It's clear that Docker speeds up development and makes testing and deployment more efficient. As Docker moves into production new use cases and patterns are emerging that address availability and security concerns. With microservices, safety is part of the architecture that developers need to understand and build for. It's no longer good enough to wrap a firewall around an entire app when it goes to production, and have a cold standby in case it breaks.
Businesses are speeding up development and automating operations to remain competitive and to get large organizations to scale. Project based monolithic application updates are replaced by product teams owning containerized microservices. This puts developers on call, responsible for pushing code to production, fixing it when it breaks, and managing the cost and security aspects of running their microservices. In this world operations skill-sets are either embedded in the microservices development teams, or building and operating API driven platforms. The platform automates stress testing, canary based deployment, penetration testing and enforces availability and security requirements. There are no meetings or tickets to file in the delivery process for updating a containerized microservice, which can happen many times a day, and takes seconds to complete. The role of site reliability engineering moves from firefighting and fixing outages to buiding tools for finding problems and routing those problems to the right developers. SREs manage the incident lifecycle for customer visible problems, and measure and publish availability metrics. This may sound futuristic but Werner Vogels described this as “You build it, you run it” in 2006.
Opening talk at Monitorama, talks about the problems of monitoring, challenges of creating monitoring tools and why monitoring vendors keep getting disrupted. Ended with a discussion of simulation testing and serverless architectures - Monitorless.
Organizations have accepted that "cloud" is the de-facto platform of the future, and the benefits and flexibility it brings have ushered in a renaissance in software architecture. The disposable infrastructure of cloud has enabled the first "cloud native" architecture, microservices. continuous delivery, a technique that is radically changing how tech-based businesses evolve, amplifies the impact of cloud as an architecture. We expect architectural innovation to continue, with trends such as containerization and software-defined networking providing even more technical options and capability.
Businesses are speeding up development and automating operations to remain competitive and to get large organizations to scale. Project based monolithic application updates are replaced by product teams owning containerized microservices. This puts developers on call, responsible for pushing code to production, fixing it when it breaks, and managing the cost and security aspects of running their microservices. In this world operations skill-sets are either embedded in the microservices development teams, or building and operating API driven platforms. The platform automates stress testing, canary based deployment, penetration testing and enforces availability and security requirements. There are no meetings or tickets to file in the delivery process for updating a containerized microservice, which can happen many times a day, and takes seconds to complete. The role of site reliability engineering moves from firefighting and fixing outages to buiding tools for finding problems and routing those problems to the right developers. SREs manage the incident lifecycle for customer visible problems, and measure and publish availability metrics. This may sound futuristic but Werner Vogels described this as “You build it, you run it” in 2006.
Opening talk at Monitorama, talks about the problems of monitoring, challenges of creating monitoring tools and why monitoring vendors keep getting disrupted. Ended with a discussion of simulation testing and serverless architectures - Monitorless.
Organizations have accepted that "cloud" is the de-facto platform of the future, and the benefits and flexibility it brings have ushered in a renaissance in software architecture. The disposable infrastructure of cloud has enabled the first "cloud native" architecture, microservices. continuous delivery, a technique that is radically changing how tech-based businesses evolve, amplifies the impact of cloud as an architecture. We expect architectural innovation to continue, with trends such as containerization and software-defined networking providing even more technical options and capability.
Sildes of an internal talk given at Twitter similar to a previous webinar for Redhat with the same title.
Speeding up development is a key concern, cloud and technology improvements like Docker speed up key steps that make continuous delivery possible. Breaking up the work into many separate microservices and datastores with stable APIs allows teams to make progress independently so that the organization scales. Monolithic apps are preferred for small projects, built by small teams and when very low latency and high efficiency is the primary requirement. Monitoring microservices is currently a challenge with solutions starting to emerge.
Summary of fast development and cloud native architecture along with cost optimization techniques. Presented as opening keynote at the Utility and Cloud Computing 2014 as part of the Cloud Control Workshop.
