Jon Hammant, Head of Cloud & DevOps for UK & EU for Epam Systems, presented an overview of using the ELK stack together with the Beats Plugin data shippers to provide detailed system metrics, network traffic, file analysis, and more. In addition, he provided an overview of how to monitor multiple Docker containers in a cloud native environment, with logs sent back to a central host.
DOXLON November 2016 - Data Democratization Using SplunkOutlyer
In this session, Neil Roy Chowdhury - Lead Splunk Consultant @ Strft - looks at Splunk to foster collaboration between dev and ops teams in a safe and secure way. We focus on the need for semantic logging and what part data models can play in everyone speaking the same language, not just for dev and ops teams, but for information security and other business areas too.
DOXLON November 2016: Facebook Engineering on cgroupv2Outlyer
Cgroupv1 (or just "cgroups") has helped revolutionize the way that we manage and use containers over the past 8 years. In kernel 4.5, a complete overhaul is coming -- cgroupv2. This talk will go into why a new control group system was needed, the changes from cgroupv1, and practical uses that you can apply to improve the level of control you have over the processes on your servers.
#DOXLON October 2016 - Mesos Deployment at SchibstedOutlyer
Alan Bover, engineer at Schibsted, an international media group with over 200 million monthly users, talks pros and cons of Mesos, including why you must develop the right framework in order to make good use of it. Check out several detailed Mesos deployment scenarios, and why Alan thinks comparing Kubernetes and Mesos is akin to comparing apples to oranges.
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
A review of AWS security concepts, leaks at Beamly, an Introduction to Hashicorp Vault and how we use use Vault at Beamly.
Watch YouTube video here: http://bit.ly/25ytNAD
Join DevOps Exchange London Meetup: http://bit.ly/22y4Var
Follow DOXLON on Twitter: http://bit.ly/1ZdugEJ
How bol.com makes sense of its logs, using the Elastic technology stack.Renzo Tomà
Presentation given by Renzo Tomà as "Tech and Use Case Deep Dive", during the Elastic{ON}Tour 2015 event in Amsterdam on October 29th.
Explanation of how bol.com is using the Elastic ELK stack to power a logsearch platform. Lots of details on the types of sources and number of feeds. Some history and reasoning why the current set of in-process JSON based logshippers are used. Links to the bol.com github account for the logshipper projects. The presentation ends with two special sauces: fun things you can do with lots of data in Elasticsearch. The 1st sauce is 'the call stack' - tagging each request with a unique ID, passing that ID along to all service calls and making sure this ID ends up in all access logging, enables you to group all calls together and get a call stack. The 2nd sauce is a way of generating a service map using access logging and some logstash magic.
I love questions and feedback. My mail address can be found in the presentation.
DOXLON November 2016 - Data Democratization Using SplunkOutlyer
In this session, Neil Roy Chowdhury - Lead Splunk Consultant @ Strft - looks at Splunk to foster collaboration between dev and ops teams in a safe and secure way. We focus on the need for semantic logging and what part data models can play in everyone speaking the same language, not just for dev and ops teams, but for information security and other business areas too.
DOXLON November 2016: Facebook Engineering on cgroupv2Outlyer
Cgroupv1 (or just "cgroups") has helped revolutionize the way that we manage and use containers over the past 8 years. In kernel 4.5, a complete overhaul is coming -- cgroupv2. This talk will go into why a new control group system was needed, the changes from cgroupv1, and practical uses that you can apply to improve the level of control you have over the processes on your servers.
#DOXLON October 2016 - Mesos Deployment at SchibstedOutlyer
Alan Bover, engineer at Schibsted, an international media group with over 200 million monthly users, talks pros and cons of Mesos, including why you must develop the right framework in order to make good use of it. Check out several detailed Mesos deployment scenarios, and why Alan thinks comparing Kubernetes and Mesos is akin to comparing apples to oranges.
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
A review of AWS security concepts, leaks at Beamly, an Introduction to Hashicorp Vault and how we use use Vault at Beamly.
Watch YouTube video here: http://bit.ly/25ytNAD
Join DevOps Exchange London Meetup: http://bit.ly/22y4Var
Follow DOXLON on Twitter: http://bit.ly/1ZdugEJ
How bol.com makes sense of its logs, using the Elastic technology stack.Renzo Tomà
Presentation given by Renzo Tomà as "Tech and Use Case Deep Dive", during the Elastic{ON}Tour 2015 event in Amsterdam on October 29th.
Explanation of how bol.com is using the Elastic ELK stack to power a logsearch platform. Lots of details on the types of sources and number of feeds. Some history and reasoning why the current set of in-process JSON based logshippers are used. Links to the bol.com github account for the logshipper projects. The presentation ends with two special sauces: fun things you can do with lots of data in Elasticsearch. The 1st sauce is 'the call stack' - tagging each request with a unique ID, passing that ID along to all service calls and making sure this ID ends up in all access logging, enables you to group all calls together and get a call stack. The 2nd sauce is a way of generating a service map using access logging and some logstash magic.
