances and endpoints they have to call. An API gateway can help manage large numbers of microservices and hide the infrastructure complexity from your clients. We will review a microservice architecture before and after the addition of an API gateway.
An API gateway is a reverse proxy. A reverse proxy handles incoming requests from clients and calls a service to get the data to satisfy that request. The reverse proxy returns that data to the client. Many developers write these proxies by hand in custom code, not realizing there better solutions available. We will mention a number of popular solutions, some open source and some cloud-based services. For this talk, we will focus on NGINX, a popular open source reverse proxy and API Gateway. (NGINX also sells an enterprise offering, NGINX Plus, but this talk will only cover the features available in the open-source version.)
We will show how to set up NGINX as an API Gateway. We will dive into the configuration and operation of NGINX.
This document discusses continuous integration and deployment practices. It begins by asking questions about the topics and then provides explanations and examples. The key points discussed are:
- Connecting business to operations through automation.
- The roles of development, QA, and operations in automation.
- Best practices for automation including unit testing, integration testing, and continuous integration/deployment.
- A case study that automated deployment, testing, and continuous integration using tools like Hudson, Maven, and a private cloud.
In this iteration of Cloud Meetup, Our speakers will show you how it is possible to combine the planning, development and deployment of applications with a good “layering” of security, and, therefore, they will give you some important key points which you have to bring away to have an efficient and reliable development & deployment process, without limiting your security.
DevOps and Security are the current topics on the internet, due to their huge impact on productivity and service provisioning. A lot of cases are registered, in Asia as in the rest of the world, and according to the experts, a secure way to plan and develop the application starts from the beginning of the projects / products, and cannot be applied later or on-going.
Nicolas dive deep into DevSecOps with Azure & Migration with EF6. Security has always been a topic to address in the application that we are building, let’s discover together how to enhance your current DevOps processes and how Security can add an important value to your project.
Webinar: Introduction to CloudBees Jenkins PlatformKiratech
Kiratech is an Italian company that guides companies in choosing the best DevOps methodologies such as DevOps, automation, containers, CI/CD, cloud infrastructure, and security. They are hiring for a DevOps Engineer position and their CTO, Marco Bizzantino, will be speaking at several upcoming conferences and workshops on Docker. CloudBees offers the CloudBees Jenkins Enterprise platform for managing Jenkins installations, which provides features like fault tolerance, elastic agents, security, and support.
Introducing ASP.NET vNext – The Future of .NET on the Server | FalafelCON 2014FalafelSoftware
In this session, ASP.NET MVP Jeff Fritz will introduce you to the next version of ASP.NET. He will show you how Microsoft is decoupling ASP.NET, making it easier to build modular applications. We’ll see how the world of NuGet and lightweight VMs enable you to build faster and simpler web applications. This session will change the way you look at ASP.NET, and you’ll be ready for the next generation of web development, today.
Slides from my presentation on microservices, spring cloud oss, service registry, zuul, hystrix. We also discuss various flavours of service registry for instance when zookeeper, eureka, consul. Then we took a first look on zuul and its key components, hystrix, hystrix dashboard, all accompanied with a demo hosted on github.
eigr.io – a Serverless Runtime on the BEAM (ACM SIGPLAN, ICFP 2021 Erlang Wor...MarcelLanz
Serverless runtimes are often hidden in a cloud providers offering and exposed solely by their programming API and deployment procedures. In this talk, we’ll explore an open-source Serverless runtime built for the cloud and on-premises, running on the BEAM with a polyglot programming model to build general purpose applications.
Building general purpose applications using multiple languages and having a story how to handle state was our main motivation to explore the space of a Serverless runtime to be built. We think the BEAM, OTP and Elixir/Erlang are a perfect match to build on.
With this talk, we combine herein the world of the BEAM with cloud technology like a gRPC-based protocol, Kubernetes and a polyglot programming model with languages supported like Go, JavaScript, JVM-languages, Python and many more.
https://icfp21.sigplan.org/details/erlang-2021-papers/13/Lightning-Talk-eigr-io-A-Serverless-Runtime-on-the-BEAM
Taming the DevOps unicorn with Azure and Visual Studio Team ServicesKarl Ots
Hands-on DevOps practices in the enterprises are as rare as unicorns in your local grocery store. In this session, we will get past the shiny outside and get to the actual technical details through some slides and demos.
Presentation given at TugaIT 2017 in Lisbon, Portugal.
http://tugait.pt/2017/sessions/taming-the-devops-unicorn-with-azure-and-visual-studio-team-services/
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...Icinga
Talk by Marco Bizzantino:
In my talk I will demonstrate how monitoring works with the DevOps approach. Within an organisation, different people with different roles need to have a complete view over the whole infrastructure. One of the greatest benefits of Icinga is its ability to integrate with various tools and modules to satisfy the company’s requests. An example is OpenShift monitoring. I will point out the most important parts of monitoring OpenShift infrastructure while maintaining it’s complexity. In my approach I will show how we combine Icinga, Prometheus, Grafana and Elasticsearch for an overall OpenShift monitoring solution. Additional examples will show the benefits of using Icinga’s Business Process modelling to add more value to the result.
This document discusses how an insurance company started using Go for various projects including a RichClient distribution system, business event monitoring, and an OCR solution. It describes some initial problems like network issues and slow performance that led them to use Go. It provides details on projects like a SOAP caller, indexing server, and client starter that were developed in Go to help distribute Java applications, monitor events, and index/distribute files. The document discusses benefits of Go like stability, easy deployment, and a nice development environment for solving their infrastructure problems compared to other options like Java.
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)Red Hat Developers
Red Hat JBoss Fuse integration services delivers cloud-based integration based on OpenShift by Red Hat to deliver continuous delivery of tested, production-ready integration solutions. Utilizing a drag and drop, code-free UI and combining that with the integration power of Apache Camel, Fuse integration services is the next generation iPaaS. In this session, we'll walk you through why iPaaS is important, the current Fuse integration services roadmap, and the innovation happening in open source community projects to make this a reality.
Thomson Reuters, TMS: Workflow in GitLabMatan Keidar
The document describes Thomson Reuters' use of GitLab for software development workflows. Some key features of GitLab used include issue tracking, merge requests, code reviews, continuous integration via Jenkins, and Slack integration. The typical life cycle of a feature involves a developer pulling an issue, creating a merge request with code changes, undergoing code review and testing, and merging into the master branch if approved. This process aims to prevent bugs and encourage knowledge sharing while keeping the team aware of the project status.