Software application development and delivery often involves multiple development, infrastructure and operations teams, each with their own preferred “tools of the trade” for building, testing and deploying code changes
For years, virtualization and cloud technologies have provided agile, on-demand infrastructure. The advent of Microservices promises even more agility– but what is required to take advantage of Microservices?
Join Electric Cloud CTO Anders Wallgren and Trace3 Principal Consultant - DevOps Marc Hornbeek as they discuss what is required to:
- Overcome culture and architecture challenges created when decomposing monolithic applications into Microservices-based applications.
- Coordinate integration, testing, monitoring, packaging, release approval and deployment of Microservices-based applications over elastic infrastructures
- Create a controlled and auditable delivery pipeline to support
Microservices-based application.
- Prepare for “future” applications, pipelines and patterns.
Full slide deck for day long discussion of microservices topics. Why use microservices, what options exist and how to migrate to them and address common problems.
'The History of Metrics According to me' by Stephen DayDocker, Inc.
Metrics and monitoring are a time honored tradition for any engineering discipline. It is how we ensure the systems we use are working the way we expect. If this is a time honored tradition, why is it not a built into every piece of software we create, from the ground up? With software engineering, usually the trick to solving anything is to make it easier. By solving the hard parts of application metrics in Docker, we should make it more likely that metrics are a part of your services from the start.
The Cloud Native Journey with Simon ElishaChloe Jackson
The ability to deliver software is no longer a differentiator. In fact, it is a basic requirement for survival. Companies that embrace cloud native patterns of software delivery will survive; companies that don’t will not.
In this webinar, we will:
- Look at the common patterns that distinguish cloud native companies and the architectures that they employ.
- Discover that an opinionated platform, one that stretches from the infrastructure all the way to the application framework, rather than ad-hoc automation, is an essential component to an enterprise's cloud native journey.
- Show that the combination of Pivotal Cloud Foundry and Spring is the complete cloud native platform.
A DevSecOps Tale of Business, Engineering, and PeopleJames Wickett
DevOps and the subsequent move to bring security in under the umbrella of DevSecOps has created a new ethos for Security. This is good. But, when things go wrong–and we know they will–are we going to be successful with the DevSecOps model, or will we be left searching yet again?
In an attempt to answer this question, we will look back in time over 120 years to unveil a tale that touches on business, engineering, and resilience. We will see how engineering decisions affect the lives of those around us, and even though the world has radically changed over the last century, we are still facing many of the same root challenges.
Along the way, we will highlight the high-performing DevSecOps teams of today and introduce a framework for approaching DevSecOps in your organization. Topics range from empathy to lean to system safety with the hope to frame a new playbook for devs, ops, and security to work together.
Spring Cloud Kubernetes: An Easier Path from Idea to ProductionVMware Tanzu
Kubernetes might be a dream for operations teams willing to learn its intricacies, but it can be a nightmare for developers whose primary goal is getting working applications into production.
Spring Cloud Kubernetes addresses developers’ needs by making it simple to deploy Spring Cloud and Spring Boot applications into Kubernetes environments.
This webinar will explore some key Spring Cloud Kubernetes concepts and demonstrate the process of porting an existing application onto a Kubernetes cluster.
Lattice: A Cloud-Native Platform for Your Spring ApplicationsMatt Stine
As presented at SpringOne2GX 2015 in Washington, DC.
Lattice is a cloud-native application platform that enables you to run your applications in containers like Docker, on your local machine via Vagrant. Lattice includes features like:
Cluster scheduling
HTTP load balancing
Log aggregation
Health management
Lattice does this by packaging a subset of the components found in the Cloud Foundry elastic runtime. The result is an open, single-tenant environment suitable for rapid application development, similar to Kubernetes and Mesos Applications developed using Lattice should migrate unchanged to full Cloud Foundry deployments.