I love questions and feedback. My mail address can be found in the presentation.
Originally presented at API Strat and Practice conference in Boston 2016 by me and Mandy Whaley, this presentation shows the multiple archetypes that you could encounter while trying to govern APIs at your company.
Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13Zach Hill
Data and policy driven approach for container security and compliance using open-source Anchore. Presented at Docker Meetup LA 2/13/2017 including demos
Docker containers & the Future of Drupal testing Ricardo Amaro
Story of an investigation to improve cloud
The sad VirtualMachine story
Containers and non-containers
DEMO - Drupal Docker
Drupal Testbots story in a Glance
Docker as a testing automation factor
DEMO - Docker Tesbot
Integration path
Introduction to Infrastructure as Code & Automation / Introduction to ChefNathen Harvey
Your customers expect you to continuously deliver delightful experiences. This means that you’ll need to continuously deliver application and infrastructure updates. Hand-crafted servers lovingly built and maintained by a system administrator are a thing of the past. Golden images are fine for initial provisioning but will quickly fail as your configuration requirements change over time.
It’s time for you to fully automate the provisioning and management of your infrastructure components. Welcome to the world of infrastructure as code! In this new world, you’ll be able to programmatically provision and configure the components of your infrastructure.
Disposable infrastructure whose provisioning, configuration, and on-going maintenance is fully automated allow you to change the way you build and deliver applications. Move your applications and infrastructure towards continuous delivery.
In this talk, we’ll explore the ideas behind “infrastructure as code” and, specifically, look at how Chef allows you to fully automate your infrastructure. If you’re brave enough, we’ll even let you get your hands on some Chef and experience the delight of using Chef to build and deploy some infrastructure components.
Priming Your Teams For Microservice Deployment to the CloudMatt Callanan
You think of a great idea for a microservice and want to ship it to production as quickly as possible. Of course you'll need to create a Git repo with a codebase that reuses libraries you share with other services. And you'll want a build and a basic test suite. You'll want to deploy it to immutable servers using infrastructure as code that dev and ops can maintain. Centralised logging, monitoring, and HipChat notifications would also be great. Of course you'll want a load balancer and a CNAME that your other microservices can hit. You'd love to have blue-green deploys and the ability to deploy updates at any time through a Continuous Delivery pipeline. Phew! How long will it take to set all this up? A couple of days? A week? A month?
What if you could do all of this within 30 minutes? And with a click of a button soon be receiving production traffic?
Matt introduces "Primer", Expedia's microservice generation and deployment platform that enables rapid experimentation in the cloud, how it's caused unprecedented rates of learning, and explain tips and tricks on how to build one yourself with practical takeaways for everyone from the startup to the enterprise.
Video: https://www.youtube.com/watch?v=Xy4EkaXyEs4
Meetup: http://www.meetup.com/Devops-Brisbane/events/225050723/
S.R.E - create ultra-scalable and highly reliable systemsRicardo Amaro
Site Reliability Engineering enables agility and stability.
SREs use Software Engineering to automate themselves out of the Job.
My advice, if you want to implement this change in your company is to start with action items, alter your training and hiring, implement error budgets, do blameless postmortems and reduce toil.
https://events.drupal.org/dublin2016/sessions/sre-create-ultra-scalable-and-highly-reliable-systems
The free software history and communities’ journey aheadRicardo Amaro
"The reason why open source happened, the reason it started, was because the people who make software are artists and craftsmen. They are not just mindless drones, that show up every day and put in their hours. They spend their evenings, their weekends, unbelievable amounts of time crafting this software. And they wanna see it used by the most people, and they wanna see it used for the best purposes, typically, and they didn’t see that happening in the proprietary software world, not any of the proprietary software companies. And so they decided – because they could – to write their own world!"
Danese Cooper
Docker and Cloud - Enables for DevOps - by ACA-ITStijn Wijndaele
DevOps is gericht op het tot stand brengen van een cultuur binnen organisaties waardoor het ontwikkelen, valideren en releasen van software sneller, meer betrouwbaar en frequenter kan verlopen. Om dit te realiseren staan het automatiseren van het 'software delivery process' en de bijhorende infrastructurele veranderingen centraal. Door de opkomst van 'Microservice Architecture' neemt het belang hiervan nog verder toe.
Create an IoT Gateway and Establish a Data Pipeline to AWS IoT with Intel - I...Amazon Web Services
In this session, learn how to create a complete Gateway-based IoT framework – from the edge to the cloud and back. By using an IoT Gateway as a central data collection, processing, and communication hub, you can create IoT connectivity without having to replace legacy hardware. We show you how to use an Intel NUC gateway and Arduino 101 sensor hub to gather environmental data, and step you through establishing a data pipeline to AWS IoT. We use AWS Lambda to create a rules engine for your data, and then send a control signal back down the Intel Gateway. Bring your laptop and your AWS account for this workshop.