Creating a commercial PaaS offer based on Fiware Giovanni Coppa
This document discusses a cooperative project between Netzlink Informationstechnik GmbH and the FIWARE Foundation to improve Netzlink's FIWARE workflow. Currently, deploying FIWARE takes about one workday. The project aims to build a Platform as a Service (PaaS) on OpenShift to provide a "1-click" deployment of FIWARE components in minutes. It will include an easy to use marketplace, deployment of General Enablers as Docker containers, and a "pizza team" approach using agile methodology. The outlook describes plans to create a Netzlink Github and professional PaaS offerings by June 2018 to help migration, new applications, and DevOps skills transformation.
About the webinar
The use of an API gateway and the move to microservices are two of the most important trends in application development. But are they similar, or different; complementary, or contradictory? In this webinar, we discuss the advantages of an API gateway, the advantages of microservices development, and how and when they can work together.
The NGINX Microservices Reference Architecture (MRA) uses three different network architectures, with service mesh as a fourth. We describe how an API gateway relates to each of these network architectures and how to reduce rework if your application needs to evolve from one architecture to another.
Speakers:
Charles Pretzer, Technical Architect, NGINX, Inc.
Floyd Smith, Director of Content Marketing, NGINX, Inc.
In this iteration of iOS Meetup, The experts from Seven Peaks Software will walk you through on the Swift programming language, Giving you the latest tips and tricks for you to be success on the iOS development
Rupendra opened up the meetup with Concurrency in Swift. Concurrency allows programs to deal with multiple tasks at once. But writing a concurrent program is not as easy as it seems. Dealing with threads and locks can be quite cumbersome, making concurrent programs difficult to write. His Topic will focus on making it straightforward and understandable so that anyone who is an intermediate to advanced Swift developer can apply these concepts to their projects.
OSMC 2017 | Current State of Icinga by Erk BerndNETWAYS
- The document provides an introduction and overview of the current state of Icinga, including information about its community and products.
- Key updates and features discussed include Icinga Web 2.5, plugins for Icinga 2.8, automation through APIs and configuration management tools, and integrations for logging to Elasticsearch and shipping metrics to Graphite.
- The roadmap discusses plans for an Icinga DB and reporting in 2018, as well as packaging Icinga components together in an Icinga Stack for easy installation and support.
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
This document discusses security in DevOps (DevSecOps). It describes how DevSecOps automates security measures like code scanning, dependency management and container scanning into the development pipeline. It also discusses how DevSecOps standardizes infrastructure components, implements security controls once across environments for efficiency, and prevents configuration drift and manual errors through immutable infrastructure and deployment automation. Finally, it explains how DevSecOps improves IT governance through these methods.
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
The document discusses DevSecOps, which aims to automate security practices like testing and monitoring into the development lifecycle. It advocates integrating security practices like static code analysis, dependency management, and container scanning into the build process. For testing, it recommends smoke tests and restricting access to test environments. In deployment, it suggests automating atomic container deployments to remove the need for developer access to production. For operations, it outlines security practices like isolating containers, documenting infrastructure, and preventing configuration drift between environments. The goal is to implement security controls through automation and standardization rather than manual reviews.
GitLab Commit DevOps: How GitLab Can Save your Kubernetes environment from Be...Nico Meisenzahl
Cloud native environments are a double edged sword - used right, the benefits are immense. However, it also introduces multiple entry points for example security breaches.
In this session, Nico will show how application vulnerabilities make it easy to hijack a Kubernetes cluster. He will also talk about why it's important to implement zero-trust to prevent data leaks and malicious workloads from being executed on a hijacked cluster.
In addition, you will learn how GitLab can protect you from being hijacked. Nico will talk about how to create more secure applications by using Static Application Security Testing (SAST) as well as how to secure your Kubernetes cluster with Container Host Security, Container Network Security or a Web Application Firewall.
Deep Visibility: Logging From Distributed MicroservicesAaronLieberman5
Visibility into any system is a key component of creating a supportable platform. Without proper logging, support can be costly and inefficient. With the emergence of APIs, microservices, and distributed, decoupled architectures, logging becomes even more important because there are more components that make up a system than ever before. This is beneficial from the standpoint of creating reliable systems, but logging frameworks need to adapt to this architecture because the premise of logging remains the same as it always has: log clear messages that are easy to read with the goal of enhancing visibility into a system.
In this Meetup hosted by Big Compass, we will explore techniques of logging from the typical iPaas or always-on managed system like a custom application on an EC2, and we will balance that with a discussion on logging from serverless microservices such as AWS Lambda also. We’ll walk through a real system we have created and discuss how a logging framework can be created using AWS serverless services to enhance the visibility and supportability of the system.
You will learn:
• Common best practices and blind spots of logging
• Differences of logging from always-on systems versus serverless services (AWS Lambda)
• Successful use cases where logging has been implemented to improve supportability of a system
Who should attend:
• IT leaders who want to decrease support cost and have a system visibility pain point
• Developers struggling with implementing a robust, highly visible logging solution
• Anyone considering using serverless technology for an upcoming implementation
Reasons to attend:
• Create a logging framework that garners deep visibility and a great experience for users, no matter the underlying architecture
This document provides instructions for setting up an NIG project from an SVN repository in Rational Software Architect. The steps include installing prerequisite plugins, checking out the main "nig" project and its subprojects from the SVN URL, importing the subprojects into the workspace, running a Maven build on the main project, adding the EAR project to WebSphere Application Server, and starting the server to deploy the application.
Deploying Anything as a Service (XaaS) Using Operators on KubernetesAll Things Open
This document discusses deploying software-as-a-service (XaaS) applications using operators on Kubernetes. It defines operators as collections of custom resource definitions and controllers that manage the lifecycle of those resources. Operators can deploy applications and dependencies within or outside the Kubernetes cluster. The document provides examples of when to use operators for internal resources like databases, as well as managed cloud services. It also discusses where to find operators and how to deploy common ones like Elasticsearch, AWS services, and Kafka.
Microservice API Gateways with NGINX
Slides from talk given on Tuesday August 2nd, 2017 at the Denver Open Source Users Group (DOSUG).
(NGINX is pronounced "engine x".)
Microservices are a popular architectural solution. Clients of microservices may experience some difficulty keeping track of the various instances and endpoints they have to call. An API gateway can help manage large numbers of microservices and hide the infrastructure complexity from your clients. We will review a microservice architecture before and after the addition of an API gateway.
An API gateway is a reverse proxy. A reverse proxy handles incoming requests from clients and calls a service to get the data to satisfy that request. The reverse proxy returns that data to the client. Many developers write these proxies by hand in custom code, not realizing there better solutions available. We will mention a number of popular solutions, some open source and some cloud-based services. For this talk, we will focus on NGINX, a popular open source reverse proxy and API Gateway. (NGINX also sells an enterprise offering, NGINX Plus, but this talk will only cover the features available in the open-source version.)
We will show how to set up NGINX as an API Gateway. We will dive into the configuration and operation of NGINX.
