Slides from Orbitz's use case for microservices on docker & mesos at Velocity Santa Clara 2015 conference.
Details: http://velocityconf.com/web-mobile-business-conf-2015/public/schedule/detail/40700
ZendCon 2015 - Laravel Forge: Hello World to Hello ProductionJoe Ferguson
With the recent release of Laravel Forge, Envoyer and Homestead, it has never been easier to go from nothing to something with an easy to use PHP Framework. This talk will cover creating a basic Laravel application using the Laravel specific Vagrant box "Homestead", connecting to a server (Linode, Rackspace, Digital Ocean), and deploying the application via Forge. The talk will also cover tips and tricks on customizing Homestead to fit custom needs as well as how to use Forge & Envoyer to deploy new versions of our application.
Frontend Performance: Beginner to Expert to Crazy PersonPhilip Tellis
There’s no such thing as fast enough. You can always make your website faster. This talk will show you how. The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get tired and leave.In this talk we’ll start with the basics and get progressively insane. We’ll go over several frontend performance best practices, a few anti-patterns, the reasoning behind the rules, and how they’ve changed over the years. We’ll also look at some great tools to help you.
Frontend Performance: De débutant à Expert à Fou FurieuxPhilip Tellis
Frontend Performance Beginner to Expert to Crazy Person
The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get tired and leave.
In this talk we'll start with the basics and get progressively insane. We'll go over several frontend performance best practices, a few anti-patterns, the reasoning behind the rules, and how they've changed over the years. We'll also look at some great tools to help you.
La performance front-end de débutant, à expert, à fou furieux !
La toute première condition nécessaire à une bonne expérience utilisateur est de pouvoir obtenir les octets de cette expérience avant que l'utilisateur ne se lasse et parte.
Nous débuterons cette conférence avec les bases pour progressivement devenir démentiel. Nous aborderons plusieurs des meilleurs pratiques de la performance front-end, quelques anti-patterns à éviter, le raisonnement derrière les règles, et comment ces dernières ont changé au fil des ans. Nous regarderons d'un peu plus près quelques très bon outils qui peuvent vous aider.
Atlassian faces the same issues as any other software company in the world. The battle for continuous integration glory is fought every day, and at stake is nothing less than our development and delivery speed. Join us to find out how we do it at Atlassian, powered by Bamboo. Because in the Game of Codes, you win... or you die.
Frontend Performance: Beginner to Expert to Crazy PersonPhilip Tellis
The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get fed up and leave.
In this talk we'll start with the basics and get progressively insane. We'll go over several frontend performance best practices, a few anti-patterns, the reasoning behind the rules, and how they've changed over the years. We'll also look at some great tools to help you.
ZendCon 2015 - Laravel Forge: Hello World to Hello ProductionJoe Ferguson
With the recent release of Laravel Forge, Envoyer and Homestead, it has never been easier to go from nothing to something with an easy to use PHP Framework. This talk will cover creating a basic Laravel application using the Laravel specific Vagrant box "Homestead", connecting to a server (Linode, Rackspace, Digital Ocean), and deploying the application via Forge. The talk will also cover tips and tricks on customizing Homestead to fit custom needs as well as how to use Forge & Envoyer to deploy new versions of our application.
Frontend Performance: Beginner to Expert to Crazy PersonPhilip Tellis
There’s no such thing as fast enough. You can always make your website faster. This talk will show you how. The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get tired and leave.In this talk we’ll start with the basics and get progressively insane. We’ll go over several frontend performance best practices, a few anti-patterns, the reasoning behind the rules, and how they’ve changed over the years. We’ll also look at some great tools to help you.
Frontend Performance: De débutant à Expert à Fou FurieuxPhilip Tellis
Frontend Performance Beginner to Expert to Crazy Person
The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get tired and leave.
In this talk we'll start with the basics and get progressively insane. We'll go over several frontend performance best practices, a few anti-patterns, the reasoning behind the rules, and how they've changed over the years. We'll also look at some great tools to help you.
La performance front-end de débutant, à expert, à fou furieux !
La toute première condition nécessaire à une bonne expérience utilisateur est de pouvoir obtenir les octets de cette expérience avant que l'utilisateur ne se lasse et parte.