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS SummitAmazon Web Services
Within complex systems, even well-written code can behave in unexpected ways and lead to outages and critical issues. Amazon Elastic Container Service for Kubernetes (Amazon EKS) enables you to easily run Kubernetes, quickly deploy new code, and revert to safe, stable releases when issues are identified. But the damage done in the short period between deployment and rollback can be significant. In this session, we show you how to limit the effect of unforeseen issues using canary deployments with Istio and how to better monitor your applications in Amazon EKS and spot potential problems before they affect your customer base. This session is brought to you by AWS partner, Datadog.
Originally presented at API Strat and Practice conference in Boston 2016 by me and Mandy Whaley, this presentation shows the multiple archetypes that you could encounter while trying to govern APIs at your company.
Open Source Tools for Container Security and Compliance @Docker LA Meetup 2/13Zach Hill
Data and policy driven approach for container security and compliance using open-source Anchore. Presented at Docker Meetup LA 2/13/2017 including demos
Docker containers & the Future of Drupal testing Ricardo Amaro
Story of an investigation to improve cloud
The sad VirtualMachine story
Containers and non-containers
DEMO - Drupal Docker
Drupal Testbots story in a Glance
Docker as a testing automation factor
DEMO - Docker Tesbot
Integration path
Introduction to Infrastructure as Code & Automation / Introduction to ChefNathen Harvey
Your customers expect you to continuously deliver delightful experiences. This means that you’ll need to continuously deliver application and infrastructure updates. Hand-crafted servers lovingly built and maintained by a system administrator are a thing of the past. Golden images are fine for initial provisioning but will quickly fail as your configuration requirements change over time.
It’s time for you to fully automate the provisioning and management of your infrastructure components. Welcome to the world of infrastructure as code! In this new world, you’ll be able to programmatically provision and configure the components of your infrastructure.
Disposable infrastructure whose provisioning, configuration, and on-going maintenance is fully automated allow you to change the way you build and deliver applications. Move your applications and infrastructure towards continuous delivery.
In this talk, we’ll explore the ideas behind “infrastructure as code” and, specifically, look at how Chef allows you to fully automate your infrastructure. If you’re brave enough, we’ll even let you get your hands on some Chef and experience the delight of using Chef to build and deploy some infrastructure components.
Priming Your Teams For Microservice Deployment to the CloudMatt Callanan
You think of a great idea for a microservice and want to ship it to production as quickly as possible. Of course you'll need to create a Git repo with a codebase that reuses libraries you share with other services. And you'll want a build and a basic test suite. You'll want to deploy it to immutable servers using infrastructure as code that dev and ops can maintain. Centralised logging, monitoring, and HipChat notifications would also be great. Of course you'll want a load balancer and a CNAME that your other microservices can hit. You'd love to have blue-green deploys and the ability to deploy updates at any time through a Continuous Delivery pipeline. Phew! How long will it take to set all this up? A couple of days? A week? A month?
What if you could do all of this within 30 minutes? And with a click of a button soon be receiving production traffic?
Matt introduces "Primer", Expedia's microservice generation and deployment platform that enables rapid experimentation in the cloud, how it's caused unprecedented rates of learning, and explain tips and tricks on how to build one yourself with practical takeaways for everyone from the startup to the enterprise.
Video: https://www.youtube.com/watch?v=Xy4EkaXyEs4
Meetup: http://www.meetup.com/Devops-Brisbane/events/225050723/
S.R.E - create ultra-scalable and highly reliable systemsRicardo Amaro
Site Reliability Engineering enables agility and stability.
SREs use Software Engineering to automate themselves out of the Job.
My advice, if you want to implement this change in your company is to start with action items, alter your training and hiring, implement error budgets, do blameless postmortems and reduce toil.
https://events.drupal.org/dublin2016/sessions/sre-create-ultra-scalable-and-highly-reliable-systems
The free software history and communities’ journey aheadRicardo Amaro
"The reason why open source happened, the reason it started, was because the people who make software are artists and craftsmen. They are not just mindless drones, that show up every day and put in their hours. They spend their evenings, their weekends, unbelievable amounts of time crafting this software. And they wanna see it used by the most people, and they wanna see it used for the best purposes, typically, and they didn’t see that happening in the proprietary software world, not any of the proprietary software companies. And so they decided – because they could – to write their own world!"
Danese Cooper
Docker and Cloud - Enables for DevOps - by ACA-ITStijn Wijndaele
DevOps is gericht op het tot stand brengen van een cultuur binnen organisaties waardoor het ontwikkelen, valideren en releasen van software sneller, meer betrouwbaar en frequenter kan verlopen. Om dit te realiseren staan het automatiseren van het 'software delivery process' en de bijhorende infrastructurele veranderingen centraal. Door de opkomst van 'Microservice Architecture' neemt het belang hiervan nog verder toe.
