SlideShare a Scribd company logo

Evolve 2017 - Vegas - Devops, Docker and Security

John Willis
John Willis

This document discusses DevOps, Docker, and security. It begins by introducing the speaker and their background in DevOps. It then discusses how DevOps practices like continuous delivery, automation, and culture can make organizations 2000x faster. It introduces Docker and how it can make deployments more effective. Finally, it discusses how applying supply chain principles from Toyota, such as limiting variability and ensuring visibility, can make systems 100x more reliable when combined with Docker and immutable infrastructure.

1 of 45
Download to read offline
Devops, Docker and Security John Willis @botchagalupe
• One of the founding members of “Devopsdays” • Co-author of the “Devops Handbook”. • Author of the “Introduction to Devops” on Linux Foundation edX. • Podcaster at devopscafe.org • Devops Enterprise Summit - Cofounder • Nine person in at Chef (VP of Customer Enablement) • Formally Director of Devops at Dell • Found of Socketplane (Acquired by Docker) • 10 Startups over 25 years About Me https://github.com/botchagalupe/my-presentations
5 What If I told you you could be 2000 times faster than your competitors
6 What if I told you that you could be 100 times more reliable than your competitors
7 What if you could have both
Faster, Effective, Reliable • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 8 Immutable Service Delivery
Devops … faster
DTO Solutions
• CAMS
 • Culture • Automation • Measurement • Sharing Devops Taxonomies • The Three Ways •The First Way •The Second Way •The Third Way
Devops Practices and Patterns • Continuous Delivery • Everything in version control • Small batch principle • Trunk based deployments • Manage flow (WIP) • Automate everything
 • Culture • Everyone is responsible • Done means released • Stop the line when it breaks • Remove silos12 itrevolution.com/devops-handbook
30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling
30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling Faster Higher
 Quality More
 Effective 2555x
Fast CheapGood “Pick Two!” Conventional Wisdom
Devops Automated Deployment Pipeline 16 Source: Wikipedia - Continuous Delivery
18 Devops Results Google • Over 15,000 engineers in over 40 offices • 4,000+ projects under active development • 5500+ code submissions per day (20+ p/m) • Over 75M test cases run daily • 50% of code changes monthly • Single source tree • Over 75M test cases run daily
19 Devops Results Amazon • 11.6 second mean time between deploys. • 1079 max deploys in a single hour. • 10,000 mean number of hosts simultaneously receiving a deploy. • 30,000 max number of hosts simultaneously receiving a deploy
20 Unicorns and Horses (Enterprises) Unicorns Enterprise Shamelessly stolen and repurposed from: Pete Cheslock
21 Devops Results Enterprise Organizations • Ticketmaster - 98% reduction in MTTR • Nordstrom - 20% shorter Lead Time • Target - Full Stack Deploy 3 months to minutes • USAA - Release from 28 days to 7 days • ING - 500 applications teams doing devops • CSG - From 200 incidents per release to 18
Docker … effective
• IBM 360/370 (1960/1970) • CHROOT - Version 7 Unix 1979 (Bell Labs) • BSD in 1982 (Berkley) • VMware (1998) • FreeBSD Jails 2000 • XEN 2003 • Solaris Zones 2004 • OpenVZ 2005 • Amazon Web Services 2006 • Namespaces 2007 • Cgroups (Google) 2007 • KVM 2007 • AIX LPARS (IBM) 2007 • Drawbridge (2008) • Hyper-V (2008) • Linux Containers - LXC (Parelles, IBM, Google) 2008 • Docker (Dotcloud Inc) 2013 • Microsoft Docker on Windows Server 2016 History of Virtualization
•Type 1 Virtualization •VMware ESX, XEN, Hyper-V
 •Type 2 Virtualization •KVM, Virtualbox, QEMU, VMware Workstation
 •OS Level Virtualization •OpenVZ, LXC, Docker Virtualization
www.slideshare.net/ BodenRussell/realizing- linux-containerslxc
• Provision in milliseconds • Near bare metal runtime performance • VM-like agility – it’s still “virtualization” • Lightweight – Just enough Operating System (JeOS) • Supported with modern Linux kernel • Growing in popularity Why OS Level Virtualization