Nous débuterons cette conférence avec les bases pour progressivement devenir démentiel. Nous aborderons plusieurs des meilleurs pratiques de la performance front-end, quelques anti-patterns à éviter, le raisonnement derrière les règles, et comment ces dernières ont changé au fil des ans. Nous regarderons d'un peu plus près quelques très bon outils qui peuvent vous aider.
Atlassian faces the same issues as any other software company in the world. The battle for continuous integration glory is fought every day, and at stake is nothing less than our development and delivery speed. Join us to find out how we do it at Atlassian, powered by Bamboo. Because in the Game of Codes, you win... or you die.
Frontend Performance: Beginner to Expert to Crazy PersonPhilip Tellis
The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get fed up and leave.
In this talk we'll start with the basics and get progressively insane. We'll go over several frontend performance best practices, a few anti-patterns, the reasoning behind the rules, and how they've changed over the years. We'll also look at some great tools to help you.
Programmable Infrastructure is code too - we should probably test it! These are the slides from a talk I've done a few times now, most recently at Agile Cambridge 2017 and at QCon London 2017.
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
Deploying 3 times a day without a downtime @ Rocket Tech Summit in BerlinAlessandro Nadalin
A look at how we try to make our architecture robust, resilient and fun to work with: Namshi is not github or spotify but... ...imitation is the sincerest form of flattery!
A talk given to JCConf 2015 on 2015/12/05.
在程式設計領域,“immutable objects” 是相當重要的設計模式。同樣的,在虛擬化及雲端時代,“immutable infrastructure” 也成為新一代的顯學。在資源及流程的充分配合下,這將會大大簡化系統的複雜度,穩定性也會大大提升。
本演講將會從觀念出發,並佐以部份實作建議,讓大家有足夠資訊來評估此架構的好處。
Video: https://youtu.be/9j008nd6-A4
https://getnobullshit.com/
Nous savons tous développer une API mais avons-nous bien intégré toutes les problématiques?
Son aspect organisationnel et humain, sa gouvernance, ses contraintes business et d'opérabilité (SLA, SLO, SLI), son release management, ses méthodes de requêtage, sa sécurité (ses performances, sa mise à l'échelle), ses différents types de test, sa documentation, son versioning (compatibilité, changelog), son monitoring — et bien plus encore — de cette API une fois en production ?
Durant ce talk, c'est plus de 30 points d'attentions rarement évoqué que je vous propose d'aborder, à la lumière de retours d'expériences provenant de tech-leader comme Uber, Stripe, Facebook et Google mais aussi d'entreprise française de la petite startup à la PME.
An internal presentation given to the tech team at Namshi: thoughts on our 2013 and what to expect in 2014.
If you looking to team up with a bunch of passionate nerds...have a look and join the crazy boat!
http://namshi.com/
http://tech.namshi.com/
Le Streaming d'API : pourquoi et comment transformer vos APIs statiques en do...Audrey Neveu
Nous savons que l’animation est essentielle pour l'interaction avec nos utilisateurs. Mais aujourd'hui l'interactivité ne peut plus se résumer à l’UX. Twitter, Waze, Slack … toutes les applications à succès utilisent le temps réel pour rendre leurs utilisateurs addicts.
Mais comment faire pour transformer votre API statique en un flux de données temps-réel ? Du pull ? Du push ? Des Webhooks ? Vous connaissez sûrement les Web-Sockets, mais avez vous déjà entendu parler de Server-Sent Events ?
Dans ce talk nous comparerons ces technologies pour comprendre dans quel cas elles s'appliquent le mieux avant de voir comment on peut aller encore plus loin en réduisant la quantité de données échangées. Et parce qu'il n'y a pas que le web qui a besoin de temps réel (et parce que c'est bien plus fun), je vous montrerai comment faire danser des drones sur des APIs streamées.
Le Streaming d'API : pourquoi et comment transformer vos APIs statiques en do...Audrey Neveu
Nous savons que l’animation est essentielle pour l'interaction avec nos utilisateurs. Mais aujourd'hui l'interactivité ne peut plus se résumer à l’UX. Twitter, Waze, Slack … toutes les applications à succès utilisent le temps réel pour rendre leurs utilisateurs addicts.