Create an IoT Gateway and Establish a Data Pipeline to AWS IoT with Intel - I...Amazon Web Services
In this session, learn how to create a complete Gateway-based IoT framework – from the edge to the cloud and back. By using an IoT Gateway as a central data collection, processing, and communication hub, you can create IoT connectivity without having to replace legacy hardware. We show you how to use an Intel NUC gateway and Arduino 101 sensor hub to gather environmental data, and step you through establishing a data pipeline to AWS IoT. We use AWS Lambda to create a rules engine for your data, and then send a control signal back down the Intel Gateway. Bring your laptop and your AWS account for this workshop.
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS SummitAmazon Web Services
Within complex systems, even well-written code can behave in unexpected ways and lead to outages and critical issues. Amazon Elastic Container Service for Kubernetes (Amazon EKS) enables you to easily run Kubernetes, quickly deploy new code, and revert to safe, stable releases when issues are identified. But the damage done in the short period between deployment and rollback can be significant. In this session, we show you how to limit the effect of unforeseen issues using canary deployments with Istio and how to better monitor your applications in Amazon EKS and spot potential problems before they affect your customer base. This session is brought to you by AWS partner, Datadog.
A presentation originally intended for internal learning purposes, it is an introduction to DevOps practices and CI/CD pipelines, with an example of our current implementation and an optimal one.
200,000 Lines Later: Our Journey to Manageable Puppet CodeDavid Danzilio
Slides from a talk I gave at PuppetConf 2015.
Abstract: I joined Constant Contact in the Spring of 2014 to help transform their Puppet infrastructure. Constant Contact was a very early adopter of Puppet and had a hard time keeping up with changes to the language. When I got to Constant Contact we were stuck on a very old version of Puppet 2.7 because our code was heavily dependent on inheritance and dynamic scoping. There was no separation of data and code and 99% of the Puppet modules in use in the environment were homegrown. With over 267,000 lines of ancient code, I was completely overwhelmed with how to get us up to speed. This talk is about how we managed to accomplish this incredible feat in just over a year.
For millennia we have crafted artifacts from bulk materials that we have progressively refined to produce ever more precision tools and products. Latterly, we have crossed a critical threshold where our abilities now eclipse Mother Nature. For example; the smallest transistors in production today have feature sizes down to 2nm which is smaller than a biological virus ~20 - 200nm. The implications for ITC, AI, Robotics, and Production are ever more profound as we approach, and most likely undercut, the scale of the atom ~ 0.1-0.4nm. Not only does this open the door to new technologies, it sees new and remarkable capabilities. So, in this presentation we look at this new Tech Horizon spanning robotics to quantum computing and sensory technologies, and how they will help us realise sustainable futures germane to Industry 4.0, 5.0, and beyond.
BigDL: Image Recognition Using Apache Spark with BigDL - MCL358 - re:Invent 2017Amazon Web Services
In this talk, you will learn how to use, or create Deep Learning architectures for Image Recognition and other neural network computations in Apache Spark. Alex, Tim and Sujee will begin with an introduction to Deep Learning using BigDL. Then they will explain and demonstrate how image recognition works using step by step diagrams, and code which will give you a fundamental understanding of how you can perform image recognition tasks within Apache Spark. Then, they will give a quick overview of how to perform image recognition on a much larger dataset using the Inception architecture. BigDL was created specifically for Spark and takes advantage of Spark’s ability to distribute data processing workloads across many nodes. As an attendee in this session, you will learn how to run the demos on your laptop, on your own cluster, or use the BigDL AMI in the AWS Marketplace. Either way, you walk away with a much better understanding of how to run deep learning workloads using Apache Spark with BigDL.
Session sponsored by Intel
The Junior Developer Survival Guide - GDI Ann Arbor 2/10/15James York
Are you new to the professional world of software development? Do you have new developers on your team? Are you wondering why college and the School of Hard Knocks did such a bad job preparing you to be a functional member of a high-performing team? Take some advice from a junior dev who has walked the path and learn to avoid rookie mistakes. Learn the skills employers value and how to get them. We will discuss quick return actions that can be undertaken immediately, as well as long term, slow-burn investments in your career. This session will focus on technical and interpersonal advice to help make your first job search, entry-level hire, and first year as a developer go smoothly. A great career won’t just fall into your lap. It takes dedication, skill, persistence, and more than a little luck. Happily, we make our own luck.
