CloudOps' software developer, Patrick Dubé's slides from his talk at Confoo in Montreal about using Hashicorp's Terraform automation tool to treat your infrastructure as code on cloud.ca.
CloudOps' software developer, Patrick Dubé's slides from his talk at Confoo in Montreal about using Hashicorp's Terraform automation tool to treat your infrastructure as code on cloud.ca.
Fast Paced Drupal 8: Accelerating Development with Composer, Drupal Console a...Acquia
We’ve heard that developing with Drupal 8 is fast by default, but does that extend to your development process? There are new tools in Drupal 8 that can accelerate your day-to-day work, and will help you master rapid development in Drupal 8.
Join Myplanet’s Erin Marchak as she does a live walk through of building a site install with Composer, developing a module with Drupal Console, and ingesting external content with Services, all within 1 hour. In this demonstration of Drupal 8’s improved developer experience, topics covered will include
Dependency management using Composer
Content ingestion using Guzzle PHP
Code scaffolding using Drupal Console
Configuration management using Drupal Console
Drupal 8’s Services and Dependency Injection
[Container X mas Party with flexy] Machine Learning Lifecycle with Kubeflow o...Naoki (Neo) SATO
[Container X mas Party with flexy] Machine Learning Lifecycle with Kubeflow on Azure Kubernetes Service (AKS)
https://satonaoki.wordpress.com/2018/12/18/kubeflow-azure/
Container X mas Party with flexy
https://flexy.connpass.com/event/110839/
Take Command of WordPress With WP-CLI at WordCamp Long BeachDiana Thompson
WP-CLI is the official command line tool for interacting with and managing your WordPress sites. Learn to use it to speed up maintenance and deployment tasks, and to aid in theme and plugin development.
Noah Zoschke took to the Waza 2013 stage to present "Heroku Secrets". For more from Zoschke, ping him at @nzoschke. For more on Waza visit http://waza.heroku.com/2013.
For Waza videos stay tuned at http://blog.heroku.com or visit http://vimeo.com/herokuwaza
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get DiagnosticsShapeBlue
Demonstration of CloudStack’s latest features for troubleshooting the Virtual Router connectivity and configuration, called Run and Get Diagnostics. Run Diagnostics gives the admin ability to execute diagnostics commands native the VR OS directly from the CloudStack UI. Admin is able to determine connectivity capabilities of the VR without logging into the SystemVM at all. Get diagnostics feature allow the admin to gather information about the SystemVM as fast as clicking on a button in the ‘QuickView’ of the VM. Admin can also execute custom scripts on each SystemVM type from the CloudStack UI. This session will begin with complete presentation of the features followed by live demo and Q&A.
Cloud init and cloud provisioning [openstack summit vancouver]Joshua Harlow
Evil Superuser's HOWTO: Launching instances to do your bidding.
You click 'run' on the OpenStack dashboard, or launch a new instance via the api. Some provisioning magic happens and soon you've got a server created especially for you. Did you ever wonder what magic happens to a standard image on boot? Have you wanted to launch instances and have them into your infrastructure with no manual interaction? Cloud-init is software that runs in most linux instances. It can take your input and do your bidding. Learn what things cloud-init magically does for you and how you can make it do more. Also, take advantage of the after-talk to pester cloud-init developers on what is missing or throw rotten fruits in their direction.
One-Man Ops with Puppet & Friends.
If you're getting started in Amazon AWS here's 7 tools that will help you be successful, a few tips to make your life easier and some common pitfalls to avoid.
Sights, Sounds and Tastes at the Ballard Farmers Marketdliberty
On a beautiful, sunny Spring day farmers markets in Seattle are abuzz with activity. After a long cold winter local residents look forward to the bounty of fresh food that can be found at the markets, like this one in Ballard
Fast Paced Drupal 8: Accelerating Development with Composer, Drupal Console a...Acquia
We’ve heard that developing with Drupal 8 is fast by default, but does that extend to your development process? There are new tools in Drupal 8 that can accelerate your day-to-day work, and will help you master rapid development in Drupal 8.