This document discusses continuous integration and deployment practices. It begins by asking questions about the topics and then provides explanations and examples. The key points discussed are:
- Connecting business to operations through automation.
- The roles of development, QA, and operations in automation.
- Best practices for automation including unit testing, integration testing, and continuous integration/deployment.
- A case study that automated deployment, testing, and continuous integration using tools like Hudson, Maven, and a private cloud.
In this iteration of Cloud Meetup, Our speakers will show you how it is possible to combine the planning, development and deployment of applications with a good “layering” of security, and, therefore, they will give you some important key points which you have to bring away to have an efficient and reliable development & deployment process, without limiting your security.
DevOps and Security are the current topics on the internet, due to their huge impact on productivity and service provisioning. A lot of cases are registered, in Asia as in the rest of the world, and according to the experts, a secure way to plan and develop the application starts from the beginning of the projects / products, and cannot be applied later or on-going.
Nicolas dive deep into DevSecOps with Azure & Migration with EF6. Security has always been a topic to address in the application that we are building, let’s discover together how to enhance your current DevOps processes and how Security can add an important value to your project.
Webinar: Introduction to CloudBees Jenkins PlatformKiratech
Kiratech is an Italian company that guides companies in choosing the best DevOps methodologies such as DevOps, automation, containers, CI/CD, cloud infrastructure, and security. They are hiring for a DevOps Engineer position and their CTO, Marco Bizzantino, will be speaking at several upcoming conferences and workshops on Docker. CloudBees offers the CloudBees Jenkins Enterprise platform for managing Jenkins installations, which provides features like fault tolerance, elastic agents, security, and support.
Introducing ASP.NET vNext – The Future of .NET on the Server | FalafelCON 2014FalafelSoftware
In this session, ASP.NET MVP Jeff Fritz will introduce you to the next version of ASP.NET. He will show you how Microsoft is decoupling ASP.NET, making it easier to build modular applications. We’ll see how the world of NuGet and lightweight VMs enable you to build faster and simpler web applications. This session will change the way you look at ASP.NET, and you’ll be ready for the next generation of web development, today.
Slides from my presentation on microservices, spring cloud oss, service registry, zuul, hystrix. We also discuss various flavours of service registry for instance when zookeeper, eureka, consul. Then we took a first look on zuul and its key components, hystrix, hystrix dashboard, all accompanied with a demo hosted on github.
eigr.io – a Serverless Runtime on the BEAM (ACM SIGPLAN, ICFP 2021 Erlang Wor...MarcelLanz
Serverless runtimes are often hidden in a cloud providers offering and exposed solely by their programming API and deployment procedures. In this talk, we’ll explore an open-source Serverless runtime built for the cloud and on-premises, running on the BEAM with a polyglot programming model to build general purpose applications.
Building general purpose applications using multiple languages and having a story how to handle state was our main motivation to explore the space of a Serverless runtime to be built. We think the BEAM, OTP and Elixir/Erlang are a perfect match to build on.
With this talk, we combine herein the world of the BEAM with cloud technology like a gRPC-based protocol, Kubernetes and a polyglot programming model with languages supported like Go, JavaScript, JVM-languages, Python and many more.
https://icfp21.sigplan.org/details/erlang-2021-papers/13/Lightning-Talk-eigr-io-A-Serverless-Runtime-on-the-BEAM
Taming the DevOps unicorn with Azure and Visual Studio Team ServicesKarl Ots
Hands-on DevOps practices in the enterprises are as rare as unicorns in your local grocery store. In this session, we will get past the shiny outside and get to the actual technical details through some slides and demos.
Presentation given at TugaIT 2017 in Lisbon, Portugal.
http://tugait.pt/2017/sessions/taming-the-devops-unicorn-with-azure-and-visual-studio-team-services/
DevOps monitoring: Best Practices using OpenShift combined with Icinga & Big ...Icinga
Talk by Marco Bizzantino:
In my talk I will demonstrate how monitoring works with the DevOps approach. Within an organisation, different people with different roles need to have a complete view over the whole infrastructure. One of the greatest benefits of Icinga is its ability to integrate with various tools and modules to satisfy the company’s requests. An example is OpenShift monitoring. I will point out the most important parts of monitoring OpenShift infrastructure while maintaining it’s complexity. In my approach I will show how we combine Icinga, Prometheus, Grafana and Elasticsearch for an overall OpenShift monitoring solution. Additional examples will show the benefits of using Icinga’s Business Process modelling to add more value to the result.
This document discusses how an insurance company started using Go for various projects including a RichClient distribution system, business event monitoring, and an OCR solution. It describes some initial problems like network issues and slow performance that led them to use Go. It provides details on projects like a SOAP caller, indexing server, and client starter that were developed in Go to help distribute Java applications, monitor events, and index/distribute files. The document discusses benefits of Go like stability, easy deployment, and a nice development environment for solving their infrastructure problems compared to other options like Java.
IPaaS 2.0: Fuse Integration Services (Robert Davies & Keith Babo)Red Hat Developers
Red Hat JBoss Fuse integration services delivers cloud-based integration based on OpenShift by Red Hat to deliver continuous delivery of tested, production-ready integration solutions. Utilizing a drag and drop, code-free UI and combining that with the integration power of Apache Camel, Fuse integration services is the next generation iPaaS. In this session, we'll walk you through why iPaaS is important, the current Fuse integration services roadmap, and the innovation happening in open source community projects to make this a reality.
Thomson Reuters, TMS: Workflow in GitLabMatan Keidar
The document describes Thomson Reuters' use of GitLab for software development workflows. Some key features of GitLab used include issue tracking, merge requests, code reviews, continuous integration via Jenkins, and Slack integration. The typical life cycle of a feature involves a developer pulling an issue, creating a merge request with code changes, undergoing code review and testing, and merging into the master branch if approved. This process aims to prevent bugs and encourage knowledge sharing while keeping the team aware of the project status.
Creating a commercial PaaS offer based on Fiware Giovanni Coppa
This document discusses a cooperative project between Netzlink Informationstechnik GmbH and the FIWARE Foundation to improve Netzlink's FIWARE workflow. Currently, deploying FIWARE takes about one workday. The project aims to build a Platform as a Service (PaaS) on OpenShift to provide a "1-click" deployment of FIWARE components in minutes. It will include an easy to use marketplace, deployment of General Enablers as Docker containers, and a "pizza team" approach using agile methodology. The outlook describes plans to create a Netzlink Github and professional PaaS offerings by June 2018 to help migration, new applications, and DevOps skills transformation.
About the webinar
The use of an API gateway and the move to microservices are two of the most important trends in application development. But are they similar, or different; complementary, or contradictory? In this webinar, we discuss the advantages of an API gateway, the advantages of microservices development, and how and when they can work together.