How Capital One Rethought Multimodal Voice Experiences and Brought Banking to...Amazon Web Services
Last year, Capital One joined Alexa on stage to talk about their experience building their successful Alexa skill. Since that time, many lessons have been learned through customer feedback and new enhancements to the Alexa Skills Kit (ASK) such as the skills beta testing tool and the Alexa skill builder. How can you evolve your Alexa skill with more meaningful data sets outside of the existing intents? As the Alexa Skills Kit has grown its built-in library, what does it mean for your skill to support both ordinal (list) and numerical values? How can you handle new specifications without requiring wholesale code changes? Capital One has tackled all of these issues as well as embracing additional programming languages like TypeScript to ensure that response structures are validated against all schemas. With the arrival of multimodal devices such as the Echo Show, the opportunity for seamless customer interaction models across voice and visual has also arrived (big fonts, touch, video). Your customers can now transition back and forth between using their voice and their hands while engaging with your skill. Come learn direct from Capital One on the best way of providing extra contextual information using the new Alexa Skills Kit display directives but in more convenient ways to get things done.
Data Modelling is an important tool in the toolbox of a developer. By building and communicating a shared understanding of the domain they're working with, their applications and APIs are more useable and maintainable. However, as you scale up your technical teams, how do you keep these benefits whilst avoiding time-consuming meetings every time something new comes along? This talk reminds ourselves of key data modelling technique and how our use of Kafka changes and informs them. It then examines how these patterns change as more teams join your organisation and how Kafka comes into its own in this world.
(Beyond simplistic thinking and models)
This lecture is one of a series ‘Grand Challenge Subjects’ designed to make students think beyond, and challenge, the status quo; to question what they have been taught and the established industry wisdoms; to look beyond the tech media and journal papers; to think, be original, and be creative in the widest sense. This all culminates in a design and build/project program spread over several weeks.
The notion that the IoT will see everything connecting via the internet using a wireless domain dominated by 5G is not only simplistic, it is fundamentally impossible. A moments thought and a few simple calculations reveal that there is not enough energy on the planet to power 50 - 250Bn or more IoT devices operating in such a mode. So how are we really going to design and engineer the IoT to become a workable proposition? Here are some clues:
3/4G: Carries <5% of all internet traffic; WiFi ~55%; Wired LANs @ 45%
Mobile Network coverage is sadly lacking @ <90% by geography
Mobile Device batteries and charging are major limitations
The internet consumes ~12% of all our energy
Mobile Devices consume ~ 1% and rising
Mobile Nets consume ~ 10%
None of the above takes into account the cost of raw materials, production, distribution, delivery, support, disposal and the ecological impact of civil engineering, equipments, and people.
During this lecture the following surprising conclusions quickly emerge:
Most IoT devices will talk to each other and never connect to the internet
IoT devices will require a range of bandwidths and not just low bit rates
The majority of IoT devices will communicate over very short distance
Our current wireless architectures are outmoded by the IoT
We will most likely need something beyond UWB
The power per IoT device has to be <<1mW
Security will demand auto-immunity
This then is the starting point; from here we can design and engineer solutions for an, as yet, unspecified and dimensioned IoT fit for this century.
Serverless WordPress & next Interface of WordPressHidetaka Okamoto
WordCamp Singapore 2017
Talk about ...
- What is Serverless ?
- WordPress + Serverless: What are the benefits?
- Voice Control: Next interface of WordPress
- WordPress + Amazon Alexa: An easy way to try VUI
So You Want to be an OpenStack ContributorAnne Gentle
Our very own Anne Gentle will go through how to contribute to OpenStack, the open source cloud computing project. What is OpenStack? In a sentence, OpenStack provides open source software for building public and private clouds. What does that mean? We're a collection of open source projects written in Python that integrate to help organizations deploy and run clouds for computing, networking, and storage. Here at Rackspace many of our public cloud services are maintained in OpenStack, and we also offer Private Cloud configuration and management for customers to have OpenStack running for them in their data center or ours.
She'll walk through:
What are all these projects?
Where would I begin?
Is it only coding that counts?
What's Stackforge?
What's Gerrit?
What's <fill-in-weird-code-name-here>?
Then we'll do a hands-on workshop to walk through the first-time contributor process. It's a set-it-and-forget-it process but can be intimidating.
Set up a Launchpad account and public key
Set up and install Git
Set up and install git-review
Set up Gerrit
Join the OpenStack Foundation
Sign the CLA
Find something to work on
Create a commit
Send it to review.openstack.org
Wait for reviews
Address reviewers comments
Patch your patch
Become an Active Technical Contributor to OpenStack
Win
Faster! Faster! Accelerate your business with blazing prototypesOSCON Byrum
Bring your ideas to life! Convince your boss to that open source development is faster and cheaper than the "safe" COTS solution they probably hate anyway. Let's investigate ways to get real-life, functional prototypes up with blazing speed. We'll look at and compare tools for truly rapid development including Python, Django, Flask, PHP, Amazon EC2 and Heroku.
Building Data applications with Go: from Bloom filters to Data pipelines / FO...Sergii Khomenko
Many people use Go for different projects: WebDev, DevOps or other general-purpose tasks. On another hand, with all the beauty and performance of the language it could be a good challenger for Data applications. In the talk, we will go through the common problems of Data Engineering. Starting with high-performance caching and probabilistic data structures like Bloom filters, CountMin or Hyperloglog. We will cover all stages of Data Pipelining like writing data producers for open source Apache Kafka or proprietary Amazon Kinesis or Google Pub/Sub with further data consuming and processing.