Mais comment faire pour transformer votre API statique en un flux de données temps-réel ? Du pull ? Du push ? Des Webhooks ? Vous connaissez sûrement les Web-Sockets, mais avez vous déjà entendu parler de Server-Sent Events ?
Dans ce talk nous comparerons ces technologies pour comprendre dans quel cas elles s'appliquent le mieux avant de voir comment on peut aller encore plus loin en réduisant la quantité de données échangées. Et parce qu'il n'y a pas que le web qui a besoin de temps réel (et parce que c'est bien plus fun), je vous montrerai comment faire danser des drones sur des APIs streamées.
Frontend Performance: Beginner to Expert to Crazy PersonPhilip Tellis
Boston Web Performance Meetup, April 22, 2014
The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get fed up and leave. In this talk we'll start with the basics and get progressively insane. We'll go over several front-end performance best practices, a few anti-patterns, the reasoning behind the rules, and how they've changed over the years. We'll also look at some great tools to help you.
Schedule: 6:30, pizza
7:15: talk
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
Web applications are becoming increasingly more complex, so deployment is not just transferring files with FTP anymore. We will go over the different challenges and how to deploy our PHP applications effectively, safely and consistently with the latest tools and techniques. We will also look at tools that complement deployment with management, configuration and monitoring.
SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
Web applications are becoming increasingly more complex, so deployment is not just transferring files with FTP anymore. We will go over the different challenges and how to deploy our PHP applications effectively, safely and consistently with the latest tools and techniques. We will also look at tools that complement deployment with management, configuration and monitoring.
In recent years there has been a tremendous amount of progress and innovation around tools and applications available to web developers that improve the quality, efficiency and speed of our applications, and it is hard to keep up with all of it.
@kannonboy's JavaOne 2016 presentation "Code reviews vs Pull requests"
Many styles and processes are available for code review. Which one is suitable for your team? Do you use Git, Subversion, or something more exotic? Do you prefer to review code precommit or via a pull request? Do you favor a feature branching, forking, or Gerrit-style workflow? This session breaks down the various popular options adopted by professional teams. It investigates pull requests (popularized by Bitbucket and GitHub), Gerrit’s specialized workflow, and other postcommit and precommit review systems, discussing the pros and cons of each. Finally, it shows the battle-hardened review processes used by Atlassian’s development teams, refined over tens of thousands of code reviews and pull requests and across countless retrospectives.
Madison PHP 2015 - DevOps For Small TeamsJoe Ferguson
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
Enabling Hybrid Workflows with Docker/Mesos @OrbitzSteve Hoffman
Video here: http://bit.ly/oww-mesoscon2015-video
The promise of Mesos to create a datacenter-centric resource pool is a great idea. However, a decade old company with many different types of existing systems and unique workloads can't simply mass migrate to Mesos. That doesn't mean Mesos can't pay a huge part in unifying disparate workloads that construct existing systems while opening the door to new Mesos-centric development.
In this presentation, Steve will cover 3 very different use cases that are being unified under Apache Mesos including: Automated builds of existing code artifacts, automated builds of AWS AMIs via packer in EC2, and rolling deploys & supervision of Docker microservices across environments. The addition of Docker on Mesos has enabled this, but that doesn't mean that all Mesos slaves should be identical. See how the addition of localized support services on slaves can compliment your Docker on Mesos use cases.
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
This talk is distillation of what makes microservices different from normal services. While this talk can serve as an introduction to microservices the real goal is to help tease out the key areas of what is a very broard topic.
There has been lots of buzz around Microservices over the last year, but there has often been a lack of clarity as to what Microservices are, or how to implement them well. I've been working to distill down the principles of Microservices to help ensure that we don't just end up repeating the mistakes we made during the last 20 years of service oriented architecture. I'll talk about the history of where Microservices came from, what they are, the benefits and downsides, and the core principles to stick to do to them well.
This is a shorter 60min version of the presentation
This is the longer, 90 min version of my Microservices talk, as presented at Velocity 2016 in Santa Clara.