The NGINX Microservices Reference Architecture (MRA) uses three different network architectures, with service mesh as a fourth. We describe how an API gateway relates to each of these network architectures and how to reduce rework if your application needs to evolve from one architecture to another.
Speakers:
Charles Pretzer, Technical Architect, NGINX, Inc.
Floyd Smith, Director of Content Marketing, NGINX, Inc.
In this iteration of iOS Meetup, The experts from Seven Peaks Software will walk you through on the Swift programming language, Giving you the latest tips and tricks for you to be success on the iOS development
Rupendra opened up the meetup with Concurrency in Swift. Concurrency allows programs to deal with multiple tasks at once. But writing a concurrent program is not as easy as it seems. Dealing with threads and locks can be quite cumbersome, making concurrent programs difficult to write. His Topic will focus on making it straightforward and understandable so that anyone who is an intermediate to advanced Swift developer can apply these concepts to their projects.
OSMC 2017 | Current State of Icinga by Erk BerndNETWAYS
- The document provides an introduction and overview of the current state of Icinga, including information about its community and products.
- Key updates and features discussed include Icinga Web 2.5, plugins for Icinga 2.8, automation through APIs and configuration management tools, and integrations for logging to Elasticsearch and shipping metrics to Graphite.
- The roadmap discusses plans for an Icinga DB and reporting in 2018, as well as packaging Icinga components together in an Icinga Stack for easy installation and support.
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
This document discusses security in DevOps (DevSecOps). It describes how DevSecOps automates security measures like code scanning, dependency management and container scanning into the development pipeline. It also discusses how DevSecOps standardizes infrastructure components, implements security controls once across environments for efficiency, and prevents configuration drift and manual errors through immutable infrastructure and deployment automation. Finally, it explains how DevSecOps improves IT governance through these methods.
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
The document discusses DevSecOps, which aims to automate security practices like testing and monitoring into the development lifecycle. It advocates integrating security practices like static code analysis, dependency management, and container scanning into the build process. For testing, it recommends smoke tests and restricting access to test environments. In deployment, it suggests automating atomic container deployments to remove the need for developer access to production. For operations, it outlines security practices like isolating containers, documenting infrastructure, and preventing configuration drift between environments. The goal is to implement security controls through automation and standardization rather than manual reviews.
DevSecOps: Bringing security to the DevOps pipelineAarno Aukia
How to continuously improve security in software development and software operations by proactive collaboration, robust processes and readily available tooling to make sure the "paved path" (the path of least resistance) for developers is the correct/secure/supported path.
Talk held at the Security Chat on Mar 25th 2019 in Zürich, Switzerland
Continuous security improvements in the DevOps processAarno Aukia
This document discusses continuous security improvement in the DevOps process. It describes how a DevOps company called VSHN integrates security practices like application security, DevSecOps, and security operations into the software development lifecycle. These include implementing security best practices and tools for activities like code analysis, dependency management, container scanning, testing, deployment, operations, identity and access management, logging, and metrics collection. The goal is to automate security across build, test, deploy, and operations phases to deliver secure software through a DevSecOps approach.
Application Portability using Cloud Native Technology: Docker, KubernetesAarno Aukia
This document discusses application portability using cloud native computing and containers. It provides an overview of moving from virtual machines and configuration management to using containers and Kubernetes for container orchestration. It discusses how Kubernetes abstracts away differences in infrastructure, enables portability across clouds, and supports automation through its open standard.
Next gen software operations models in the cloudAarno Aukia
This document summarizes a presentation by Aarno Aukia, CTO of VSHN - The DevOps Company. The presentation discusses next generation operations models including DevOps, containers, cloud native computing, and cloud migration. It explains how these new models enable higher levels of automation, standardization, elasticity and agility compared to traditional IT organizations.
IT Governance and Security Architecture in Docker, Kubernetes, OpenShiftAarno Aukia
This document summarizes a presentation about IT governance and security architectures using Docker, Kubernetes, and OpenShift. It introduces Aarno Aukia and VSHN, discusses how IT governance has evolved from manual operations to standardized platforms, and outlines how container platforms provide security, financial, and technical controls through abstraction, automation, and standardization.
A guide to modern software development 2018Peter Bittner
The document discusses modern software development practices and DevOps. It outlines pain points such as unclear responsibilities between development and operations teams. It proposes building blocks for improvement, including automated testing, continuous integration/delivery (CI/CD) pipelines, a DevOps culture without silos, cloud-native applications, and avoiding vendor lock-in. It provides guidance on implementing these practices through repository structure, treating development machines and production environments similarly, and separating application and deployment concerns in CI/CD pipelines.
GitOps, Driving NGN Operations Teams 211127 #kcdgt 2021William Caban
The adoption of cloud-native principles brings new challenges. Scaling and evolving operations teams and staying up to date requires the adoption of new operational models and paradigms.
This deck presents how modern paradigms map to GitOps principles and the charactersitics that must be supported by any software used for GitOps.
Wie macht man aus Software einen Online-Service in der CloudAarno Aukia
This document discusses how to transform software into an online cloud service and the benefits of a cloud-native approach. It explains that with a cloud-native approach using containers and Kubernetes, software can be packaged once and then deployed globally on standardized infrastructure as code. This reduces costs and improves agility while increasing security through automation and standardized components that are pre-audited.
This document discusses OpenShift v3 and how it can help organizations accelerate development at DevOps speed. It provides an overview of Kubernetes and OpenShift's technical architecture, how OpenShift enables continuous delivery and faster cycle times from idea to production. It also summarizes benefits for developers, integrations, administration capabilities, and the OpenShift product roadmap.
This document discusses DevSecOps principles for banks and financial institutions. It introduces DevSecOps as an evolution from DevOps that incorporates security practices like risk assessments, security testing, and compliance monitoring directly into the development lifecycle. The presentation outlines key DevSecOps principles like establishing security requirements upfront, implementing controls like access management and logging, and conducting continuous security testing. It provides an example of a Swiss bank that uses Kubernetes, Docker, and security tools from VSHN to operationalize DevSecOps and improve governance.
This document discusses continuous delivery practices using Visual Studio Team Services (VSTS), Git Flow branching model, Octopus Deploy, and Azure Resource Manager (ARM) for enterprise environments. It defines continuous delivery and release management, and describes how to implement a Git Flow branching model and delivery pipeline in VSTS. It also provides an overview of using Octopus Deploy for release management and deployment, ARM for infrastructure provisioning, and Role-Based Access Control (RBAC) for user permissions. Key recommendations include using VSTS for continuous integration, Octopus Deploy for releases, ARM templates for environments, and RBAC for administration.
