- Just Eat is a leading digital marketplace for takeaway food delivery founded in 2001 operating in 13 markets globally. It has processed up to 2,500 orders per minute at peak times.
- Just Eat migrated to AWS 5 years ago and runs hundreds of EC2 instances at peak dinner times using scheduled scaling, CloudFormation, and other AWS services.
- AWS Lambda was introduced in 2014 and Just Eat started using it for micro tasks like resetting delivery times, publishing SNS messages, and provisioning instance access to reduce infrastructure costs and management compared to running EC2 fleets.
How to use Ansible to automate your applications in AWS. What is Ansible and why is it different? How to control cloud deployments securely and how to control AWS resources using dynamic inventory and tags.
- Terraform allows infrastructure teams to more efficiently and agilely provision resources at scale across multiple production datacenters and regions.
- Key benefits include auto-scaling, self-service provisioning of services like Elasticsearch and Cassandra, and reducing new datacenter provisioning from over 12 months to just 2 months.
- Debugging and managing complex Terraform configurations, especially across modules, can currently be challenging due to limitations in Terraform's data handling and interpolation features.
AWS Elastic Container Service - DockerHNNguyen Anh Tu
Amazon EC2 Container Service (ECS) is a container management service that supports running and managing Docker containers on a cluster of Amazon EC2 instances. It provides built-in scheduling, cluster management, and orchestration capabilities to help run and scale containerized applications. ECS integrates with other AWS services like Elastic Load Balancing, Elastic Block Store, Virtual Private Cloud, and more. Users define tasks and services in task definitions that specify containers, resources, dependencies, and other configuration.
Packer and TerraForm are fundamental components of Infrastructure as Code. I recently gave a talk at a DevOps meetup, which allowed me the opportunity to discuss the basics of these two tools, and how DevOps teams should be using them
Amazon EC2 Container Service: Manage Docker-Enabled Apps in EC2Amazon Web Services
Amazon EC2 Container Service is a new AWS service that makes it easy to run and manage Docker-enabled applications across a cluster of Amazon EC2 instances. EC2 Container Service lets you define, schedule, and stop sets of containers. You have access to the state of your resources, making it easy to confirm that tasks are running or view the utilization of EC2 instances in your cluster. This session will describe the benefits of containers, introduce the EC2 Container Service, and demonstrate how to use EC2 Container Service for your applications.
- Just Eat is a leading digital marketplace for takeaway food delivery founded in 2001 operating in 13 markets globally. It has processed up to 2,500 orders per minute at peak times.
- Just Eat migrated to AWS 5 years ago and runs hundreds of EC2 instances at peak dinner times using scheduled scaling, CloudFormation, and other AWS services.
- AWS Lambda was introduced in 2014 and Just Eat started using it for micro tasks like resetting delivery times, publishing SNS messages, and provisioning instance access to reduce infrastructure costs and management compared to running EC2 fleets.
How to use Ansible to automate your applications in AWS. What is Ansible and why is it different? How to control cloud deployments securely and how to control AWS resources using dynamic inventory and tags.
- Terraform allows infrastructure teams to more efficiently and agilely provision resources at scale across multiple production datacenters and regions.
- Key benefits include auto-scaling, self-service provisioning of services like Elasticsearch and Cassandra, and reducing new datacenter provisioning from over 12 months to just 2 months.
- Debugging and managing complex Terraform configurations, especially across modules, can currently be challenging due to limitations in Terraform's data handling and interpolation features.
AWS Elastic Container Service - DockerHNNguyen Anh Tu
Amazon EC2 Container Service (ECS) is a container management service that supports running and managing Docker containers on a cluster of Amazon EC2 instances. It provides built-in scheduling, cluster management, and orchestration capabilities to help run and scale containerized applications. ECS integrates with other AWS services like Elastic Load Balancing, Elastic Block Store, Virtual Private Cloud, and more. Users define tasks and services in task definitions that specify containers, resources, dependencies, and other configuration.
Packer and TerraForm are fundamental components of Infrastructure as Code. I recently gave a talk at a DevOps meetup, which allowed me the opportunity to discuss the basics of these two tools, and how DevOps teams should be using them
Amazon EC2 Container Service: Manage Docker-Enabled Apps in EC2Amazon Web Services
Amazon EC2 Container Service is a new AWS service that makes it easy to run and manage Docker-enabled applications across a cluster of Amazon EC2 instances. EC2 Container Service lets you define, schedule, and stop sets of containers. You have access to the state of your resources, making it easy to confirm that tasks are running or view the utilization of EC2 instances in your cluster. This session will describe the benefits of containers, introduce the EC2 Container Service, and demonstrate how to use EC2 Container Service for your applications.