Security is everyone’s job, even if you’re not a specialist. Microservices offer many options for securing your systems. Done right, microservices can increase the security of your vital data and processes. Done wrong, and they can increase the surface area of attack. Sam Newman explores the importance of defense in depth, discussing the many different ways in which you can secure your fine-grained, distributed architectures and outlining a model to show how developers can think about application security and how they can play their part. From there, Sam dives into the specific challenges in microservice architectures and explains how application security principles can be applied to these often much more complex application architectures. You’ll leave with a high-level framework for thinking about application security and tools that help with prevention, detection, response, and recovery, as well as the knowledge of what not to do when breaches happen.
Programmable Infrastructure is code too - we should probably test it! These are the slides from a talk I've done a few times now, most recently at Agile Cambridge 2017 and at QCon London 2017.
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
Deploying 3 times a day without a downtime @ Rocket Tech Summit in BerlinAlessandro Nadalin
A look at how we try to make our architecture robust, resilient and fun to work with: Namshi is not github or spotify but... ...imitation is the sincerest form of flattery!
A talk given to JCConf 2015 on 2015/12/05.
在程式設計領域,“immutable objects” 是相當重要的設計模式。同樣的,在虛擬化及雲端時代,“immutable infrastructure” 也成為新一代的顯學。在資源及流程的充分配合下,這將會大大簡化系統的複雜度,穩定性也會大大提升。
本演講將會從觀念出發,並佐以部份實作建議,讓大家有足夠資訊來評估此架構的好處。
Video: https://youtu.be/9j008nd6-A4
https://getnobullshit.com/
Nous savons tous développer une API mais avons-nous bien intégré toutes les problématiques?
Son aspect organisationnel et humain, sa gouvernance, ses contraintes business et d'opérabilité (SLA, SLO, SLI), son release management, ses méthodes de requêtage, sa sécurité (ses performances, sa mise à l'échelle), ses différents types de test, sa documentation, son versioning (compatibilité, changelog), son monitoring — et bien plus encore — de cette API une fois en production ?
Durant ce talk, c'est plus de 30 points d'attentions rarement évoqué que je vous propose d'aborder, à la lumière de retours d'expériences provenant de tech-leader comme Uber, Stripe, Facebook et Google mais aussi d'entreprise française de la petite startup à la PME.
An internal presentation given to the tech team at Namshi: thoughts on our 2013 and what to expect in 2014.
If you looking to team up with a bunch of passionate nerds...have a look and join the crazy boat!
http://namshi.com/
http://tech.namshi.com/
Le Streaming d'API : pourquoi et comment transformer vos APIs statiques en do...Audrey Neveu
Nous savons que l’animation est essentielle pour l'interaction avec nos utilisateurs. Mais aujourd'hui l'interactivité ne peut plus se résumer à l’UX. Twitter, Waze, Slack … toutes les applications à succès utilisent le temps réel pour rendre leurs utilisateurs addicts.
Mais comment faire pour transformer votre API statique en un flux de données temps-réel ? Du pull ? Du push ? Des Webhooks ? Vous connaissez sûrement les Web-Sockets, mais avez vous déjà entendu parler de Server-Sent Events ?
Dans ce talk nous comparerons ces technologies pour comprendre dans quel cas elles s'appliquent le mieux avant de voir comment on peut aller encore plus loin en réduisant la quantité de données échangées. Et parce qu'il n'y a pas que le web qui a besoin de temps réel (et parce que c'est bien plus fun), je vous montrerai comment faire danser des drones sur des APIs streamées.
Le Streaming d'API : pourquoi et comment transformer vos APIs statiques en do...Audrey Neveu
Nous savons que l’animation est essentielle pour l'interaction avec nos utilisateurs. Mais aujourd'hui l'interactivité ne peut plus se résumer à l’UX. Twitter, Waze, Slack … toutes les applications à succès utilisent le temps réel pour rendre leurs utilisateurs addicts.
Mais comment faire pour transformer votre API statique en un flux de données temps-réel ? Du pull ? Du push ? Des Webhooks ? Vous connaissez sûrement les Web-Sockets, mais avez vous déjà entendu parler de Server-Sent Events ?