Continuous Delivery: Fly the Friendly CI in Pivotal Cloud Foundry with ConcourseVMware Tanzu
This document provides an overview of continuous integration (CI) and continuous delivery (CD) using Concourse. It introduces Concourse and discusses why containers and pipelines are useful for CI/CD. It then demonstrates how to use Concourse in practice with examples and explains how to get started using Concourse for CI/CD workflows. The key aspects covered are Concourse's simple and scalable pipeline model using resources, tasks, and jobs, how containerization provides dependable and isolated executions, and how pipelines allow flexible yet efficient software testing and deployment.
This document provides an overview of Container as a Service (CaaS) with Docker. It discusses key concepts like Docker containers, images, and orchestration tools. It also covers DevOps practices like continuous delivery that are enabled by Docker. Specific topics covered include Docker networking, volumes, and orchestration with Docker Swarm and compose files. Examples are provided of building and deploying Java applications with Docker, including Spring Boot apps, Java EE apps, and using Docker for builds. Security features of Docker like content trust and scanning are summarized. The document concludes by discussing Docker use cases across different industries and how Docker enables critical transformations around cloud, DevOps, and application modernization.
This presentation is from the 2016 Enterprise Roadshow series in North America and Europe. This presentation explains the Docker enterprise solution including Containers as a Service workflows powered by Docker Datacenter and the integration with HPE to deliver a container platform on hybrid cloud infrastructure.
Learn more: www.docker.com/enterprise
CNCF general introduction to beginners at openstack meetup Pune & Bangalore February 2018. Covers broadly the activities and structure of the Cloud Native Computing Foundation.
This document discusses DevOps platforms on OpenShift. It introduces concepts like Docker, Kubernetes and OpenShift. It describes how OpenShift adds features to Kubernetes like an enterprise UI, security layers, standardized installation and more. It outlines why a Platform as a Service (PaaS) like OpenShift provides benefits such as increased speed, organizational consensus, scale, security and reduced costs. It then discusses the key features of a DevOps platform on OpenShift including a unique platform for all teams, a continuous delivery approach, unified monitoring and more. Examples are provided of how such a platform can be used for development and operations teams.
The document discusses best practices for implementing DevSecOps for microservices architectures. It begins by defining microservices and explaining their advantages over monolithic architectures. It then covers challenges of microservices including communication between services, databases, testing, and deployment. The document recommends using a choreography pattern for asynchronous communication between loosely coupled services. It provides examples of event-driven architectures and deploying to Kubernetes. It also discusses technologies like Jenkins, Docker, Kubernetes, SonarQube, and Trivy that can help support continuous integration, deployment, and security in DevSecOps pipelines.
Applikationsmodernisierung: Der Weg von Legacy in die CloudAarno Aukia
Stell Dir vor: Du willst einen 6000er besteigen. Eine gute Vorbereitung, gutes Material und professionelles Wissen sind dabei unabdingbar.
Du schnappst Dir einen Berg-Guide, der Dich bei schwierigen Passagen unterstützt und Dir das passende Know-How weitergibt. Das schwere Material kannst Du auf ein Team aufteilen, das genau weiss, welche Pakete Du am sinnvollsten schnürst. Sie zeigen Dir zudem, welchen unnötigen Ballast Du abwerfen kannst.
Am Ende stehst Du am Ziel – Dich erwartet ein grossartiges Resultat und die Zufriedenheit des Vollbrachten.
Genau so fühlt sich die Reise Deiner Legacy Applikation an.
Im Webinar zeigen Dir die drei Partnerfirmen Object Engineering, Puzzle und VSHN, wie Du Deine Applikationen fit hältst. Dabei geben sie Dir einen Einblick, wie Experten die Applikationen analysieren, aufpeppen und den Betrieb sicherstellen können.
Security in the DevOps pipeline of containerized core application: Case Study...Aarno Aukia
Keynote at the Swiss CISO Summit September 2, 2020, in Zürich Switzerland
Christian Reinhard, Leader Application Management, Finnova AG Bankware
Aarno Aukia, CTO & Partner, VSHN - The DevOps Company
Finnova offers innovative software solutions for the banking sector as a software product and also in the form of a software-as-a-service model. There are strong needs and incentives to assume responsibility for confidentiality, integrity, and availability.
Christian and Aarno will present the current state of the Dev(Sec)Ops pipelines of their own products, the application management processes and automation for first- and third-party software and finally the con- tainer platforms and tools used for operational secu- rity engineering. The speakers will provide insights of challenges and experiences.
Von der Straße in die Cloud: Optimierung von Logistikprozessen mit Docker, Ku...Aarno Aukia
Talk held at the Cloudcomputing Conference Sep 19th 2019 in Hamburg, Germany
Andreas Häberle, Director IT & Dev, flexis AG
Aarno Aukia, CTO & Partner, VSHN AG - The DevOps Company
This document summarizes several talks that were presented at KubeCon and CloudNativeCon 2019 related to Kubernetes storage. It outlines talks on Kubernetes storage fundamentals, benchmarking different storage solutions, improving availability of stateful applications, and developing custom kubectl plugins. The document encourages following VSHN on Twitter and visiting them for coffee.
My broken container is gone - how to debug containers on container platformsAarno Aukia
The document discusses container and Kubernetes technologies. It provides an example Kubernetes deployment file and covers topics like containerization with Docker, Kubernetes distributions, designing applications for robustness, running applications in containers, debugging containerized applications, and common errors. The document concludes with an invitation to visit VSHN.ch for coffee.
Automated Server Administration for DevSecOpsAarno Aukia
VSHN manages servers for customers using automated tools. Aarno from VSHN discussed their implementation which includes a web interface for customers, infrastructure as code using YAML, and automated monitoring and updates. Some lessons learned included using tools to separate customers while sharing code, monitoring and backups by default, and good processes for frequent updates.
The webinar discusses how DevOps principles and container technology can help address the dilemma between development and IT operations teams. It introduces containerization and how moving applications to the cloud using containers on a platform like APPUiO can improve collaboration, automation, agility and costs. An example is provided of a 20 year old legacy application that was modernized and moved to OpenShift using APPUiO, delivering significant improvements to development and operations.
Migration von Applikationen in die CloudAarno Aukia
Webinar zu Docker Container-Technologie und DevOps-Prinzipien: https://vshn.ch/kostenloses-webinar-migration-von-applikationen-in-die-cloud-mit-docker-container-technologie-und-devops-prinzipien/
Scalable Web Applications with 100% open sourceAarno Aukia
The document summarizes a presentation about running scalable web applications using Docker, Kubernetes, and OpenShift. It introduces the speaker, Aarno Aukia from VSHN, and discusses how web applications were previously run using virtual servers and configuration management tools. It outlines shortcomings of this approach and desires for a better solution. The document then explains what Docker, Kubernetes, and OpenShift are and how they address the previous issues by enabling containerization, orchestration, and application deployment in a self-service manner. It provides examples of using these tools and promotes VSHN's managed platform called APPUiO.