The talk covers real-life use-cases of Data Applications and will provide an overview of existing possibilities of Golang as a language for data engineering. In the talk, we will cover basic ideas of building high-performance data application, creating your own data pipelines based on open source solutions and also hosted proprietary like Amazon Kinesis or Google Pub/Sub. The idea is to provide an overview how good is Golang for data engineering and what are Pros and Cons.
The quality of the python ecosystem - and how we can protect it!Bruno Rocha
The Python ecosystem is supported by some pillars that are
- community,
- theoretical material,
- tools,
- libraries,
- PSF
- and language itself.
In this talk I would like to reflect on each of these pillars of the ecosystem
What are the priorities and in terms of quality what are the vulnerabilities of each of them.
I will mention the importance of all but focus on the quality of the ecosystem of libraries, tools and theoretical material.
The reflection will be around answering some questions:
- How to maintain the quality of libraries published in PyPI?
- What are the biggest vulnerabilities and how can we help avoid the risks?
- The importance of quality theoretical material (generated by the community)
- Can we trust everything that is available in PyPI?
- Are ecosystem teaching and documentation approaches safe, inclusive and easy to assimilate?
- What can we do to help solve the problems identified?
I will present some real cases and examples of problems encountered and security issues involving mainly PyPI
Is persistency on serverless even possible?!SecuRing
In addition to being a common option in cloud environments, serverless computing is also a suggested method for creating plenty of things! Did you ever consider its mechanics? Is serverless truly server-less? How does the execution environment function? In this event-driven compute service, is persistency even conceivable?
I will not lie – Remote Code Executions and Command Injections are uncommon, but what if one occurs in your function? Additionally, it may be brought in by an attacker through dependency injection. I will demonstrate how to use it to obtain persistency and exfiltrate more data than the function role gives.
Let us figure out:
- How serverless infrastructure functions.
- Why persistency is possible in this semi-volatile environment.
- How to use pseudo shell over HTTP for serverless environment research.
- An exploitation demo – how can we make use of an RCE vulnerability to obtain a persistency.
- Possible mitigations.
Let us hijack the data real-time from the AWS Lambdas and GCP Cloud Functions!
Presented at: Confidence 2022, AlligatorCon 2022, Secops Polska Meetup #32, DevSecCon Poland 2022, AWS Community Day Warsaw 2022.
Similar to DOXLON November 2016 - ELK Stack and Beats (20)
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...Outlyer
What is wrong w/ stateful workloads on containers today? What is happening at the Linux kernel to improve the security of containers as a platform FOR storage? Could containers and Kubernetes become the foundations of a new approach to storage? Quick demo of the OpenEBS project.
Video: https://youtu.be/rhx_TnZe_E4
This talk is from the DevOps Exchange San Francisco September Meetup: https://www.meetup.com/DevOps-Exchange-SanFrancisco
Feature flags are a valuable DevOps technique to deliver better, more reliable software faster. Feature flags can be used for both release management (dark launches, canary rollouts, betas) as well as long term control (entitlement management, user segmentation personalization).
However, if not managed properly, feature flags can be very destructive technical debt. Feature flags need to be managed properly with visibility and control to both engineering and business users.
Why You Need to Stop Using "The" Staging ServerOutlyer
Old staging methodology is broken for modern development. In fact, the staging server is left over from when we built monolithic applications. Find out why microservice architectures are driving ephemeral testing environments & why every sized dev shop should deliver true continuous deployment.
Staging servers slow down development with merge conflicts, slow iteration loops, and manhour intensive processes. To build better software faster containers and infrastructure as code are key in 2017. Dev Ops professionals miss this talk at their own peril.
How GitHub combined with CI empowers rapid product delivery at Credit Karma Outlyer
Amit and Kashyap will discuss how GitHub and self service continuous integration (CI) helps Credit Karma rapidly deliver new features to over 60 million members. They will review how Credit Karma streamlined and scaled growing CI needs stemming from an army of engineers decomposing monolith into services.
Docker is often used as an end-to-end solution where services are packaged using a Dockerfile, pushed to a container registry and then deployed to a container orchestration like Kubernetes. In this talk, I would like to show you how nix, the purely functional package manager, can replace and improve over docker in the development and build phase of the applications' lifecycle.
Minimum Viable Docker: our journey towards orchestrationOutlyer
While Kubernetes and Mesos are all the rage, you don't necessarily need a complex orchestration layer to start using and benefiting from Docker. We will present how Babylon Health is running its dockerised AI microservices in production, pros and cons, and what we have in store for the future.
Ops is the past! DevOps is the present ! SRE is for giants! NoOps is the future! Fowler even says that a DevOps Engineer is an anti-pattern!