Lattice can be used by Spring developers to spin up powerful micro-cloud environments on their desktops, and can be useful for developing and testing cloud-native application architectures. Lattice already has deep integration with Spring Cloud and Spring XD, and you’ll have the opportunity to see deep dives into both at this year’s SpringOne 2GX. This session will introduce the basics:
Installing Lattice
Lattice’s Architecture
How Lattice Differs from Cloud Foundry
How to Package and Run Your Spring Apps on Lattice
How Online Retailer Resident Scaled DevOps with AWS and CloudShell ColonyDevOps.com
Application development is driving the digital transformation. For the online retailer, Resident, that meant the need to quickly develop, test, and release business critical applications in AWS cloud using a DevOps approach. However, Resident needed to accomplish all of this within budget, while they were facing rapid growth, distributed development teams, and complex back-end applications that supported revenue generation.
Join this webinar to learn how Resident selected Quali’s Environment as a Service solution, CloudShell Colony, and AWS public cloud to:
Provide self-service application environments to globally distributed development teams
Control cloud costs with dynamic staging environments
Gain visibility into cloud resources for predictable growth
Consume native AWS services
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftAmazon Web Services
DevSecOps, An Organizational Primer - AWS Security Week at the San Francisco Loft
We examine building DevSecOps culture for you or your customers, which includes foundational practices and scaling functions to instantiate and resiliently operate a DevSecOps model. To achieve this shift, we analyze common success patterns, such as how to use a secure CI/CD pipeline. You’ll learn key points such as building security owners, integrating continuous compliance and security, and removing people from the data to vastly improve your security posture over traditional operating models. Takeaways include a blueprint for building a DevSecOps operating model in your organization; an understanding the security practitioners' point of view and embracing it to drive innovation; and ways to identify operating characteristics in your organization and use them to drive a strategy for DevSecOps.
Level: 100
Speaker: Tim Anderson - Tech Industry Specialist, AWS Security
In this session, you will learn how BNY Mellon is tackling the challenges of DevSecOps at scale by unifying static/dynamic source code scanning, audit and risk analysis tools into a unified workflow by using Jira Software.
BNY Mellon’s ability to generate reports from multiple sources had become a time consuming manual process. Jira Software demonstrated the ability to deliver efficiency at reporting and became the solution for tracking security aspects of the SDLC process.
CloudWorld: What Does Cloud-Native Mean Anyway?Grace Jansen
Terms cloud-native & microservice architecture have been used interchangeably for years. Microservices have benefits, but also bring challenges, so are they really the go-to solution in all cases? Better understanding & some failed projects led to an evaluation of the suitability of microservices, and resulted in new interest in the various architecture styles in the cloud. We'll look at microservices and monoliths in the context of cloud-native.
StripeCon 2021: A Cloud-Native approach to running Silverstripe on Google Clo...Jon Su
In this talk, Jon talks about how a SilverStripe application can be deployed onto Google Cloud Platform as a cloud-native application to take advantage of the full power and benefits of the Cloud.
First presented at StripeCon EU 2021 on 01/10/2021
Barriers to Container Security and How to Overcome ThemWhiteSource
Over the past few years, more and more companies are turning to containerized environments to scale their applications.
However, keeping containers secure throughout the development life cycle presents many challenges to security and development teams. In order to address them, organizations need to adopt a new set of security processes and tools.
This session will focus on the three most vulnerable areas of container security and the best practices to help teams develop and deploy securely.
Join Jeffrey Martin, Senior Director of Product at WhiteSource, as he discusses:
The top challenges to security in containerized environments
How DevSecOps addresses security in containerized environments
Tips and tricks for successfully incorporating security into the container lifecycle
Cloud-Native Fundamentals: An Introduction to 12-Factor ApplicationsVMware Tanzu
It seems like a new cloud-native technology or project is launched every week, and though there are technical changes required for building and operating cloud-native applications, technology alone isn’t a silver bullet. It turns out that how you build your applications is critical to enable seamless scaling and resiliency to failures. What do you have to do to ensure your applications can fully leverage the power and flexibility the cloud offers?