Bringing Security to DevOps
Bringing AppSec to Development is like bringing Operations Engineering to Development: improving Software Engineering by aligning goals, speed of development and incremental improvement.
First cloud native computing meetup Zürich
What is cloud native computing ?
Who is the Cloud native computing foundation cncf.io ?
What are the projects under the CNCF ?
This document summarizes a presentation on DevOps in e-commerce given by Aarno Aukia of VSHN AG. It introduces Aarno and VSHN, defines DevOps as collaboration between development and operations, and lists benefits like infrastructure as code, continuous integration/testing, and automation. The presentation demonstrates how DevOps allows product owners to validate ideas faster through automated software delivery and deployment to testing environments. It promotes VSHN's APPUiO platform for managed Docker and Kubernetes hosting.
Scalable Python with Docker, Kubernetes, OpenShiftAarno Aukia
This document summarizes a presentation about scaling Python applications using Docker, Kubernetes, and OpenShift. It discusses how the speaker previously ran Python applications on virtual servers, the shortcomings of that approach, and how containerization tools address those issues. It provides an overview of Docker for building application images, Kubernetes for orchestrating containers, and OpenShift for deploying applications to production. The speaker advocates these tools to gain benefits like continuous deployment, easy scaling, and portability across infrastructures.
The document summarizes a presentation about containers in Azure. It introduces Docker and Kubernetes as tools for running open source applications on Azure. It notes shortcomings of traditional virtual servers, such as difficulty scaling and versioning applications. Docker is presented as a way to package code and dependencies, while Kubernetes provides container orchestration for tasks like scheduling and updating containers. The presentation demonstrates using OpenShift on APPUiO, a managed container platform, as an alternative to running containers directly on Azure.
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...kalichargn70th171
In today's fiercely competitive mobile app market, the role of the QA team is pivotal for continuous improvement and sustained success. Effective testing strategies are essential to navigate the challenges confidently and precisely. Ensuring the perfection of mobile apps before they reach end-users requires thoughtful decisions in the testing plan.
Consistent toolbox talks are critical for maintaining workplace safety, as they provide regular opportunities to address specific hazards and reinforce safe practices.
These brief, focused sessions ensure that safety is a continual conversation rather than a one-time event, which helps keep safety protocols fresh in employees' minds. Studies have shown that shorter, more frequent training sessions are more effective for retention and behavior change compared to longer, infrequent sessions.
Engaging workers regularly, toolbox talks promote a culture of safety, empower employees to voice concerns, and ultimately reduce the likelihood of accidents and injuries on site.
The traditional method of conducting safety talks with paper documents and lengthy meetings is not only time-consuming but also less effective. Manual tracking of attendance and compliance is prone to errors and inconsistencies, leading to gaps in safety communication and potential non-compliance with OSHA regulations. Switching to a digital solution like Safelyio offers significant advantages.
Safelyio automates the delivery and documentation of safety talks, ensuring consistency and accessibility. The microlearning approach breaks down complex safety protocols into manageable, bite-sized pieces, making it easier for employees to absorb and retain information.
This method minimizes disruptions to work schedules, eliminates the hassle of paperwork, and ensures that all safety communications are tracked and recorded accurately. Ultimately, using a digital platform like Safelyio enhances engagement, compliance, and overall safety performance on site. https://safelyio.com/
A neural network is a machine learning program, or model, that makes decisions in a manner similar to the human brain, by using processes that mimic the way biological neurons work together to identify phenomena, weigh options and arrive at conclusions.
Most important New features of Oracle 23c for DBAs and Developers. You can get more idea from my youtube channel video from https://youtu.be/XvL5WtaC20A
Enhanced Screen Flows UI/UX using SLDS with Tom KittPeter Caitens
Join us for an engaging session led by Flow Champion, Tom Kitt. This session will dive into a technique of enhancing the user interfaces and user experiences within Screen Flows using the Salesforce Lightning Design System (SLDS). This technique uses Native functionality, with No Apex Code, No Custom Components and No Managed Packages required.
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISTier1 app
Are you ready to unlock the secrets hidden within Java thread dumps? Join us for a hands-on session where we'll delve into effective troubleshooting patterns to swiftly identify the root causes of production problems. Discover the right tools, techniques, and best practices while exploring *real-world case studies of major outages* in Fortune 500 enterprises. Engage in interactive lab exercises where you'll have the opportunity to troubleshoot thread dumps and uncover performance issues firsthand. Join us and become a master of Java thread dump analysis!
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...kalichargn70th171
In today's business landscape, digital integration is ubiquitous, demanding swift innovation as a necessity rather than a luxury. In a fiercely competitive market with heightened customer expectations, the timely launch of flawless digital products is crucial for both acquisition and retention—any delay risks ceding market share to competitors.
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLESanfaltahir1010
Image: Include an image that represents the concept of precision, such as a AI helix or a futuristic healthcare
setting.
Objective: Provide a foundational understanding of precision medicine and its departure from traditional
approaches
Role of theory: Discuss how genomics, the study of an organism's complete set of AI ,
plays a crucial role in precision medicine.
Customizing treatment plans: Highlight how genetic information is used to customize
treatment plans based on an individual's genetic makeup.
Examples: Provide real-world examples of successful application of AI such as genetic
therapies or targeted treatments.
Importance of molecular diagnostics: Explain the role of molecular diagnostics in identifying
molecular and genetic markers associated with diseases.
Biomarker testing: Showcase how biomarker testing aids in creating personalized treatment plans.
Content:
• Ethical issues: Examine ethical concerns related to precision medicine, such as privacy, consent, and
potential misuse of genetic information.
• Regulations and guidelines: Present examples of ethical guidelines and regulations in place to safeguard
patient rights.
• Visuals: Include images or icons representing ethical considerations.
Content:
• Ethical issues: Examine ethical concerns related to precision medicine, such as privacy, consent, and
potential misuse of genetic information.
• Regulations and guidelines: Present examples of ethical guidelines and regulations in place to safeguard
patient rights.
• Visuals: Include images or icons representing ethical considerations.
Content:
• Ethical issues: Examine ethical concerns related to precision medicine, such as privacy, consent, and
potential misuse of genetic information.
• Regulations and guidelines: Present examples of ethical guidelines and regulations in place to safeguard
patient rights.
• Visuals: Include images or icons representing ethical considerations.
Real-world case study: Present a detailed case study showcasing the success of precision
medicine in a specific medical scenario.
Patient's journey: Discuss the patient's journey, treatment plan, and outcomes.