Create Microservice with Spring Boot and DockerSivaprakash
Spring Boot makes it easy to create standalone and production-ready Spring applications with minimal configuration. It aims to provide a faster development experience and common features like embedded servers and health checks. Spring Boot 2.0.1 requires Java 8/9 and works with embedded containers like Tomcat, Jetty and Undertow. Docker is a containerization platform that virtualizes applications and their dependencies to run on any OS without conflicts. It was developed by Docker Inc. and written in Go, with community and enterprise editions available.
This document summarizes information from DockerCon 2016, including new features in Docker 1.12 such as Swarm Mode, an integrated clustering system. Swarm Mode uses technologies like SwarmKit for orchestration, Raft for consensus, and gossip protocols for node communication. It also details the new networking model in Docker 1.12 which gives containers IP addresses on ingress, overlay, and docker_gwbridge networks. A new Distributed Application Bundle format is introduced to package multi-service applications.
Amazon EC2 Container Service: Manage Docker-Enabled Apps in EC2Amazon Web Services
Amazon EC2 Container Service (Amazon ECS) is a new AWS service that makes it easy to run and manage Docker-enabled applications across a cluster of Amazon EC2 instances. Amazon ECS lets you define, schedule, and stop sets of containers. You have access to the state of your resources, making it easy to confirm that tasks are running or view the utilization of EC2 instances in your cluster. This session will describe the benefits of containers, introduce ECS, and demonstrate how to use ECS for your applications.
Setup Kubernetes Cluster On AWS Using KOPSSivaprakash
This document provides steps to set up a Kubernetes cluster on AWS using KOPS. It describes installing required tools like kubectl and KOPS, creating an SSH key and Route53 host on AWS, generating a Kubernetes cluster across multiple Availability Zones, and exposing sample applications. Finally, it covers deleting the cluster.
No Docker? No Problem: Automating installation and config with AnsibleJeff Potts
In this talk I show how to bring stability and repeatability to your Alfresco installation by automating install and config management with Ansible.
This talk was originally given at Alfresco DevCon 2020 (virtual edition).
Learn how to get started with the EC2 Container Service, a highly scalable, high performance container management service that supports Docker containers and allows you to easily run applications on a managed cluster of Amazon EC2 instances. We will also cover integration with other AWS services such as Elastic Load Balancing, EBS volumes, and IAM roles.
This document provides an overview of Terraform, an open-source infrastructure as code tool. It discusses Terraform's goals of providing a unified view of infrastructure, composing multiple tiers of infrastructure from IaaS to PaaS to SaaS, and safely changing infrastructure over time with one workflow. Key features highlighted include being open source, using infrastructure as code, resource providers that interface with cloud APIs, and the plan and apply workflow. The document also covers topics like collaboration and version history in Terraform Enterprise, file examples, the plan and apply commands, resource providers, and new features in recent Terraform versions like destroy provisioners, remote backends, state locking, and state environments.
From HashiCorp Korea User Group Meetup
발표자: 김민규(데브시스터즈, 인프라 관리, https://github.com/synthdnb)
발표자: 김도윤(데브시스터즈, 플랫폼 API 서버 개발, https://github.com/solmonk)
발표내용: 팀의 규모가 커지면서 Secret 관리 문제가 조금씩 부각되었습니다. 예를 들면 코드에 커밋되거나, 구전으로 전해지는 Secret들, SSH Key Rotation 등의 문제를 처리하기 위해 많은 노력과 삽질이 필요했습니다. 저희 팀에서 Vault를 통해 이런 문제들을 어떻게 해결했는지 소개하려 합니다.
Are you still using FTP to deploy your code? Are you still manually performing the same steps of deploying a feature, again and again? How many hours have you spent on ssh-ing into the server, pulling the repo, migrating the database, reloading the web server and so on, for each deployment?? Ever wondered if there is a process as simple as a single click to perform all these steps for you?
Automated Deployment does exactly these things for you. It takes the burden of remembering all the steps required in each deployment process and execute it smoothly.