The 12-Factor principles have been around for a decade and have proven themselves as core, foundational principles for cloud-native applications. But they require changes to how you design your applications, the way teams collaborate on code, and more. Understanding the 12-Factor principles is a strong foundation for adopting cloud-native patterns and practices.
Join Pivotal's Nate Schutta, developer advocate, to learn:
● Which of the 12 Factors are most critical to building scalable applications
● Which of the 12 Factors are most likely violated by your heritage applications
● What you can do to make your existing applications more 12-Factor compliant
● Which of the 12 Factors are most critical to applications moving to the cloud
● How to externalize state and configuration in order to simplify scaling and code changes
Presenter :Nate Schutta, Software Architect
Just about all of my current technical content in one 364 slide mega-deck. Source files at https://github.com/adrianco/slides
Sections on:
Scene Setting
State of the Cloud
What Changes?
Product Processes
Microservices
State of the Art
Segmentation
What’s Missing?
Monitoring
Challenges
Migration
Response Times
Serverless
Lock-In
Teraservices
Wrap-Up
Sildes of an internal talk given at Twitter similar to a previous webinar for Redhat with the same title.
Speeding up development is a key concern, cloud and technology improvements like Docker speed up key steps that make continuous delivery possible. Breaking up the work into many separate microservices and datastores with stable APIs allows teams to make progress independently so that the organization scales. Monolithic apps are preferred for small projects, built by small teams and when very low latency and high efficiency is the primary requirement. Monitoring microservices is currently a challenge with solutions starting to emerge.
Summary of fast development and cloud native architecture along with cost optimization techniques. Presented as opening keynote at the Utility and Cloud Computing 2014 as part of the Cloud Control Workshop.
Software application development and delivery often involves multiple development, infrastructure and operations teams, each with their own preferred “tools of the trade” for building, testing and deploying code changes
For years, virtualization and cloud technologies have provided agile, on-demand infrastructure. The advent of Microservices promises even more agility– but what is required to take advantage of Microservices?
Join Electric Cloud CTO Anders Wallgren and Trace3 Principal Consultant - DevOps Marc Hornbeek as they discuss what is required to:
- Overcome culture and architecture challenges created when decomposing monolithic applications into Microservices-based applications.
- Coordinate integration, testing, monitoring, packaging, release approval and deployment of Microservices-based applications over elastic infrastructures
- Create a controlled and auditable delivery pipeline to support
Microservices-based application.
- Prepare for “future” applications, pipelines and patterns.
Full slide deck for day long discussion of microservices topics. Why use microservices, what options exist and how to migrate to them and address common problems.
'The History of Metrics According to me' by Stephen DayDocker, Inc.
Metrics and monitoring are a time honored tradition for any engineering discipline. It is how we ensure the systems we use are working the way we expect. If this is a time honored tradition, why is it not a built into every piece of software we create, from the ground up? With software engineering, usually the trick to solving anything is to make it easier. By solving the hard parts of application metrics in Docker, we should make it more likely that metrics are a part of your services from the start.
The Cloud Native Journey with Simon ElishaChloe Jackson
The ability to deliver software is no longer a differentiator. In fact, it is a basic requirement for survival. Companies that embrace cloud native patterns of software delivery will survive; companies that don’t will not.
In this webinar, we will:
- Look at the common patterns that distinguish cloud native companies and the architectures that they employ.
- Discover that an opinionated platform, one that stretches from the infrastructure all the way to the application framework, rather than ad-hoc automation, is an essential component to an enterprise's cloud native journey.
- Show that the combination of Pivotal Cloud Foundry and Spring is the complete cloud native platform.