Impact: Emphasize the transformative effect of precision medicine on the individual's
health.
Objective: Ground the presentation in a real-world example, highlighting the practical
application and success of precision medicine.
Data challenges: Address the challenges associated with managing large sets of patient data in precision
medicine.
Technological solutions: Discuss technological innovations and solutions for handling and analyzing vast
datasets.
Visuals: Include graphics representing data management challenges and technological solutions.
Objective: Acknowledge the data-related challenges in precision medicine and highlight innovative solutions.
Data challenges: Address the challenges associated with managing large sets of patient data in precision
medicine.
Technological solutions: Discuss technological innovations and solutions
Measures in SQL (SIGMOD 2024, Santiago, Chile)Julian Hyde
SQL has attained widespread adoption, but Business Intelligence tools still use their own higher level languages based upon a multidimensional paradigm. Composable calculations are what is missing from SQL, and we propose a new kind of column, called a measure, that attaches a calculation to a table. Like regular tables, tables with measures are composable and closed when used in queries.
SQL-with-measures has the power, conciseness and reusability of multidimensional languages but retains SQL semantics. Measure invocations can be expanded in place to simple, clear SQL.
To define the evaluation semantics for measures, we introduce context-sensitive expressions (a way to evaluate multidimensional expressions that is consistent with existing SQL semantics), a concept called evaluation context, and several operations for setting and modifying the evaluation context.
A talk at SIGMOD, June 9–15, 2024, Santiago, Chile
Authors: Julian Hyde (Google) and John Fremlin (Google)
https://doi.org/10.1145/3626246.3653374
8 Best Automated Android App Testing Tool and Framework in 2024.pdfkalichargn70th171
Regarding mobile operating systems, two major players dominate our thoughts: Android and iPhone. With Android leading the market, software development companies are focused on delivering apps compatible with this OS. Ensuring an app's functionality across various Android devices, OS versions, and hardware specifications is critical, making Android app testing essential.
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...Paul Brebner
Closing talk for the Performance Engineering track at Community Over Code EU (Bratislava, Slovakia, June 5 2024) https://eu.communityovercode.org/sessions/2024/why-apache-kafka-clusters-are-like-galaxies-and-other-cosmic-kafka-quandaries-explored/ Instaclustr (now part of NetApp) manages 100s of Apache Kafka clusters of many different sizes, for a variety of use cases and customers. For the last 7 years I’ve been focused outwardly on exploring Kafka application development challenges, but recently I decided to look inward and see what I could discover about the performance, scalability and resource characteristics of the Kafka clusters themselves. Using a suite of Performance Engineering techniques, I will reveal some surprising discoveries about cosmic Kafka mysteries in our data centres, related to: cluster sizes and distribution (using Zipf’s Law), horizontal vs. vertical scalability, and predicting Kafka performance using metrics, modelling and regression techniques. These insights are relevant to Kafka developers and operators.
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemPeter Muessig
Learn about the latest innovations in and around OpenUI5/SAPUI5: UI5 Tooling, UI5 linter, UI5 Web Components, Web Components Integration, UI5 2.x, UI5 GenAI.
Recording:
https://www.youtube.com/live/MSdGLG2zLy8?si=INxBHTqkwHhxV5Ta&t=0
Microservice Teams - How the cloud changes the way we workSven Peters
A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams?
Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.
Flutter is a popular open source, cross-platform framework developed by Google. In this webinar we'll explore Flutter and its architecture, delve into the Flutter Embedder and Flutter’s Dart language, discover how to leverage Flutter for embedded device development, learn about Automotive Grade Linux (AGL) and its consortium and understand the rationale behind AGL's choice of Flutter for next-gen IVI systems. Don’t miss this opportunity to discover whether Flutter is right for your project.
1. VSHN - The DevOps Company
DevSecOps
Security in DevOps
Aarno Aukia, CTO @ VSHN - The DevOps Company
05.10.2020
WeAreDevelopers Live Week
2. VSHN - The DevOps Company
● About Aarno & VSHN.ch
● Why? From Dev to DevOps to DevSecOps
● What? DevSecOps principles
● How? Concrete measures
● Who? Customer Example: Finnova AG Bankware
● Because? Resulting IT Governance & security benefits
22
Agenda
3. VSHN - The DevOps Company
@aarnoaukia a@vshn.ch
ETH → Google → Atrila → VSHN
VSHN - The DevOps Company @vshn_ch
Since 2014, currently 45 VSHNeers in Zürich, Switzerland
Helping developers run online businesses without having to worry about
operations
33
About Aarno & VSHN.ch
4. VSHN - The DevOps Company
Software Project Management
Requirements Design Implementation Validation Maintenance
5. VSHN - The DevOps Company
Software Project Management
Requirements Design Implementation Validation Maintenance
6. VSHN - The DevOps Company
Software Project Management
Requirements Design Implementation Validation Maintenance
7. VSHN - The DevOps Company
Software Project Management
Requirements Design Implementation Testing Release
Biz
8. VSHN - The DevOps Company
Software Project Management: Dev vs. Ops
Requirements Design Implementation Testing Release
Ops
Biz
9. VSHN - The DevOps Company 9
OPS = Firefighting-as-a-Service ?