Join Myplanet’s Erin Marchak as she does a live walk through of building a site install with Composer, developing a module with Drupal Console, and ingesting external content with Services, all within 1 hour. In this demonstration of Drupal 8’s improved developer experience, topics covered will include
Dependency management using Composer
Content ingestion using Guzzle PHP
Code scaffolding using Drupal Console
Configuration management using Drupal Console
Drupal 8’s Services and Dependency Injection
[Container X mas Party with flexy] Machine Learning Lifecycle with Kubeflow o...Naoki (Neo) SATO
[Container X mas Party with flexy] Machine Learning Lifecycle with Kubeflow on Azure Kubernetes Service (AKS)
https://satonaoki.wordpress.com/2018/12/18/kubeflow-azure/
Container X mas Party with flexy
https://flexy.connpass.com/event/110839/
Take Command of WordPress With WP-CLI at WordCamp Long BeachDiana Thompson
WP-CLI is the official command line tool for interacting with and managing your WordPress sites. Learn to use it to speed up maintenance and deployment tasks, and to aid in theme and plugin development.
Noah Zoschke took to the Waza 2013 stage to present "Heroku Secrets". For more from Zoschke, ping him at @nzoschke. For more on Waza visit http://waza.heroku.com/2013.
For Waza videos stay tuned at http://blog.heroku.com or visit http://vimeo.com/herokuwaza
Boris Stoyanov - Troubleshooting the Virtual Router - Run and Get DiagnosticsShapeBlue
Demonstration of CloudStack’s latest features for troubleshooting the Virtual Router connectivity and configuration, called Run and Get Diagnostics. Run Diagnostics gives the admin ability to execute diagnostics commands native the VR OS directly from the CloudStack UI. Admin is able to determine connectivity capabilities of the VR without logging into the SystemVM at all. Get diagnostics feature allow the admin to gather information about the SystemVM as fast as clicking on a button in the ‘QuickView’ of the VM. Admin can also execute custom scripts on each SystemVM type from the CloudStack UI. This session will begin with complete presentation of the features followed by live demo and Q&A.
Cloud init and cloud provisioning [openstack summit vancouver]Joshua Harlow
Evil Superuser's HOWTO: Launching instances to do your bidding.
You click 'run' on the OpenStack dashboard, or launch a new instance via the api. Some provisioning magic happens and soon you've got a server created especially for you. Did you ever wonder what magic happens to a standard image on boot? Have you wanted to launch instances and have them into your infrastructure with no manual interaction? Cloud-init is software that runs in most linux instances. It can take your input and do your bidding. Learn what things cloud-init magically does for you and how you can make it do more. Also, take advantage of the after-talk to pester cloud-init developers on what is missing or throw rotten fruits in their direction.
One-Man Ops with Puppet & Friends.
If you're getting started in Amazon AWS here's 7 tools that will help you be successful, a few tips to make your life easier and some common pitfalls to avoid.
Sights, Sounds and Tastes at the Ballard Farmers Marketdliberty
On a beautiful, sunny Spring day farmers markets in Seattle are abuzz with activity. After a long cold winter local residents look forward to the bounty of fresh food that can be found at the markets, like this one in Ballard
Protecting Open Innovation with the Defensive Patent LicenseOSCON Byrum
The Defensive Patent License (DPL) is a new legal mechanism to protect innovators by creating a patent network that is committed to defense and "de-weaponizing" patents. It draws from the theories and values of F/OSS licensing to create obligations that "travel with the patent"--preventing troll from taking over open technologies and pulling them out of the public domain.
OSCON 2013 - Planning an OpenStack Cloud - Tom FifieldOSCON Byrum
The flexibility of OpenStack is a dual-edged sword, giving you unprecedented control over your infrastructure, but potentially becoming a nightmare for the indecisive manager, architect or sysadmin!