• Isolation • Lightweight • Simplicity • Workflow • Security • Community Why Docker
29 Docker Security Enhancements • Docker Security Scanning • Docker Content Trust • Docker Trusted Registry • TLS by Default for Swarm/Docker Data Center • Read Only Containers • User Namespaces • Secomp and LSMS support • Enhanced System “Capabilities” support • Secrets Management • Immutable Operating System (Coming Soon)
30 Immutable Delivery
31 Immutable Delivery
Supply Chain … Reliable
33
35 Supply&chain&advantage& Source:(Toyota(Supply(Chain( Management:(A(Strategic( Approach(to(Toyota’s( Renowned(System,(by(Ananth( Iyer(and(Sridhar(Seshadri( Toyota& Advantage& Toyota& Prius& Chevy& Volt& Unit%Retail%Price% 61%& $24,200% $39,900% Units%Sold/Month% 13x& 23,294% 1,788% In?House%ProducBon% 50%& 27%% 54%% Plant%Suppliers% 16%&& 125% 800% Firm@Wide(Suppliers( 4%# 224( 5,500(
Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
37 Variety • Determine your variety of offerings based on operational efficiency and market demand Velocity • Maintain a steady flow through all processes of the supply chain Variability • Manage inconsistencies carefully to reduce cost and improve quality Visibility • Ensure the transparency of all processes to enable continuous learning and improvement Toyota Production Systems - 4VL
38 Docker and the Three Ways of Devops
39 Variety • Learn faster, Limited frameworks, Limited operating systems, Limit vendors. Velocity • Small Batch, Small Teams, Microservices and Containers Variability • Docker and Immutable Delivery Visibility • Automated Testing, Docker Trust, Docker Security Scanning, Bounded Context, Bill of Materials Immutable Service Delivery (4VL) Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
40 Visibility - Docker - Bill of Material • Where and when was it built and why • What was its ancestor images • How do I start, validate, monitor and update it • What git repo is being built, what hash of that git repo was built • What are all the tags this specific container is known as at time of build • What’s the project name this belongs to • Have the ability to have arbitrary user supplied rich metadata Software Supply Chain - 4VL
Devops Automated Deployment Pipeline 41 Source: Wikipedia - Continuous Delivery
DevSecOps Requirements & Design Development CI Interval Trigger Assessment Production Application Risk Classification Security Requirement Definition Secure Libraries Static Analysis/IDE SCM Open Source Governance(CI) Secure Coding Standards Perimeter Assessment Dynamic Assessments Threat-Based Pen Test Web Application Firewalls Automated Attack/ Bot Defense Container Security Management Security Mavens (Security-Trained Developers and Operations) Role Based Software Security Training Continuous Monitoring, Analytics and KPI Gathering Preventative Detective Lightweight threat modeling approach Detailed manual assessments triggered automatically at appropriate interval; detached from release cycle Container Security Compliance (CI) Threat modeling Static Analysis (CI)
43 Immutable Service Delivery Fortune 500 Insurance Company • Tracks critical and high security defect rate per 10k lines of code • Started out with (10/10k) • After applying Devops practices and principles (4/10k) • After applying Toyota Supply Chain 4VL (1/10k ) • After Docker with Immutable Delivery (0.1/10k)
44 With Docker Fortune 500 Insurance Company • One Service • One Container • One Read Only File System • One Port
Immutable Service Delivery • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 45 2000x Faster and 100x Reliable

Recommended

DevOps+Data: Working with Source Control
DevOps+Data: Working with Source ControlDevOps+Data: Working with Source Control
DevOps+Data: Working with Source Control
Ed Leighton-Dick
 
From the Monolith to Microservices - CraftConf 2015
From the Monolith to Microservices - CraftConf 2015From the Monolith to Microservices - CraftConf 2015
From the Monolith to Microservices - CraftConf 2015
Randy Shoup
 