9
10. VSHN - The DevOps Company
Collaboration between software developers and operations:
● Teamwork
● Continuous improvement
● Efficient and lean
● Agile: being able to react to new requirements
● Automate as much as possible (“Infrastructure as code”)
1212
DevOps: People, Processes & Tools
11. VSHN - The DevOps Company
Software Project Management: DevOps
Requirements Design Implementation Testing
ReleaseDeployOperateMonitor
12. VSHN - The DevOps Company
Software Project Management: DevOps
Requirements Design Implementation Testing
ReleaseDeployOperateMonitor
SECURITY
13. VSHN - The DevOps Company
Software Project Management: DevSecOps
Requirements Design Implementation Testing
ReleaseDeployOperateMonitor
Todo-List Data & Risks
Secure
Practices
Validation
traceabilityauditabilityAnomalies Availability
14. VSHN - The DevOps Company
● Developer education, requirements engineering, design review ->
AppSec/DevSec
● Software Build/Deployment/Operations -> DevSecOps
● Incident detection & management -> SecOps
1616
Areas of security improvement
15. VSHN - The DevOps Company
DevSecOps principles
1717
16. VSHN - The DevOps Company
● static code analysis automatically for each commit (DevSecOps principle 4)
● Dependency Management (DevSecOps principle 5)
● (base) container image scanning (DevSecOps principle 5)
1818
Build
17. VSHN - The DevOps Company
Code analysis: sonarqube
1919
18. VSHN - The DevOps Company 2020
Dependency updates: https://dependabot.com
19. VSHN - The DevOps Company
Container scanning: aquasec
2121
20. VSHN - The DevOps Company
● smoke tests (DevSecOps principle 4)
● As many test environments as necessary (DevSecOps principle 4)
● atomic container deployment (DevSecOps principle 6)
● every deployment (and rollback) is a “normal deployment” (DevSecOps
principle 6)
● deployment automation removes need for (all) devs root prod access and/or
waiting for ops to deploy new dev version (DevSecOps principle 6)
2222
Test & Deployment
21. VSHN - The DevOps Company
● standardization on (minimal, hardened) OS and container orchestrator
● immutable (application) infrastructure using containers
● process/storage/network separation of applications/environments
● detect/prevent configuration drift between dev/test/stage/prod envs
● documentation & automatic backup of all volumes
● documentation & monitoring of routes/loadbalancers/ingresspoints with
enforcing SSL/TLS
● AAI for admin & application
● key & secrets management
● audit logging of control & application planes
2323
Ops (DevSecOps principle 1)
22. VSHN - The DevOps Company
Container isolation
2424
● Kernel namespacing (process & network)
● Control groups (resource quota to prevent DoS)
● SELinux (additional syscall filter)
● prevent running as root inside container, no user-provided privileged
containers (enforce best practice)
● readonly container filesystem (harder to persist exploit at runtime)
23. VSHN - The DevOps Company
● “Docker”
○ Kernel-based process isolation based on lxc/libcontainer/runc (CNCF open standard)
○ Open Source Tools for container image creation and management (“Docker CE”)
○ Company based in San Francisco (“Docker inc”)
○ Enterprise software product (“Docker EE”)
○ Online portal for public docker containers (“Dockerhub” hub.docker.com)
● “Dockerfile”
○ Text file containing all the instructions to build and assemble the application into a container
including application code, appserver, plugins, modules, libraries down to libc
○ Goal: document & automate the build process
○ Usually in the application GIT repository
○ References a base image to incrementally add the application to
3030
Container technology: Docker
24. VSHN - The DevOps Company
● Use declarative formats for setup automation
● Have a clean, portable contract with the underlying operating system
● Are suitable for deployment on modern cloud platforms, obviating the need
for servers and systems administration;
● Minimize divergence between development and production, enabling
continuous deployment for maximum agility;
● And can scale up without significant changes to tooling, architecture, or
development practices.
3131
12 Factor App Patterns: https://12factor.net/
25. VSHN - The DevOps Company
From container
to production?
3232
26. VSHN - The DevOps Company
● How many container instances should be running per service?
● On which IP/port/server are they running on?
● Service discovery
● What happens if a container/server goes away?
● scaling, load balancing, rolling deployments, persistent storage, networking
3333
Container orchestration: Kubernetes
27. VSHN - The DevOps Company
Docker
Kubernetes
3939
Layers of abstraction
Hardware
Operating System
Service discovery & Load
balancing
Application Server
Application
Cloud/Onprem
30. VSHN - The DevOps Company
AAI: Keycloak
4242
● Identity & Access Management
● Single sign in/out
● Identity brokering:
○ OpenID Connect (OAuth2, FB/Twitter/Github etc.)
○ SAML2.0
○ Kerberos
● User federation: LDAP, AD, etc
● 2FA: TOTP/HOTP
● Managing the Authorization groups
31. VSHN - The DevOps Company
Logs: ELK/EFK/Greylog
4343
● Logging all access and changes through the control plane
● Logging all access to the application and correlate with application logs
● Index, view, filter, aggregate KPI → monitoring
● Store outside of application scope
32. VSHN - The DevOps Company
● Prometheus
○ time series database
○ open source / CNCF-project
○ well-integrated in docker/kubernetes stats
● NewRelic APM
○ application-level profiling
○ performance tracking
○ exception tracking (backend & frontend)
○ available as SaaS
4444
Metrics: Prometheus / NewRelic
33. VSHN - The DevOps Company
● Developer and Operator of Banking Software used by ~100 Banks
● Based in Lenzburg, Switzerland
● Founded 1974
● ~400 Employees
Example: Finnova AG Bankware
35. VSHN - The DevOps Company 48
Deployment Process & Security
DEV
(Repository)
Files (Pods)
Docker
Images
Container
(OpenShift)
Betrieb AM
Seewen
(PRD)
GitHub
Code Image-Scan (Security & Compliance Policies)
» Code Analyse
» Image Scanning
» Container Hardening
Runtime
» Network Security
» Monitoring
» Logging & Reporting
» Code Security
» Access
» Security & Auditing
SecurityDeployment
36. VSHN - The DevOps Company 49
Architecture and Security
37. VSHN - The DevOps Company
● “Full Stack Audit”
● Review design document
● Every layer was custom built
○ physical hardware
○ handcrafted servers
○ manual application deployment
● Review each layer
● Review each layer again next year...
5050
Traditional IT governance
38. VSHN - The DevOps Company
● Standardized components
○ already audited, some even externally certified
○ re-used, economies of scale, CMMI level 5
○ tech controls (AAI, RBAC, logs/SIEM) implemented once
○ financial controls implemented once
● Infrastructure: private/public cloud
● Ops: Container orchestration platform
● Review design document & platform
configuration
5151
Cloud native IT governance
39. VSHN - The DevOps Company
● prevent configuration drift
○ immutable (application) infrastructure using containers
○ deploy dev/test/stage/prod envs from CI/CD
● prevent manual errors
○ validate configuration in CI/CD before deployment
○ standardization on (minimal, hardened) OS and container orchestrator
○ deployment automation removes need for (most) root prod access
● security by default
○ image scanning, dependency vulnerability management
○ process/storage/network separation of applications/environments
○ volumes & ingresspoints best practice (documentation, monitoring, backup, SSL/TLS/WAF)
○ AAI for admin & application, audit trail logging of CI/CD, control & application planes
○ key & secrets management
● 5252
IT governance controls in container platforms
40. VSHN - The DevOps Company
● compute resources billable by project
● self-service-onboarding possible
● autoscaling, scale-down dev envs outside office hours
● vendor procurement/due diligence/certification management
● SLA, 24x7, service process, escalation management clearly defined
5353
IT governance financial/compliance controlling
41. VSHN - The DevOps Company
DevSecOps principles
5454
42. VSHN - The DevOps Company
● Please get in touch with feedback
● Twitter: @aarnoaukia
● Linkedin: https://www.linkedin.com/in/aukia/
● Email: aarno.aukia@vshn.ch
5555
Thank you
43. Come visit us for a coffee!
VSHN AG - Neugasse 10 - CH-8005 Zürich - +41 44 545 53 00 - https://vshn.ch/ - info@vshn.ch
https://vshn.ch/kontakt/
Follow us on Twitter!
@vshn_ch
56