In this presentation, Tom Fifield – co-author of the OpenStack Operations Guide, and Community Manager at the OpenStack Foundation – takes you through some of the decisions you will face when planning your OpenStack cloud. In addition to a brief introduction on OpenStack and advice on how to interact with the community, he will cover topics such as:
How to approach your deployment, ranging from DIY to a turn-key solution from the ecosystem
Storage and networking decisions, including plugin options
Automating deployment and configuration with popular tools like Puppet and Chef
Through discussion of the ecosystem, customization and scaling, you’ll walk away with an understanding of ‘what it takes’ to build your OpenStack cloud.
SaltConf14 - Ben Cane - Using SaltStack in High Availability EnvironmentsSaltStack
An overview on the benefits and best practices of using SaltStack for consistency and automation in highly available enterprise environments such as financial services.
Scaleable PHP Applications in KubernetesRobert Lemke
Kubernetes is also called the "distributed Linux of the cloud" – which implies that it provides fundamental infrastructure, which can solve a lot of challenges. Let’s see how PHP applications fit into this picture. In this presentation, we are going to explore when Kubernetes is a good fit for operating your PHP application and how it can be done in practice. We’ll look at the whole lifecycle: how to build your application, create or choose the right Docker images, deploy and scale, and how to deal with performance and monitoring. At the end you will have a good understanding about all the different stages and building blocks for running a PHP application with Kubernetes in production.
Chicago Docker Meetup Presentation - MediaflyMediafly
Bryan Murphy's presentation from the 2nd Chicago Docker meetup on March 12, 2014 at Mediafly HQ. In his presentation, Bryan explains how we use Docker right now at Mediafly in production.
CloudStack Collab Conference 2015 Run CloudStack in DockerCloudOps2005
Slides from Pierre-Luc Dion's presentation on what he has learned running CloudStack in Docker at the CloudStack Collaboration Conference in Dublin, October 2015.
(ARC402) Deployment Automation: From Developers' Keyboards to End Users' Scre...Amazon Web Services
Some of the best businesses today are deploying their code dozens of times a day. How? By making heavy use of automation, smart tools, and repeatable patterns to get process out of the way and keep the workflow moving. Come to this session to learn how you can do this too, using services such as AWS OpsWorks, AWS CloudFormation, Amazon Simple Workflow Service, and other tools. We'll discuss a number of different deployment patterns, and what aspects you need to focus on when working toward deployment automation yourself.
B-Translator helps to get feedback about l10n (translations of the programs). It tries to collect very small translation contributions from a wide crowd of people and to dilute them into something useful. It is developed as a Drupal7 profile and the code is hosted on GitHub. Here I describe the development setup and process that I use for this project. Most of the the tips are project specific, however some of them can be used on any Drupal project.
Configuration as Dependency: Managing Drupal 8 Configuration with git and Com...Erich Beyrent
Drupal 8 provides a robust configuration management system which represents a paradigm shift from previous versions of Drupal. It's now easier than ever to represent your configuration in code and manage it with source control. However, that may not be enough.
This session will propose a new strategy for thinking about Drupal 8 configuration, treating it as just another dependency, managed the same way code dependencies are managed with Composer.
We'll cover:
Drupal 8 configuration management overview
New ways of managing your git repository
Composer and Drupal Console
Drupal 8 multisite considerations
Building and deploying Kibana plugins… And should I do it?
Developing Kibana plugins seems an appealing way to enhance the Elastic frontend. Even though tactical problems can be overcome, it might not be the best choice from a strategical point of view
Using Cascalog to build an app with City of Palo Alto Open DataOSCON Byrum
"Using Cascalog to build an app with City of Palo Alto Open Data" by Paco Nathan, presented at OSCON 2013 in Portland. Based on a case study from "Enterprise Data Workflows with Cascading" http://shop.oreilly.com/product/0636920028536.do
Finite State Machines are overlooked at best, ignored at worst, and virtually always dismissed. This is tragic since FSMs are not just about Door Locks (the most commonly used example). On the contrary, these FSMs are invaluable in clearly defining communication protocols – ranging from low-level web-services through complex telephony application to reliable interactions between loosely-coupled systems. Properly using them can significantly enhance the stability and reliability of your systems.