So will our job disappear in 10 years? What can we do about it? What is the next set of skills that we need? A startup is often a precursor to larger changes. I'll tell you what we are trying to do at Curve, a Fintech startup where developers build Kubernetes clusters and the SRE team codes microservices.
The service mesh: resilient communication for microservice applicationsOutlyer
Modern application architecture is shifting from monolith to microservices: componentized, containerized, and orchestrated with systems like Kubernetes, Mesos, and Docker Swarm. While this environment is resilient to many failures of both hardware and software, applications require more than this to be truly resilient. In this talk, we introduce the notion of a "service mesh": a userspace infrastructure layer designed to manage service-to-service communication in microservice applications, including handling partial failures and unexpected load, while reducing tail latencies and degrading gracefully in the presence of component failure.
Microservices: Why We Did It (and should you?) Outlyer
Mason will present a skeptical, humorous, and practical look at whether companies should consider microservices, and why/not. The story includes the reasons why Credit Karma did make the move, the approach we took, and shares some of our learnings so far.
Renan Dias: Using Alexa to deploy applications to KubernetesOutlyer
It's time to bring voice commands into continuous deployment pipelines. In this talk, Renan will walk you through the steps of setting up a powerful and cutting-edge continuous deployment pipeline, which will allow you to deploy your products to Kubernetes clusters using just your voice. "Alexa, deploy API to production". If you have never imagined yourself doing that, or you have but don't know where to start, this talk is definitely for you.
Alex Dias: how to build a docker monitoring solution Outlyer
Alex will be talking about how docker container monitoring was built at Outlyer. He'll be diving into the details behind how you actually monitor everything in such an environment and the challenges that come with it. Namely, how the Docker API, Cgroups, and the Netlink Linux kernel interface can be leveraged to get specific metrics for each container.
How to build a container monitoring solution - David Gildeh, CEO and Co-Found...Outlyer
David will be talking about how he's built the container monitoring at Outlyer. He'll also be diving into the details behind how you actually monitor everything in a container environment and the challenges that come with it.
Heresy in the church of - Corey Quinn, Principal at The Quinn Advisory Group Outlyer
Docker (and by extension, microservices based architecture) has expanded our horizons with respect to how the industry builds and supports applications at scale. It’s changed the way we think about our code, what production looks like, and how we live. But in our rush to embrace this exciting new paradigm, are we throwing away the lessons of the past?
In this entertaining and somewhat irreverent talk, Corey presents the ”other side” of the containerization craze: how configuration management fits into a world consumed by the Docker Docker Docker madness, how ”containers all the way down” can let you down when you least expect it, and how promising technologies should perhaps be vetted a bit more thoroughly before you try to run critical services on top of them.
Anatomy of a real-life incident -Alex Solomon, CTO and Co-Founder of PagerDutyOutlyer
Major incidents can be very stressful, frustrating and chaotic experiences, especially if the on-call responders lack the proper process, training and coordination.
In this talk, we will walk through a real incident from PagerDuty’s own history, to illustrate what an effective incident response looks like. We will recreate the incident timeline step by step and go over all of the different roles involved, including the incident commander, scribe, customer/business liaison and subject matter experts. We will also cover the process and tooling needed to respond quickly and effectively to major incidents in order to minimize customer and business impact.
A Holistic View of Operational Capabilities—Roy Rapoport, Insight Engineering...Outlyer
Roy Rapoport will discuss the framework Insight Engineering at Netflix uses to think about the real-time operational insight space, the capabilities that any successful organization will eventually need in that space, and what Netflix has done in pursuit of addressing these needs at extremely large scale.
The Network Knows—Avi Freedman, CEO & Co-Founder of Kentik Outlyer
Apps generate the traffic, but the network delivers it. Many devops and netops stacks are completely separate, but it doesn't have to be that way!
In this talk we'll talk a bit about network traffic telemetry - sources, tools, and methods - and show how that data can be linked to metric, log, and APM systems.
Building a production-ready, fully-scalable Docker Swarm using Terraform & Pa...Outlyer
Bobby is a Consultant DevOps Engineer who currently works with UK Cloud’s clients to help them understand DevOps, how to improve their automation and migrate to a cloud-native environment. Bobby has over twenty years of experience working with the web and has most recently been working with public sector clients on their latest projects.
On the surface, the tech behind a payments API may look like any other startup’s. You'll probably find some Rails apps, a database, and a bunch of stuff off to the sides to glue it together. GoCardless found it's mostly not the tech that differs, but the approach.
Using their high-availability Postgres cluster as a running example, they explore how reliability became so important to them, and dive into the most recent feature they built into the cluster: zero-downtime patch upgrades.
Leonard Austin (Ravelin) - DevOps in a Machine Learning WorldOutlyer
As machine learning moves from niche to mainstream tech stacks how do DevOps engineers prepare for a very different set of problems. A brief look at the new issues that arise from machine learning, an overview of cutting-edge "old school" solutions and how to drag data science (kicking and screaming) into a world of automation.