A DevSecOps Tale of Business, Engineering, and PeopleJames Wickett
DevOps and the subsequent move to bring security in under the umbrella of DevSecOps has created a new ethos for Security. This is good. But, when things go wrong–and we know they will–are we going to be successful with the DevSecOps model, or will we be left searching yet again?
In an attempt to answer this question, we will look back in time over 120 years to unveil a tale that touches on business, engineering, and resilience. We will see how engineering decisions affect the lives of those around us, and even though the world has radically changed over the last century, we are still facing many of the same root challenges.
Along the way, we will highlight the high-performing DevSecOps teams of today and introduce a framework for approaching DevSecOps in your organization. Topics range from empathy to lean to system safety with the hope to frame a new playbook for devs, ops, and security to work together.
Spring Cloud Kubernetes: An Easier Path from Idea to ProductionVMware Tanzu
Kubernetes might be a dream for operations teams willing to learn its intricacies, but it can be a nightmare for developers whose primary goal is getting working applications into production.
Spring Cloud Kubernetes addresses developers’ needs by making it simple to deploy Spring Cloud and Spring Boot applications into Kubernetes environments.
This webinar will explore some key Spring Cloud Kubernetes concepts and demonstrate the process of porting an existing application onto a Kubernetes cluster.
Lattice: A Cloud-Native Platform for Your Spring ApplicationsMatt Stine
As presented at SpringOne2GX 2015 in Washington, DC.
Lattice is a cloud-native application platform that enables you to run your applications in containers like Docker, on your local machine via Vagrant. Lattice includes features like:
Cluster scheduling
HTTP load balancing
Log aggregation
Health management
Lattice does this by packaging a subset of the components found in the Cloud Foundry elastic runtime. The result is an open, single-tenant environment suitable for rapid application development, similar to Kubernetes and Mesos Applications developed using Lattice should migrate unchanged to full Cloud Foundry deployments.
Lattice can be used by Spring developers to spin up powerful micro-cloud environments on their desktops, and can be useful for developing and testing cloud-native application architectures. Lattice already has deep integration with Spring Cloud and Spring XD, and you’ll have the opportunity to see deep dives into both at this year’s SpringOne 2GX. This session will introduce the basics:
Installing Lattice
Lattice’s Architecture
How Lattice Differs from Cloud Foundry
How to Package and Run Your Spring Apps on Lattice
How Online Retailer Resident Scaled DevOps with AWS and CloudShell ColonyDevOps.com
Application development is driving the digital transformation. For the online retailer, Resident, that meant the need to quickly develop, test, and release business critical applications in AWS cloud using a DevOps approach. However, Resident needed to accomplish all of this within budget, while they were facing rapid growth, distributed development teams, and complex back-end applications that supported revenue generation.
Join this webinar to learn how Resident selected Quali’s Environment as a Service solution, CloudShell Colony, and AWS public cloud to:
Provide self-service application environments to globally distributed development teams
Control cloud costs with dynamic staging environments
Gain visibility into cloud resources for predictable growth
Consume native AWS services
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftAmazon Web Services
DevSecOps, An Organizational Primer - AWS Security Week at the San Francisco Loft
We examine building DevSecOps culture for you or your customers, which includes foundational practices and scaling functions to instantiate and resiliently operate a DevSecOps model. To achieve this shift, we analyze common success patterns, such as how to use a secure CI/CD pipeline. You’ll learn key points such as building security owners, integrating continuous compliance and security, and removing people from the data to vastly improve your security posture over traditional operating models. Takeaways include a blueprint for building a DevSecOps operating model in your organization; an understanding the security practitioners' point of view and embracing it to drive innovation; and ways to identify operating characteristics in your organization and use them to drive a strategy for DevSecOps.
Level: 100
Speaker: Tim Anderson - Tech Industry Specialist, AWS Security
In this session, you will learn how BNY Mellon is tackling the challenges of DevSecOps at scale by unifying static/dynamic source code scanning, audit and risk analysis tools into a unified workflow by using Jira Software.