Implementing FaaS on Kubernetes using Kubeless
Implementing FaaS on Kubernetes using KubelessImplementing FaaS on Kubernetes using Kubeless
Implementing FaaS on Kubernetes using Kubeless
Ahmed Misbah
 
O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...
O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...
O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...
Daniel Bryant
 
Conquering Chaos: Helix & DevOps
Conquering Chaos: Helix & DevOpsConquering Chaos: Helix & DevOps
Conquering Chaos: Helix & DevOps
Perforce
 
Database CI/CD Pipeline
Database CI/CD PipelineDatabase CI/CD Pipeline
Database CI/CD Pipeline
muhammadhashir57
 
InteropWG Intro & Vertical Programs (May. 2017)
InteropWG Intro & Vertical Programs (May. 2017)InteropWG Intro & Vertical Programs (May. 2017)
InteropWG Intro & Vertical Programs (May. 2017)
Mark Voelker
 
Javantura v4 - The power of cloud in professional services company - Ivan Krn...
Javantura v4 - The power of cloud in professional services company - Ivan Krn...Javantura v4 - The power of cloud in professional services company - Ivan Krn...
Javantura v4 - The power of cloud in professional services company - Ivan Krn...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 

Recommended

DevOps+Data: Working with Source Control
DevOps+Data: Working with Source ControlDevOps+Data: Working with Source Control
DevOps+Data: Working with Source Control
Ed Leighton-Dick
 
From the Monolith to Microservices - CraftConf 2015
From the Monolith to Microservices - CraftConf 2015From the Monolith to Microservices - CraftConf 2015
From the Monolith to Microservices - CraftConf 2015
Randy Shoup
 
Implementing FaaS on Kubernetes using Kubeless
Implementing FaaS on Kubernetes using KubelessImplementing FaaS on Kubernetes using Kubeless
Implementing FaaS on Kubernetes using Kubeless
Ahmed Misbah
 
O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...
O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...
O'Reilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tri...
Daniel Bryant
 
Conquering Chaos: Helix & DevOps
Conquering Chaos: Helix & DevOpsConquering Chaos: Helix & DevOps
Conquering Chaos: Helix & DevOps
Perforce
 
Database CI/CD Pipeline
Database CI/CD PipelineDatabase CI/CD Pipeline
Database CI/CD Pipeline
muhammadhashir57
 
InteropWG Intro & Vertical Programs (May. 2017)
InteropWG Intro & Vertical Programs (May. 2017)InteropWG Intro & Vertical Programs (May. 2017)
InteropWG Intro & Vertical Programs (May. 2017)
Mark Voelker
 
Javantura v4 - The power of cloud in professional services company - Ivan Krn...
Javantura v4 - The power of cloud in professional services company - Ivan Krn...Javantura v4 - The power of cloud in professional services company - Ivan Krn...
Javantura v4 - The power of cloud in professional services company - Ivan Krn...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Mediawiki to Confluence migration
Mediawiki to Confluence migrationMediawiki to Confluence migration
Mediawiki to Confluence migration
Nils Hofmeister
 
Getting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLabGetting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLab
Melvin Hillsman
 
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
Daniel Bryant
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
Micro Service – The New Architecture Paradigm
Micro Service – The New Architecture ParadigmMicro Service – The New Architecture Paradigm
Micro Service – The New Architecture Paradigm
Eberhard Wolff
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
VMware Tanzu
 
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
Alfresco Software
 
Make It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version ControlMake It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version Control
indiver
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010
Joel Gascoigne
 
CD with spinnaker
CD with spinnakerCD with spinnaker
CD with spinnaker
AbdulBasit Kabir
 
From java to scala at crowd mix
From java to scala at crowd mixFrom java to scala at crowd mix
From java to scala at crowd mix
Stefano Galarraga
 
7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day
Kimihiko Kitase
 
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
Legacy Typesafe (now Lightbend)
 
CI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page AppsCI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page Apps
Mike North
 
Cucumber jvm best practices v3
Cucumber jvm best practices v3Cucumber jvm best practices v3
Cucumber jvm best practices v3
Ahmed Misbah
 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOpsSaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
 