Video: https://www.youtube.com/watch?v=KHxZCRajRiA
Join DevOps Exchange London here: http://meetup.com/DevOps-Exchange-London/
Follow DOXLON on twitter http://www.twitter.com/doxlon
Matt Chung (Independent) - Serverless application with AWS Lambda Outlyer
The talk will focus on how we are utilizing AWS Lambda for certain applications and the advantages/disadvantages, and the challenges we discovered along the way. It would help those who are looking to reduce technical debt with the infrastructure and costs.
Previously a Director of technical operations at fox networks (21st Century Fox/News Corporation) responsible for infrastructure and building deployment pipelines. Currently a Python programmer / DevOps engineer with roots in systems/networks administration. Focus is on infrastructure and application automation. Worked as an engineer for Cisco Systems with emphasis on video conferencing. Built microwave networks at Bel Air Internet. Find me on github and twitter @itsmemattchung
Video: https://www.youtube.com/watch?v=BLcElBUhfrQ
Join DevOps Exchange London here: http://www.meetup.com/DevOps-Exchange-London
Follow DOXLON on twitter http://www.twitter.com/doxlon
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
4. PROBLEM
Too many syste ms an d n ot
e n ou gh visib ility
Massive ly d istrib u te d
In cre asin g n u mb e r of
microser vices
Fu ll d e -centralization
Painfu l p roce ss
We need log ging & metrics
5. WHY DO WE NEED METRICS?
Bloodletting
Starte d arou n d 100BCE
C ontin u e d u ntil 19 th C e ntu r y
H u n d re d s of Th ou san d s h ave
d ie d
It was d on e b e cau se p e op le
cared
Th ey ju st d id n ’t h ave right
th e information
6. WHY ELK?
Easy to setu p
Massive ly Powe rfu l
Scale s ve r y we ll
Op e n sou rce
Availab le as a se r vice
10 min u te setu p
8. • WHO WE SERVEWE NEED A WAY OF GETTING LOGS IN
We don’t want to run Syslog everywhere
Increasingly the applications are running on
cloud native systems
For a lightweight process we can’t add
heavyweight logging
No point writing loads of logging code
9. • WHO WE SERVEWHAT ARE BEATS?
Beats are the Elasticsearch platform for
single purpose, lightweight data shippers.
Designed to be small & portable
Logstash is still important for data
enrichment, reformatting
Replaces Logstash Forwarder & more
15. WHEN LOGGING & METRICS WORK
“Every th in g we kn ow in
aviation , eve r y ru le in th e
ru le b ook, eve r y p roce d u re
we h ave , we kn ow b e cau se
some on e somewh e re d ie d …
We h ave p u rch ase d at gre at
cost, lesson s literally
b rou ght with b lood ”
-
" Su lly" Su lle n b e rge r
17. • WHO WE SERVEOPENSOURCE HIGHLIGHTS
h t t p b e a t
Po l l a h t t p e n d p o i n t
my s q l b e a t
R u n a s c h e d u l e d q u e r y o n a my S q l
s e r v e r
M a n y m o r e u s e f u l B e a t s a v a i l a b l e
o r w r i t e y o u r o w n
C l o u d t ra i l b e a t , P i n g b e a t ,
C o n s u l b e a t e t c . .
exe c b e a t
Pe r i o d i c a l l y r u n c o m m a n d s a n d
s e n d o u t p u t a n d e r r o r
18. • WHO WE SERVEdockbeat
git clone clone https://github.com/Ingensi/dockbeat.git
wget https://github.com/Ingensi/dockbeat/releases/download/v1.0.0/dockbeat-v1.0.0-x86_64
chmod +x dockbeat-v1.0.0-x86_64
vi dockbeat/dockbeat.yml
Replace Docker_Socket & Elasticsearch or Logstash host
./dockbeat-v1.0.0-x86_64 -c dockbeat/dockbeat.yml -v –e
(can also be started in a container or swarm and permissioned)
20. • WHO WE SERVEUSE!
D i s c o v e r
L i s t h i s t o r i c C P U u s a g e
F i n d o u t w h i c h c o n t a i n e r s w e r e r u n
A n a l y ze fo r i n s e c u r e c o n t a i n e r s
M e t r i c s
S h o w r e a l t i m e m e t r i c s o f sy s t e m u s e
D i s p l ay b u s i n e s s v a l u e
V i e w t h e w h o l e sy s t e m a t o n e
V i s u a l i z e
L o o k b a c k a t p e r fo r m a n c e s t a t s
C o r r e l a t e c o s t / p e r fo r m a n c e a n d r e v e n u e
S h o w l o n g t e r m t r e n d s
A l e r t
U s e E l a s t A l e r t o n c o n t a i n e r s
B e i n fo r m e d w h e n t h i n g s s t o p
K n o w w h e n c a p a c i t y i s a n i s s u e