BNY Mellon’s ability to generate reports from multiple sources had become a time consuming manual process. Jira Software demonstrated the ability to deliver efficiency at reporting and became the solution for tracking security aspects of the SDLC process.
CloudWorld: What Does Cloud-Native Mean Anyway?Grace Jansen
Terms cloud-native & microservice architecture have been used interchangeably for years. Microservices have benefits, but also bring challenges, so are they really the go-to solution in all cases? Better understanding & some failed projects led to an evaluation of the suitability of microservices, and resulted in new interest in the various architecture styles in the cloud. We'll look at microservices and monoliths in the context of cloud-native.
StripeCon 2021: A Cloud-Native approach to running Silverstripe on Google Clo...Jon Su
In this talk, Jon talks about how a SilverStripe application can be deployed onto Google Cloud Platform as a cloud-native application to take advantage of the full power and benefits of the Cloud.
First presented at StripeCon EU 2021 on 01/10/2021
Barriers to Container Security and How to Overcome ThemWhiteSource
Over the past few years, more and more companies are turning to containerized environments to scale their applications.
However, keeping containers secure throughout the development life cycle presents many challenges to security and development teams. In order to address them, organizations need to adopt a new set of security processes and tools.
This session will focus on the three most vulnerable areas of container security and the best practices to help teams develop and deploy securely.
Join Jeffrey Martin, Senior Director of Product at WhiteSource, as he discusses:
The top challenges to security in containerized environments
How DevSecOps addresses security in containerized environments
Tips and tricks for successfully incorporating security into the container lifecycle
Cloud-Native Fundamentals: An Introduction to 12-Factor ApplicationsVMware Tanzu
It seems like a new cloud-native technology or project is launched every week, and though there are technical changes required for building and operating cloud-native applications, technology alone isn’t a silver bullet. It turns out that how you build your applications is critical to enable seamless scaling and resiliency to failures. What do you have to do to ensure your applications can fully leverage the power and flexibility the cloud offers?
The 12-Factor principles have been around for a decade and have proven themselves as core, foundational principles for cloud-native applications. But they require changes to how you design your applications, the way teams collaborate on code, and more. Understanding the 12-Factor principles is a strong foundation for adopting cloud-native patterns and practices.
Join Pivotal's Nate Schutta, developer advocate, to learn:
● Which of the 12 Factors are most critical to building scalable applications
● Which of the 12 Factors are most likely violated by your heritage applications
● What you can do to make your existing applications more 12-Factor compliant
● Which of the 12 Factors are most critical to applications moving to the cloud
● How to externalize state and configuration in order to simplify scaling and code changes
Presenter :Nate Schutta, Software Architect
Just about all of my current technical content in one 364 slide mega-deck. Source files at https://github.com/adrianco/slides
Sections on:
Scene Setting
State of the Cloud
What Changes?
Product Processes
Microservices
State of the Art
Segmentation
What’s Missing?
Monitoring
Challenges
Migration
Response Times
Serverless
Lock-In
Teraservices
Wrap-Up
Microservices: What's Missing - O'Reilly Software Architecture New YorkAdrian Cockcroft
Assuming you have already figured out microservices, what else do you need to figure out to get them to work properly. This talk skips my usual introduction to why and what, and goes deeper on how.
There are many ways to manage whether a service can talk to another service. It can be tempting to over-use one segmentation mechanism to implement policy when the real problem is how to coordinate and manage many mechanisms in the physical, cloud and container spaces. This talk summarizes the problem space and opportunities rather than offers solutions.
Presented at the Docker Palo Alto meetup Feb 16th 2016 http://www.meetup.com/Docker-Palo-Alto/events/228277181/
A rough and researchy presentation where I tried out some new material in front of a local audience. Skipped the usual introduction and talked about some of the problems people run into when they do microservices and miss a few things. More refined version of this talk to be shown at O'Reilly Software Architecture Conference in New York in April.