Automating aws infrastructure and code deployments using Ansible @WebEngageVishal Uderani
In this talk , we’ll cover how and why Ansible was leveraged to automate routine management of EC2 instances/EBS/EIP/ELB etc and why the Ansible approach towards automation is key for code and system deployments across 100’s of nodes and how we achieved this at Webengage. We will provide an overview of the deployment process and give a demonstration as an example
Outlines :
How ansible is a straightforward , easy way to manage multiple cloud resources
Intended Audience :
Previous experience with configuration management systems
Previous experience with AWS and Ansible
This document discusses how to run Docker containers on AWS OpsWorks. OpsWorks is a configuration management service that allows users to automate infrastructure and applications on AWS. It uses Chef to define recipes and run lists that are triggered by lifecycle events. The document outlines how to create a custom Docker layer in OpsWorks that will install Docker, manage Docker images and containers, and update configurations across instances. It recommends using the chef-docker cookbook to define recipes for setup, deploy, configure, and undeploy events that will install Docker, deploy containers, update shared configurations, and remove containers respectively.
The document discusses several new Docker tools: Docker Machine, Docker Compose, and Docker Swarm. Docker Machine allows automatically provisioning Docker environments on platforms like EC2, DigitalOcean, Azure and VirtualBox. Docker Compose defines and runs multi-container Docker applications. Docker Swarm turns a pool of Docker hosts into a single, virtual Docker host. Examples are provided for deploying containers to DigitalOcean using Docker Machine and running multi-container apps with Docker Compose.
A tutorial on how to setup CloudStack to expose an S3 interface.
S3 is the amazon web service simple storage service. It is used to create containers on a backend storage system and storage objects in them. S3 is one (if not the one) of the most successfull AWS web service, it scales to billions of objects and serves millions of users.
In this talk we show how to enable a S3 service with the cloudstack management server. This is a tech preview to show the compatibility between CloudStack and AWS services. CloudStack does not implement a distributed data store behind this S3 compatible service but instead uses a traditional file system like NFS to store the objects. This has the advantage of giving users an S3 compatible interface to their cloudstack based cloud.
In future Apache CloudStack releases a true S3 service will be available via the storage systems used like Riack CS, glusterfs and Ceph.
This document summarizes an Ansible and AWS meetup. It discusses using Ansible to provision and configure AWS resources like EC2 instances, security groups, ELBs, and more through idempotent playbooks. Key points covered include Ansible's agentless architecture, dynamic AWS inventory plugin, core modules like ec2 and cloudformation, templates, roles for reuse, and examples of provisioning playbooks that launch instances and apply configurations. It also briefly mentions NetflixOSS projects that use Ansible like Aminator for AMIs and Asgard for provisioning.
DevOps tool that automates software deployment, infrastructure provisioning, and service orchestration using YAML playbooks and powerful modules; it is agentless, uses SSH to push configuration changes to managed nodes, and supports platforms like Linux, Windows, and network devices through a simple Python-based architecture and human-readable YAML files. Ansible can be used to automate tasks across multiple servers through ad-hoc commands or reusable playbooks and its modules help with common administrative tasks like package management, user management, and service management.
Blue/Green deployments have been an important, if rarely implemented, technique in the Continuous Delivery playbook for years. Their aim is simple: provision, deploy, test — and optionally roll-back — your application before it's served to the public. Betterment's deployment architecture takes a similar, but more straightforward approach, accomplishing the important goals sought out by Blue/Green practitioners. Dubbed 'Cyan' (a mixture of Blue/Green), Betterment uses Ansible to provision new instances, push the latest artifacts to them, and ensure that they're healthy before marking them ready for production. All this ensures fast, stable, zero-downtime rollout with minimal human interaction. We'll discuss Betterment's philosophical approach to shipping new code and then dive into the nitty-gritty Ansible that powers the whole thing.
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
Slides from Jeff Mitchell's talk "The Secure Introduction Problem: Getting Secrets Into Containers" at ContainerDays NYC 2016: http://dynamicinfradays.org/events/2016-nyc/programme.html#secrets
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
A review of AWS security concepts, leaks at Beamly, an Introduction to Hashicorp Vault and how we use use Vault at Beamly.