Immutable infrastructure with Boxfuse
Immutable infrastructure with BoxfuseImmutable infrastructure with Boxfuse
Immutable infrastructure with Boxfuse
Lars Östling
 
DevOps culture
DevOps cultureDevOps culture
DevOps culture
Murughan Palaniachari
 
Operations for databases – the agile/devops journey
Operations for databases – the agile/devops journeyOperations for databases – the agile/devops journey
Operations for databases – the agile/devops journey
Eduardo Piairo
 
Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery Shenzhen 2016Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery Shenzhen 2016
John Willis
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 

More Related Content

What's hot

Mediawiki to Confluence migration
Mediawiki to Confluence migrationMediawiki to Confluence migration
Mediawiki to Confluence migration
Nils Hofmeister
 
Getting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLabGetting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLab
Melvin Hillsman
 
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
Daniel Bryant
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
Micro Service – The New Architecture Paradigm
Micro Service – The New Architecture ParadigmMicro Service – The New Architecture Paradigm
Micro Service – The New Architecture Paradigm
Eberhard Wolff
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
VMware Tanzu
 
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
Alfresco Software
 
Make It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version ControlMake It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version Control
indiver
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010
Joel Gascoigne
 
CD with spinnaker
CD with spinnakerCD with spinnaker
CD with spinnaker
AbdulBasit Kabir
 
From java to scala at crowd mix
From java to scala at crowd mixFrom java to scala at crowd mix
From java to scala at crowd mix
Stefano Galarraga
 
7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day
Kimihiko Kitase
 
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
Legacy Typesafe (now Lightbend)
 
CI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page AppsCI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page Apps
Mike North
 
Cucumber jvm best practices v3
Cucumber jvm best practices v3Cucumber jvm best practices v3
Cucumber jvm best practices v3
Ahmed Misbah
 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOpsSaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
 
Immutable infrastructure with Boxfuse
Immutable infrastructure with BoxfuseImmutable infrastructure with Boxfuse
Immutable infrastructure with Boxfuse
Lars Östling
 
DevOps culture
DevOps cultureDevOps culture
DevOps culture
Murughan Palaniachari
 
Operations for databases – the agile/devops journey
Operations for databases – the agile/devops journeyOperations for databases – the agile/devops journey
Operations for databases – the agile/devops journey
Eduardo Piairo
 

What's hot (20)

Mediawiki to Confluence migration
Mediawiki to Confluence migrationMediawiki to Confluence migration
Mediawiki to Confluence migration
 
Getting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLabGetting a Neural Network Up and Running with OpenLab
Getting a Neural Network Up and Running with OpenLab
 
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
 
Micro Service – The New Architecture Paradigm
Micro Service – The New Architecture ParadigmMicro Service – The New Architecture Paradigm
Micro Service – The New Architecture Paradigm
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
 
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
 
Make It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version ControlMake It Cooler: Using Decentralized Version Control
Make It Cooler: Using Decentralized Version Control
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010
 
CD with spinnaker
CD with spinnakerCD with spinnaker
CD with spinnaker
 
From java to scala at crowd mix
From java to scala at crowd mixFrom java to scala at crowd mix
From java to scala at crowd mix
 
7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day7 Apache Process Cloudstack Developer Day
7 Apache Process Cloudstack Developer Day
 
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
 
CI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page AppsCI/CD and Asset Serving for Single Page Apps
CI/CD and Asset Serving for Single Page Apps
 
Cucumber jvm best practices v3
Cucumber jvm best practices v3Cucumber jvm best practices v3
Cucumber jvm best practices v3
 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOpsSaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
 
Immutable infrastructure with Boxfuse
Immutable infrastructure with BoxfuseImmutable infrastructure with Boxfuse
Immutable infrastructure with Boxfuse
 
DevOps culture
DevOps cultureDevOps culture
DevOps culture
 
Operations for databases – the agile/devops journey
Operations for databases – the agile/devops journeyOperations for databases – the agile/devops journey
Operations for databases – the agile/devops journey
 