Microxchg Analyzing Response Time Distributions for MicroservicesAdrian Cockcroft
Research oriented presentation @Microxchg Berlin Feb 5th 2016. New code to collect histograms of response time and export them to monte-carlo simulation spreadsheet via getguesstimate.com
Discussion of how microservices are being applied across both web scale and enterprise/government use cases to help speed up development.
Video available at http://www.ustream.tv/recorded/86151804
Historical view of process and channel oriented programming idioms: CSP 1978, Occam 1983, Pi-Calculus 1993 etc. How they map to Go and some examples of dynamic channel routing using Go to simulate peer-to-peer networks and microservices networks.
Updated slides for 2016 presentation on innovation in large organizations, why microservices and Docker can be useful, thoughts on monitoring for large complex architectures, some discussion of new topics - serverless architectures AWS Lambda and teraservices.
Why discovery of open books is a challengeEelco Ferwerda
Presentation on the discoverability of Open Access Monographs, given at the ALPSP seminar, 'How to build a successful OA books programme', held 22 february 2017
Causal and semantic relatedness effects on L2 text processing and memory: Evi...Shingo Nahatame
Nahatame, S. (2017, March). Causal and semantic relatedness effects on L2 text processing and memory: Evidence from self-paced reading and recall. Paper presented at the Annual Conference of the American Association for Applied Linguistics, Portalnd.
Rising Confidence in Economic Outlook: Investors are optimistic about the market but are pensive regarding holding strategy against rising interest rates.
Comment automatiser l'exploitation de vos données webanalyticsuptilab
Jérémie, consultant webanalytics et conversion, est intervenu lors d'un Atelier Solution au salon E-Commerce 2016 à Paris pour livrer les Best Practices d’Uptilab !
AWS live hack: Docker + Snyk Container on AWSEric Smalling
Slides from session 3 of the Snyk AWS live hack series
Dec 15, 2021 with Eric Smalling, Dev Advocate at Snyk, and Peter McKee, Head of Dev Relations & Community at Docker.
Dev ops on aws deep dive on continuous delivery - TorontoAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
GDG SLK - Why should devs care about container security.pdfJames Anderson
Title: Why should developers care about container security?
Abstract: Container scanning tools, industry publications, and application security experts are constantly telling us about best practices for how to build our images and run our containers. Often these non-functional requirements seem abstract and are not described well enough for those of us that don’t have an appsec background to fully understand why they are important. In this session, we will go over several of the most common practices, show examples of how your workloads can be exploited if not followed and, most importantly, how to easily find and fix your Dockerfiles and deployment manifests (i.e. Kubernetes config's) before you commit your code.
Speaker: Eric is a 30+ year enterprise software developer, architect, and consultant with a focus on CI/CD, DevOps, and container-based solutions over the last decade. He is a Docker Captain, is certified in Kubernetes (CKA, CKAD, CKS), and has been a Docker user since 2013. As a Senior Developer Advocate at Snyk, Eric helps developers implement proactive and scalable security practices with a focus on container and cloud-native technologies.
Catch the video: https://youtu.be/lBNcUBdY-VM
PKI in DevOps: How to Deploy Certificate Automation within CI/CDDevOps.com
DevOps and CI/CD make for faster code releases, but they also create new challenges for security practices. Think about TLS and code-signing certificates. Almost every component in CI/CD – binaries, builds, web servers and containers – needs certificates to authenticate and verify trust, but traditional PKI processes just can't scale in DevOps environments.
Join Keyfactor and Infinite Ranges to learn how PKI and certificate management fits within the CI/CD pipeline and why an integrated and automated approach is key to success. In this webinar, we'll discuss:
How applications in the DevOps toolchain use PKI (i.e. Jenkins, Kubernetes, Istio, etc.)