Join me as I take you through a crash-course in FSMs, using erlang’s gen_fsm behavior as the background, and hopefully leaving you with a better appreciation of both FSM and erlang in the process.
OpenCar covers OS development for a new market: automotive apps. In-car apps are poised to explode for open source developers. The market is transforming from an inefficient, proprietary model to an HTML5-based “app store” model. To enter and participate in this new target category, developers need access to automakers, automotive systems, and knowledge of industry standards and platforms. http://sdk.opencar.com
How we built our community using Github - Uri CohenOSCON Byrum
The journey of GigaSpaces as a company in building the Cloudify open source product, what worked and what didn't and how it used Github as the platform for not just hosting the code
The Vanishing Pattern: from iterators to generators in PythonOSCON Byrum
The core of the talk is refactoring a simple iterable class from the classic Iterator design pattern (as implemented in the GoF book) to compatible but less verbose implementations using generators. This provides a meaningful context to understand the value of generators. Along the way the behavior of the iter function, the Sequence protocol and the Iterable interface are presented. The motivating examples of this talk are database applications.
This talk covers why Apache Zookeeper is a good fit for coordinating processes in a distributed environment, prior Python attempts at a client and the current state of the art Python client library, how unifying development efforts to merge several Python client libraries has paid off, features available to Python processes, and how to gracefully handle failures in a set of distributed processes.
OSCON 2012 US Patriot Act Implications for Cloud Computing - Diane Mueller, A...OSCON Byrum
Presented by Diane Mueller, ActiveState @pythondj
Are you unsure what the security and privacy implications are for sensitive corporate data? US Patriot Act is causing many of us to hesitate on leveraging the cloud.
Organizations are thinking long and hard about the legal and regulatory implications of cloud computing. When it comes to actual corporate data, no matter what the efficiency gains are, legal departments are often directing IT departments to steer clear of any service that eliminates their ability to keep potential sensitive information out of the hands of Federal prosecutors.
Despite all the hype about every application moving into the cloud, some practical patterns are starting to emerge in the types of data corporations are willing to move to the cloud.
Covered in this session:
(a) Introduction to the US Patriot Act and Data Privacy issues Implications for on Cloud Computing Jurisdictional Issues
(b) Best Practices & Practical Patterns Classes of applications that best leverage the cloud
(c)What types of applications should stay on-premise Private Cloud Model(s) Building a Compliant Cloud Strategy
For more information:
email me at dianem {at} activestate {period} com
or ping me on twitter at @pythondj
visit http://activestate.com/stackato
BodyTrack: Open Source Tools for Health Empowerment through Self-Tracking OSCON Byrum
The BodyTrack project develops open source tools self tracking tools to aggregate and visualize data from diverse sources such as wearable sensors, observations from mobile apps, photos, and environmental data. Our goal is to empower individuals to explore potential environment/health interactions (food sensitivities, asthma or migraine triggers, sleep problems, etc.) and better assess strategies they think might help.
A Look at the Network: Searching for Truth in Distributed ApplicationsOSCON Byrum
A talk by C. Scott Andreas (@cscotta) of Boundary on "the network" and designing / deploying distributed applications.
This session offers a deep-dive into how application-level problems manifest at the network level. Some of these cases range from basic network partitions and node outages to sophisticated application-level changes such as garbage collections on managed runtimes, classes of bugs which evade conventional monitoring but constitute partial failures, changes in network activity based on database partitioning, load balancing, and sharding, and other warning signs that crop up at layer three long before wreaking havoc at layer seven as customer-visible failures begin to occur. Combining application-level metrics with network analytics is a powerful cocktail for identifying hot spots quickly, and connecting the dots out to the client closes the loop.