Dans ce talk nous comparerons ces technologies pour comprendre dans quel cas elles s'appliquent le mieux avant de voir comment on peut aller encore plus loin en réduisant la quantité de données échangées. Et parce qu'il n'y a pas que le web qui a besoin de temps réel (et parce que c'est bien plus fun), je vous montrerai comment faire danser des drones sur des APIs streamées.
Frontend Performance: Beginner to Expert to Crazy PersonPhilip Tellis
Boston Web Performance Meetup, April 22, 2014
The very first requirement of a great user experience is actually getting the bytes of that experience to the user before they they get fed up and leave. In this talk we'll start with the basics and get progressively insane. We'll go over several front-end performance best practices, a few anti-patterns, the reasoning behind the rules, and how they've changed over the years. We'll also look at some great tools to help you.
Schedule: 6:30, pizza
7:15: talk
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
Web applications are becoming increasingly more complex, so deployment is not just transferring files with FTP anymore. We will go over the different challenges and how to deploy our PHP applications effectively, safely and consistently with the latest tools and techniques. We will also look at tools that complement deployment with management, configuration and monitoring.
SymfonyCon Madrid 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
Web applications are becoming increasingly more complex, so deployment is not just transferring files with FTP anymore. We will go over the different challenges and how to deploy our PHP applications effectively, safely and consistently with the latest tools and techniques. We will also look at tools that complement deployment with management, configuration and monitoring.
In recent years there has been a tremendous amount of progress and innovation around tools and applications available to web developers that improve the quality, efficiency and speed of our applications, and it is hard to keep up with all of it.
@kannonboy's JavaOne 2016 presentation "Code reviews vs Pull requests"
Many styles and processes are available for code review. Which one is suitable for your team? Do you use Git, Subversion, or something more exotic? Do you prefer to review code precommit or via a pull request? Do you favor a feature branching, forking, or Gerrit-style workflow? This session breaks down the various popular options adopted by professional teams. It investigates pull requests (popularized by Bitbucket and GitHub), Gerrit’s specialized workflow, and other postcommit and precommit review systems, discussing the pros and cons of each. Finally, it shows the battle-hardened review processes used by Atlassian’s development teams, refined over tens of thousands of code reviews and pull requests and across countless retrospectives.
Madison PHP 2015 - DevOps For Small TeamsJoe Ferguson
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
Enabling Hybrid Workflows with Docker/Mesos @OrbitzSteve Hoffman
Video here: http://bit.ly/oww-mesoscon2015-video
The promise of Mesos to create a datacenter-centric resource pool is a great idea. However, a decade old company with many different types of existing systems and unique workloads can't simply mass migrate to Mesos. That doesn't mean Mesos can't pay a huge part in unifying disparate workloads that construct existing systems while opening the door to new Mesos-centric development.
In this presentation, Steve will cover 3 very different use cases that are being unified under Apache Mesos including: Automated builds of existing code artifacts, automated builds of AWS AMIs via packer in EC2, and rolling deploys & supervision of Docker microservices across environments. The addition of Docker on Mesos has enabled this, but that doesn't mean that all Mesos slaves should be identical. See how the addition of localized support services on slaves can compliment your Docker on Mesos use cases.
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
This talk is distillation of what makes microservices different from normal services. While this talk can serve as an introduction to microservices the real goal is to help tease out the key areas of what is a very broard topic.
There has been lots of buzz around Microservices over the last year, but there has often been a lack of clarity as to what Microservices are, or how to implement them well. I've been working to distill down the principles of Microservices to help ensure that we don't just end up repeating the mistakes we made during the last 20 years of service oriented architecture. I'll talk about the history of where Microservices came from, what they are, the benefits and downsides, and the core principles to stick to do to them well.
This is a shorter 60min version of the presentation
This is the longer, 90 min version of my Microservices talk, as presented at Velocity 2016 in Santa Clara.