The risks of unmanaged or untracked certificates in DevOps environments
Best practices to support visibility, compliance and automation of certificates in CI/CD
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
Build your cloud-native applications with Oracle Cloud. Check Terraform, Docker, Oracle ATP and Kubernetes at work to deploy our Python microservice. The entire thing will be soon available on GitHub.
Between spending hours (or days!) making sure you can code and test locally and the difficulties of keeping remote environments up to date, sometimes we find ourselves falling back on "It works on my machine!". Getting rid of the difficulties in making new development environments and maintaining testing infrastructure is really key to banishing the dreaded phrase. In this session, we'll take you through some of the recent tools and techs that will not only make your life easier but will mean you never have to say "works on my machine" ever again.
Similar to Dockercon 2015 - Faster Cheaper Safer (20)
Keynote at Dockercon Europe Amsterdam Dec 4th, 2014.
Speeding up development with Docker.
Summary of some interesting web scale microservice architectures.
Please send me updates and corrections to the architecture summaries @adrianco
Thanks Adrian
Monitorama - Please, no more Minutes, Milliseconds, Monoliths or Monitoring T...Adrian Cockcroft
Monitorama opening keynote talk on the challenges of Monitoring in a world where we need to deal with continuous delivery, cloud, and automated control feedback loops.
Hack Kid Con - Learn to be a Data Scientist for $1Adrian Cockcroft
Attempt to inspire some kids to pay attention in Math and Science classes so they can get a good job and help fill the skills gap in the years to come.
Slides originally written in April 2013 for a private conference and internal use at Netflix. Publishing now since Heartbleed is another example of an epidemic failure mode.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Dockercon 2015 - Faster Cheaper Safer
1. Faster, Cheaper, Safer
Secure Microservice Architectures using Docker
Adrian Cockcroft @adrianco
Technology Fellow - Battery Ventures
June 2015
2. Key Goals of the CIO?
Align IT with the business
Develop products faster
Try not to get breached
3. Security Blanket Failure
Insecure applications
hidden behind firewalls
make you feel safe until
the breach happens…
http://peanuts.wikia.com/wiki/Linus'_security_blanket
10. Developer Developer
Run What You Wrote
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Developer Developer
11. Developer Developer
Run What You Wrote
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Developer Developer
Monitoring
Tools
12. DeveloperDeveloper Developer
Run What You Wrote
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Developer Developer
Monitoring
Tools
13. DeveloperDeveloper Developer
Run What You Wrote
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Developer Developer
Site
Reliability
Monitoring
Tools
Availability
Metrics
99.95% customer
success rate
14. DeveloperDeveloper Developer
Run What You Wrote
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Developer Developer
Manager Manager
Site
Reliability
Monitoring
Tools
Availability
Metrics
99.95% customer
success rate
15. DeveloperDeveloper Developer
Run What You Wrote
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Micro
service
Developer Developer
Manager Manager
VP
Engineering
Site
Reliability
Monitoring
Tools
Availability
Metrics
99.95% customer
success rate
47. Need for Speed
CPU and IO Intensive workloads
Hadoop, streaming, datastores
Bare metal for efficiency
Well isolated for security
48. Cutting the Cost
Many similar containers per VM
Saving on RAM, oversubscribe CPU
Deploy with Swarm, Mesos, ECS, GKE
VM based single tenant security
49. Playing it Safe
One critical container per VM
Extra security for exposed services
Deploy as immutable VM image
Docker adds to VM security
51. Docker in Production
2014 - DIY frameworks
2015 - Hardening and best practices
2016 - Mature production tooling
52. Thanks !
Continue the discussion on Twitter @adrianco
Adrian Cockcroft
Technology Fellow - Battery Ventures
June 2015
Disclosure: some of the companies mentioned may be Battery Ventures Portfolio Companies
See www.battery.com for a list of portfolio investments