Faster! Faster! Accelerate your business with blazing prototypesOSCON Byrum
Bring your ideas to life! Convince your boss to that open source development is faster and cheaper than the "safe" COTS solution they probably hate anyway. Let's investigate ways to get real-life, functional prototypes up with blazing speed. We'll look at and compare tools for truly rapid development including Python, Django, Flask, PHP, Amazon EC2 and Heroku.
Comparing open source private cloud platformsOSCON Byrum
Private cloud computing has become an integral part of global business. While each platform provides a way for virtual machines to be deployed, implementations vary widely. It can be difficult to determine which features are right for your needs. This session will discuss the top open source private cloud platforms and provide analysis on which one is the best fit for you.
Building an Ecosystem of FLOSS to Educate Students with DisabilitiesOSCON Byrum
Benetech's Literacy program is revolutionizing access to educational materials for print disabled students (e.g. blind, dyslexic, quadraplegic). It is accomplishing this goal by leveraging and contributing to an end-to-end ecosystem of FLOSS technologies to make sure that as the educational content landscape rapidly evolves print-disabled students are as “plugged-in” as their peers.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
24. https://code.launchpad.net/principia ensemble : formula name : mediawiki revision : 84 summary : "website engine for collaborative work" description : | MediaWiki is a wiki engine (a program for creating a collaboratively edited website). It is designed to handle heavy websites containing library-like document collections, and supports user uploads of images/sounds, multilingual content, TOC autogeneration, ISBN links, etc. requires : db : interface : mysql slave : interface : mysql cache : interface : memcache provides : website : interface : http
* Developers write their code thinking of services, not machines. * De-coupled meaning that w/ config management, you say ”give me a machine, and then configure it this way”, where as with coupling you say ”Give me a service configured this way, and put it on these machines” * Loose coupling with a two way comm channel lets us write formulas without having to assume anything about related services.. we can learn the answers from the other service's configuration. * ./configure && make && make install is more powerful for custom work, but packaging gives you the benefits of repeatability and portability
* Ensemble is mostly about using IaaS * EC2 only right now – This includes Eucalyptus and OpenStack * Deploy fast, add new infrastructure fast, and repeat over and over. * Pay for what you use * Invest in infrastructure only when it makes sense for YOU
* Open source makes it easy to solve your problems without having to appropriate and get locked in to software with a purchase. * Utility computing is similar.. running things on computers doesn't necessarily mean you need to own computers. * Currently marrying the two, opensource and ”the cloud”, is a fairly manual or custom operation.
* Deploys existing open source solutions fast - ”apt-get for the cloud” * Also deploys YOUR app fast. * Makes it easy to define how your application relates to existing opensource services. * Helps you manage those relationships in ”The cloud” * Tightly integrated with Ubuntu – A leader in the cloud space.
Some yaml metadata – lists relationships that it understands and config options A few scripts that run at the right time – configure service based on relationships and config settings Well encapsulated – MySQL formula is generic, and usable by any application that can speak to MySQL
* Wikipedia's architecture has a lot of relationships * Adding 100 of each type isn't hard anymore – thank you config management. * Getting them to work together is still a challenge.
* demo-wiki PHP layer and memcached both scale out with 'add-unit' (can scale back with remove-unit). * Eventually this will be presentable not as commands in serial, but a ”stack” which will be loaded into the environment, and dumpable from a running system
* These commands add a slave instance, and relate it to the master * They also tell the demo-wiki service to use it as a slave * add-unit wiki-slave-db would provide even more read scale out * Write scaling is a bit more tricky * Adding slaves gets us to the subset of the wikipedia graph above.. still lots of relationships to define
Generated by ensemble's ”dot” output format
* There are some options that are unknowable, like the wiki's name * config-changed hook is executed every time a config is actually changed, not every time 'ensemble set' is called.