Security is everyone’s job, even if you’re not a specialist. Microservices offer many options for securing your systems. Done right, microservices can increase the security of your vital data and processes. Done wrong, and they can increase the surface area of attack. Sam Newman explores the importance of defense in depth, discussing the many different ways in which you can secure your fine-grained, distributed architectures and outlining a model to show how developers can think about application security and how they can play their part. From there, Sam dives into the specific challenges in microservice architectures and explains how application security principles can be applied to these often much more complex application architectures. You’ll leave with a high-level framework for thinking about application security and tools that help with prevention, detection, response, and recovery, as well as the knowledge of what not to do when breaches happen.
Microservices are small services with independent lifecycles that work together. There is an underlying tension in that definition – how independent can you be when you have to be part of a whole? I’ve spent much of the last couple of years trying to understand how to find the right balance, and in this talk/tutorial I’ll be presenting the core seven principles that I think represent what makes microservices tick.
After a brief introduction of what microservices are and why they are important, we’ll spend the bulk of the time looking at the principles themselves, wherever possible covering real-world examples and technology:
- Modelled around business domain – using techniques from domain-driven design to find service boundaries leads to better team alignment and more stable service boundaries, avoiding expensive cross-service changes.
- Culture of automation – all organisations that use microservices at scale have strong cultures of automation. We’ll look at some of their stories and think about which sort of automation is key.
- Hide implementation details – how do you hide the detail inside each service to avoid coupling, and ensure each service retains its autonomous nature?
- Decentralize all the things! – we have to push power down as far as we can, and this goes for both the system and organisational architecture. We’ll look at everything from autonomous self-contained teams and internal open source, to using choreographed systems to handle long-lived business transactions.
- Deploy independently – this is all about being able to deploy safely. So we’ll cover everything from deployment models to consumer-driven contracts and the importance of separating deployment from release.
- Isolate failure – just making a system distributed doesn’t make it more stable than a monolithic application. So what do you need to look for?
- Highly observable – we need to understand the health of a single service, but also the whole ecosystem. How?
In terms of learning outcomes, beginners will get a sense of what microservices are and what makes them different, whereas more experienced practitioners will get insight and practical advice into how to implement them.
Enabling Microservice @ Orbitz - GOTO Chicago 2016Steve Hoffman
In this talk we will discuss how we enabled decomposition of one of our 500+ system components into a continuously deployed microservice cluster. Our platform is comprised of Apache Mesos/Marathon, Docker, and a number of local services including Consul for service discovery, Logstash for diskless logging, and a custom metrics forwarder to Graphite. Building on this, we'll detail our CI pipeline using Jenkins workflows to build and publish microservices as Docker images, test and deploy via Marathon/Mesos, and automated change tickets. Finally, we'll discuss lessons learned from building our own enterprise PaaS and scaling it out to a large organization.
Enabling Microservices @Orbitz - DevOpsDays Chicago 2015Steve Hoffman
In this talk we discuss how we enabled decomposition of one of our 500+ system components into a continuously deployed microservice cluster using automated pipelines in jenkins with docker, mesos, & marathon
Microservices give us many options. We can pick different technologies, mix synchronous and asynchronous integration techniques or embrace different deployment patterns. But they also give us different options in how we think about securing our systems. Done right, and microservices can increase the security of your vital data and processes. Done wrong, and you can increase the surface area of attack. This talk will discuss the importance of defence in depth, discussing the many different ways in which you can secure your fine-grained, distributed architectures.
There has been lots of buzz around Microservices over the last year, but there has often been a lack of clarity as to what Microservices are, or how to implement them well. I've been working to distill down the principles of Microservices to help ensure that we don't just end up repeating the mistakes we made during the last 20 years of service oriented architecture.
The challenges of managing many, smaller deployable services mean that what we need in terms of deployment platforms are very different to what was needed before. But few areas of software technology have been experiencing as much innovation and churn as the deployment options available for microservice architectures. From appication containers, to docker, to mesos and beyond, this talk will break apart the myriad challenges that can come from managing microservices at scale, and how to pick the right technologies for you.
DockerCon SF 2015: Enabling Microservices @OrbitzDocker, Inc.
The slides from Steve Hoffman and Rick Fast's presentation at DockerCon SF 2015 -
Talk Description:
In this talk we will discuss how we enabled decomposition of one of our 250+ system components into a continously deployed microservice cluster.