Similar to Evolve 2017 - Vegas - Devops, Docker and Security

Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery Shenzhen 2016Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery Shenzhen 2016
John Willis
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 
Oscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionOscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to Production
Patrick Chanezon
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of Containers
NVISIA
 
Webinar Docker Tri Series
Webinar Docker Tri SeriesWebinar Docker Tri Series
Webinar Docker Tri Series
Newt Global Consulting LLC
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013dotCloud
 
Containers, microservices and serverless for realists
Containers, microservices and serverless for realistsContainers, microservices and serverless for realists
Containers, microservices and serverless for realists
Karthik Gaekwad
 
You build it - Cyber Chicago Keynote
You build it - Cyber Chicago KeynoteYou build it - Cyber Chicago Keynote
You build it - Cyber Chicago Keynote
John Willis
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
Patrick Chanezon
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
New Technology for Modern Development Challenges
New Technology for Modern Development ChallengesNew Technology for Modern Development Challenges
New Technology for Modern Development Challenges
Perforce
 
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker, Inc.
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick Stinemates
Atlassian
 
Cloud Native Camel Riding
Cloud Native Camel RidingCloud Native Camel Riding
Cloud Native Camel Riding
Christian Posta
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
Lucas Jellema
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
DevOps'n the Operating System
DevOps'n the Operating SystemDevOps'n the Operating System
DevOps'n the Operating System
C4Media
 
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
Amazon Web Services
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
Microsoft Tech Community
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013dotCloud
 

Similar to Evolve 2017 - Vegas - Devops, Docker and Security (20)

Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery Shenzhen 2016Immutable Service Delivery Shenzhen 2016
Immutable Service Delivery Shenzhen 2016
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
 
Oscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionOscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to Production
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of Containers
 
Webinar Docker Tri Series
Webinar Docker Tri SeriesWebinar Docker Tri Series
Webinar Docker Tri Series
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
 
Containers, microservices and serverless for realists
Containers, microservices and serverless for realistsContainers, microservices and serverless for realists
Containers, microservices and serverless for realists
 
You build it - Cyber Chicago Keynote
You build it - Cyber Chicago KeynoteYou build it - Cyber Chicago Keynote
You build it - Cyber Chicago Keynote
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
 
New Technology for Modern Development Challenges
New Technology for Modern Development ChallengesNew Technology for Modern Development Challenges
New Technology for Modern Development Challenges
 
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC WongDocker Hub: Past, Present and Future by Ken Cochrane & BC Wong
Docker Hub: Past, Present and Future by Ken Cochrane & BC Wong
 
Getting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick StinematesGetting Started with Docker - Nick Stinemates
Getting Started with Docker - Nick Stinemates
 
Cloud Native Camel Riding
Cloud Native Camel RidingCloud Native Camel Riding
Cloud Native Camel Riding
 
Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...Business and IT agility through DevOps and microservice architecture powered ...
Business and IT agility through DevOps and microservice architecture powered ...
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
 
DevOps'n the Operating System
DevOps'n the Operating SystemDevOps'n the Operating System
DevOps'n the Operating System
 
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
(APP303) Lightning Fast Deploys with Docker Containers and AWS | AWS re:Inven...
 
Container DevOps in Azure
Container DevOps in AzureContainer DevOps in Azure
Container DevOps in Azure
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
 

More from John Willis

Automated Governance
Automated GovernanceAutomated Governance
Automated Governance
John Willis
 
Devops Long Strange Trip
Devops Long Strange Trip Devops Long Strange Trip
Devops Long Strange Trip
John Willis
 
I Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemI Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of Them
John Willis
 
Math is cool
Math is coolMath is cool
Math is cool
John Willis
 
The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019
John Willis
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018
John Willis
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityswampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
John Willis
 
Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018
John Willis
 
Devops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenDevops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's Been
John Willis
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenDevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
John Willis
 
Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017
John Willis
 
Why Executives Can't Change
Why Executives Can't Change Why Executives Can't Change
Why Executives Can't Change
John Willis
 
Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017
John Willis
 
Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseAlibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker Enterprise
John Willis
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACBreaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
John Willis
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LABreaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LA
John Willis
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
John Willis
 
Turning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalTurning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational Capital
John Willis
 
DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How? DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How?
John Willis
 
Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness
John Willis
 

More from John Willis (20)

Automated Governance
Automated GovernanceAutomated Governance
Automated Governance
 
Devops Long Strange Trip
Devops Long Strange Trip Devops Long Strange Trip
Devops Long Strange Trip
 
I Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemI Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of Them
 
Math is cool
Math is coolMath is cool
Math is cool
 
The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityswampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
 
Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018
 
Devops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenDevops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's Been
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenDevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
 
Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017
 
Why Executives Can't Change
Why Executives Can't Change Why Executives Can't Change
Why Executives Can't Change
 
Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017
 
Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseAlibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker Enterprise
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACBreaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LABreaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LA
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
 
Turning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalTurning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational Capital
 
DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How? DOES16 London - Better Faster Cheaper .. How?
DOES16 London - Better Faster Cheaper .. How?
 
Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness Dockercon USA 2016 - Immutable Awesomeness
Dockercon USA 2016 - Immutable Awesomeness
 

Recently uploaded

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 

Recently uploaded (20)

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 

Evolve 2017 - Vegas - Devops, Docker and Security

  • 1. Devops, Docker and Security John Willis @botchagalupe
  • 2. • One of the founding members of “Devopsdays” • Co-author of the “Devops Handbook”. • Author of the “Introduction to Devops” on Linux Foundation edX. • Podcaster at devopscafe.org • Devops Enterprise Summit - Cofounder • Nine person in at Chef (VP of Customer Enablement) • Formally Director of Devops at Dell • Found of Socketplane (Acquired by Docker) • 10 Startups over 25 years About Me https://github.com/botchagalupe/my-presentations
  • 3.
  • 4.
  • 5. 5 What If I told you you could be 2000 times faster than your competitors
  • 6. 6 What if I told you that you could be 100 times more reliable than your competitors
  • 8. Faster, Effective, Reliable • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 8 Immutable Service Delivery
  • 11. • CAMS
 • Culture • Automation • Measurement • Sharing Devops Taxonomies • The Three Ways •The First Way •The Second Way •The Third Way
  • 12. Devops Practices and Patterns • Continuous Delivery • Everything in version control • Small batch principle • Trunk based deployments • Manage flow (WIP) • Automate everything
 • Culture • Everyone is responsible • Done means released • Stop the line when it breaks • Remove silos12 itrevolution.com/devops-handbook
  • 13. 30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling
  • 14. 30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling Faster Higher
 Quality More
 Effective 2555x
  • 16. Devops Automated Deployment Pipeline 16 Source: Wikipedia - Continuous Delivery
  • 17.
  • 18. 18 Devops Results Google • Over 15,000 engineers in over 40 offices • 4,000+ projects under active development • 5500+ code submissions per day (20+ p/m) • Over 75M test cases run daily • 50% of code changes monthly • Single source tree • Over 75M test cases run daily