This includes building a standardized Docker server composed of various local companion services along side the Docker daemon including: dynamic service discovery via Consul, a log relay to a centralized Elasticsearch cluster, and forwarding/batching of Dropwizard metrics to Graphite.
Building on this we'll cover our Jenkins driven automated pipeline for building Docker images and rolling deployments via Ansible using static placement on existing infrastructure while prototyping dynamic placement using Docker + Apache Mesos.
Front End Development for Back End Developers - Devoxx UK 2017Matt Raible
Are you a backend developer that’s being pushed into front end development? Are you frustrated with all JavaScript frameworks and build tools you have to learn to be a good UI developer? If so, this session is for you! We’ll explore the tools of the trade for fronted development (npm, yarn, Gulp, Webpack, Yeoman) and learn the basics of HTML, CSS, and JavaScript. We’ll dive into the intricacies of Bootstrap, Material Design, ES6, and TypeScript. Finally, after getting you up to speed with all this new tech, we’ll show how it can all be found and integrated through the fine and dandy JHipster project.
Automatisation in development and testing - within budgetDavid Lukac
Working on client projects with very strict budget and resource restrictions, tight deadlines and pressure, many times does not allow for full blown Test Driven Development, Continuous Delivery and other software engineering goodness we would love to have. We will show you easily accessible and quickly implementable options, that allow you to automate your development and testing process, or at least the most painful parts, without blowing the budget. Finally you can relax during deployments of the code to production! :-)
Automatisation in development and testing - within budget [IronCamp prague 20...David Lukac
Working on client projects with very strict budget and resource restrictions, tight deadlines and pressure, many times does not allow for full blown Test Driven Development, Continuous Delivery and other software engineering goodness we would love to have. We will show you easily accessible and quickly implementable options, that allow you to automate your development and testing process, or at least the most painful parts, without blowing the budget. Finally you can relax during deployments of the code to production! :-)
JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik DornPROIDEA
This presentation will introduce you to Docker - the new shiny star on the Devops horizon. It will teach you everything you need to know to get started with Docker, why you'd want to use it and which tools to use to get the most out of it. Additionally to showing the basics, it will introduce helpful libraries available for the JVM and how they can be used together with Docker to create secure, scalable and maintainable cloud setups for your applications.
Automation is integral to Cisco® Application Centric Infrastructure (ACI). Learn about the basic concepts necessary to begin effectively using the programmatic features of Cisco ACI. The session begins with an overview of the Cisco ACI object model, which describes how the system interprets configuration and represents state to internal and external entities. The Representational State Transfer (REST) API provides the means necessary to manipulate the object store, which contains the configured state of the Cisco Application Policy Infrastructure Controller (APIC) using the object model as the metadata definition. The session also covers the Cisco APIC software development kit (SDK) uses the REST API to read and write the configuration of Cisco APIC, using the object model to describe the current and desired states.
Docker and Cloud - Enables for DevOps - by ACA-ITStijn Wijndaele
DevOps is gericht op het tot stand brengen van een cultuur binnen organisaties waardoor het ontwikkelen, valideren en releasen van software sneller, meer betrouwbaar en frequenter kan verlopen. Om dit te realiseren staan het automatiseren van het 'software delivery process' en de bijhorende infrastructurele veranderingen centraal. Door de opkomst van 'Microservice Architecture' neemt het belang hiervan nog verder toe.
Sprekers: Stijn Van den Enden & Stijn Wijndaele (ACA IT-Solutions) DevOps is gericht op het tot stand brengen van een cultuur binnen organisaties waardoor het ontwikkelen, valideren en releasen van software sneller, meer betrouwbaar en frequenter kan verlopen. Om dit te realiseren staan het automatiseren van het 'software delivery process' en de bijhorende infrastructurele veranderingen centraal. Door de opkomst van 'Microservice Architecture' neemt het belang hiervan nog verder toe.
In deze avondconferentie werd, na een korte toelichting over DevOps, nagegaan wat Docker en de Cloud kunnen betekenen voor uw business, en hoe zij als enablers kunnen dienen voor het tot stand brengen van een DevOps-cultuur. Het container-landschap waarvan tools zoals Kubernetes, Docker Swarm, ...een belangrijk onderdeel vormen, wordt toegelicht en er wordt ingegaan op de wijze waarop deze tools aangewend kunnen worden om 'development' en 'operations' efficiënt te laten samenwerken.