  • 19. 19 Devops Results Amazon • 11.6 second mean time between deploys. • 1079 max deploys in a single hour. • 10,000 mean number of hosts simultaneously receiving a deploy. • 30,000 max number of hosts simultaneously receiving a deploy
  • 20. 20 Unicorns and Horses (Enterprises) Unicorns Enterprise Shamelessly stolen and repurposed from: Pete Cheslock
  • 21. 21 Devops Results Enterprise Organizations • Ticketmaster - 98% reduction in MTTR • Nordstrom - 20% shorter Lead Time • Target - Full Stack Deploy 3 months to minutes • USAA - Release from 28 days to 7 days • ING - 500 applications teams doing devops • CSG - From 200 incidents per release to 18
  • 23. • IBM 360/370 (1960/1970) • CHROOT - Version 7 Unix 1979 (Bell Labs) • BSD in 1982 (Berkley) • VMware (1998) • FreeBSD Jails 2000 • XEN 2003 • Solaris Zones 2004 • OpenVZ 2005 • Amazon Web Services 2006 • Namespaces 2007 • Cgroups (Google) 2007 • KVM 2007 • AIX LPARS (IBM) 2007 • Drawbridge (2008) • Hyper-V (2008) • Linux Containers - LXC (Parelles, IBM, Google) 2008 • Docker (Dotcloud Inc) 2013 • Microsoft Docker on Windows Server 2016 History of Virtualization
  • 24. •Type 1 Virtualization •VMware ESX, XEN, Hyper-V
 •Type 2 Virtualization •KVM, Virtualbox, QEMU, VMware Workstation
 •OS Level Virtualization •OpenVZ, LXC, Docker Virtualization
  • 26. • Provision in milliseconds • Near bare metal runtime performance • VM-like agility – it’s still “virtualization” • Lightweight – Just enough Operating System (JeOS) • Supported with modern Linux kernel • Growing in popularity Why OS Level Virtualization
  • 27.
  • 28. • Isolation • Lightweight • Simplicity • Workflow • Security • Community Why Docker
  • 29. 29 Docker Security Enhancements • Docker Security Scanning • Docker Content Trust • Docker Trusted Registry • TLS by Default for Swarm/Docker Data Center • Read Only Containers • User Namespaces • Secomp and LSMS support • Enhanced System “Capabilities” support • Secrets Management • Immutable Operating System (Coming Soon)
  • 32. Supply Chain … Reliable
  • 33. 33
  • 34.
  • 36. Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
  • 37. 37 Variety • Determine your variety of offerings based on operational efficiency and market demand Velocity • Maintain a steady flow through all processes of the supply chain Variability • Manage inconsistencies carefully to reduce cost and improve quality Visibility • Ensure the transparency of all processes to enable continuous learning and improvement Toyota Production Systems - 4VL
  • 38. 38 Docker and the Three Ways of Devops
  • 39. 39 Variety • Learn faster, Limited frameworks, Limited operating systems, Limit vendors. Velocity • Small Batch, Small Teams, Microservices and Containers Variability • Docker and Immutable Delivery Visibility • Automated Testing, Docker Trust, Docker Security Scanning, Bounded Context, Bill of Materials Immutable Service Delivery (4VL) Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
  • 40. 40 Visibility - Docker - Bill of Material • Where and when was it built and why • What was its ancestor images • How do I start, validate, monitor and update it • What git repo is being built, what hash of that git repo was built • What are all the tags this specific container is known as at time of build • What’s the project name this belongs to • Have the ability to have arbitrary user supplied rich metadata Software Supply Chain - 4VL
  • 41. Devops Automated Deployment Pipeline 41 Source: Wikipedia - Continuous Delivery
  • 42. DevSecOps Requirements & Design Development CI Interval Trigger Assessment Production Application Risk Classification Security Requirement Definition Secure Libraries Static Analysis/IDE SCM Open Source Governance(CI) Secure Coding Standards Perimeter Assessment Dynamic Assessments Threat-Based Pen Test Web Application Firewalls Automated Attack/ Bot Defense Container Security Management Security Mavens (Security-Trained Developers and Operations) Role Based Software Security Training Continuous Monitoring, Analytics and KPI Gathering Preventative Detective Lightweight threat modeling approach Detailed manual assessments triggered automatically at appropriate interval; detached from release cycle Container Security Compliance (CI) Threat modeling Static Analysis (CI)
  • 43. 43 Immutable Service Delivery Fortune 500 Insurance Company • Tracks critical and high security defect rate per 10k lines of code • Started out with (10/10k) • After applying Devops practices and principles (4/10k) • After applying Toyota Supply Chain 4VL (1/10k ) • After Docker with Immutable Delivery (0.1/10k)
  • 44. 44 With Docker Fortune 500 Insurance Company • One Service • One Container • One Read Only File System • One Port
  • 45. Immutable Service Delivery • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 45 2000x Faster and 100x Reliable