Evolution of WebRTC APIs and feature from peer-to-peer to object model in 2015. Include latest updates from November meetings in Japan. Beta, non-complete version. Contact agouaillard@gmail.com for more.
Presentation on Docker and Docker Compose. Includes basic commands to get started with Docker container. This presentation was presented on 9th February, 2018
Similar to Enabling Microservices @Orbitz - Velocity Conf 2015 (20)
Slides for Jan 29, 2020 Chicago Rust Meetup talk where I discuss using Rust based Lambdas in AWS. I don't believe the talk is being recorded so might not make 100% sense, but left links on most pages for more info. Hope this is useful to folks.
Nerd Out with Hadoop: A Not-So-Basic Introduction to the PlatformSteve Hoffman
Talk Mike Roark and I gave at Tech Week Chicago 2013. Thanks to Mike for digging up the slides!
This to-the-point, no-frills workshop gives programmers the steps and takeaways needed to get a Hadoop database set up today. The Orbitz big data team will help development folks get over any intimidation felt towards Hadoop—and show what is possible when you become acquainted with the system. Start creating your own datasets right after the talk!
Combating DNS Exfiltration in AWS - AWS Midwest Community Day 2018Steve Hoffman
Slides from AWS Midwest Community Day presentation on DNS Exfiltration in Amazon Web Services and some things you can do to protect yourself - June 7, 2018
Combating DNS Exfiltration in AWS - BSidesChicago 2018Steve Hoffman
Slides from BSidesChicago (https://bsideschicago.org/) presentation on DNS Exfiltration in Amazon Web Services and some things you can do to protect yourself - May 12, 2018
flAWS Walkthrough - AWS Chicago Meetup 8/8/2017Steve Hoffman
Slides from a walkthrough of the https://flaws.cloud/ puzzle. I highly recommend you try the puzzle and read the hints and assoicated links before looking at the answers!
Have fun!
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
30. #velocityconf
2015
A New Experiment
• Microservices?
• Decompose single “service” into the actual 40+ sub-services
• Any change to sub-service was a deployment of many
• Could it be a simple Spring Boot App in Docker (12 factor?)
• Backward compatible with existing service infrastructure.
• Code to Production w/o help from other Humans - Minutes not Days
77. #velocityconf
2015
rfast-mbp:git rfast$ yo microservice
_-----_
| | .--------------------------.
|--(o)--| | Welcome to the kickass |
`---------´ | Microservice |
( _´U`_ ) | generator! |
/___A___ '--------------------------'
| ~ |
__'.___.'__
´ ` |° ´ Y `
? Enter the name of your service. (E.G. "my-service")
Yo
114. #velocityconf
2015
Deploy
PUT /apps/editorial-module
{
“image”: “orbitz/editorial-module:1.2.17” …
}
- tasks:
marathon: …
1.2.16
1.2.16
1.2.16
app = GET /v2/apps/editorial-module
if not app then
deploy_id =
POST /v2/apps
{
“image”: “orbitz/editorial-module:1.2.17”,
“id”: “editorial-module”
}
else
deploy_id =
PUT /v2/apps/editorial-module
{ “image”: “orbitz/editorial-module:1.2.17” }
end if
while GET /v2/deployments contains deploy_id
// still deploying
end
// deploy complete
136. #velocityconf
May 2015
Summary
• Create a platform for docker deployments using shared and app-specific “localhost” helpers
— this was ours, yours SHOULD look different — adapt to change, don’t fight it.
• People don’t scale, use automation
• Docker - repeatable applications (environment portable apps)
• Chef - repeatable infrastructure (environment aware services)
• Jenkins - repeatable releases (pipelines)
• Delineate configuration concerns:
• Known at Compile time — Bake into Docker image
• Known at Boot time — Bake into Playbook/Launcher - parameter to Docker run
• Changes Anytime — Externalize (consul K/V, etcd, zookeeper)