Watch YouTube video here: http://bit.ly/25ytNAD
Join DevOps Exchange London Meetup: http://bit.ly/22y4Var
Follow DOXLON on Twitter: http://bit.ly/1ZdugEJ
Create Microservice with Spring Boot and DockerSivaprakash
Spring Boot makes it easy to create standalone and production-ready Spring applications with minimal configuration. It aims to provide a faster development experience and common features like embedded servers and health checks. Spring Boot 2.0.1 requires Java 8/9 and works with embedded containers like Tomcat, Jetty and Undertow. Docker is a containerization platform that virtualizes applications and their dependencies to run on any OS without conflicts. It was developed by Docker Inc. and written in Go, with community and enterprise editions available.
This document summarizes information from DockerCon 2016, including new features in Docker 1.12 such as Swarm Mode, an integrated clustering system. Swarm Mode uses technologies like SwarmKit for orchestration, Raft for consensus, and gossip protocols for node communication. It also details the new networking model in Docker 1.12 which gives containers IP addresses on ingress, overlay, and docker_gwbridge networks. A new Distributed Application Bundle format is introduced to package multi-service applications.
Amazon EC2 Container Service: Manage Docker-Enabled Apps in EC2Amazon Web Services
Amazon EC2 Container Service (Amazon ECS) is a new AWS service that makes it easy to run and manage Docker-enabled applications across a cluster of Amazon EC2 instances. Amazon ECS lets you define, schedule, and stop sets of containers. You have access to the state of your resources, making it easy to confirm that tasks are running or view the utilization of EC2 instances in your cluster. This session will describe the benefits of containers, introduce ECS, and demonstrate how to use ECS for your applications.
Setup Kubernetes Cluster On AWS Using KOPSSivaprakash
This document provides steps to set up a Kubernetes cluster on AWS using KOPS. It describes installing required tools like kubectl and KOPS, creating an SSH key and Route53 host on AWS, generating a Kubernetes cluster across multiple Availability Zones, and exposing sample applications. Finally, it covers deleting the cluster.
No Docker? No Problem: Automating installation and config with AnsibleJeff Potts
In this talk I show how to bring stability and repeatability to your Alfresco installation by automating install and config management with Ansible.
This talk was originally given at Alfresco DevCon 2020 (virtual edition).
Learn how to get started with the EC2 Container Service, a highly scalable, high performance container management service that supports Docker containers and allows you to easily run applications on a managed cluster of Amazon EC2 instances. We will also cover integration with other AWS services such as Elastic Load Balancing, EBS volumes, and IAM roles.
This document provides an overview of Terraform, an open-source infrastructure as code tool. It discusses Terraform's goals of providing a unified view of infrastructure, composing multiple tiers of infrastructure from IaaS to PaaS to SaaS, and safely changing infrastructure over time with one workflow. Key features highlighted include being open source, using infrastructure as code, resource providers that interface with cloud APIs, and the plan and apply workflow. The document also covers topics like collaboration and version history in Terraform Enterprise, file examples, the plan and apply commands, resource providers, and new features in recent Terraform versions like destroy provisioners, remote backends, state locking, and state environments.
From HashiCorp Korea User Group Meetup
발표자: 김민규(데브시스터즈, 인프라 관리, https://github.com/synthdnb)
발표자: 김도윤(데브시스터즈, 플랫폼 API 서버 개발, https://github.com/solmonk)
발표내용: 팀의 규모가 커지면서 Secret 관리 문제가 조금씩 부각되었습니다. 예를 들면 코드에 커밋되거나, 구전으로 전해지는 Secret들, SSH Key Rotation 등의 문제를 처리하기 위해 많은 노력과 삽질이 필요했습니다. 저희 팀에서 Vault를 통해 이런 문제들을 어떻게 해결했는지 소개하려 합니다.
Are you still using FTP to deploy your code? Are you still manually performing the same steps of deploying a feature, again and again? How many hours have you spent on ssh-ing into the server, pulling the repo, migrating the database, reloading the web server and so on, for each deployment?? Ever wondered if there is a process as simple as a single click to perform all these steps for you?
Automated Deployment does exactly these things for you. It takes the burden of remembering all the steps required in each deployment process and execute it smoothly.
Automating aws infrastructure and code deployments using Ansible @WebEngageVishal Uderani
In this talk , we’ll cover how and why Ansible was leveraged to automate routine management of EC2 instances/EBS/EIP/ELB etc and why the Ansible approach towards automation is key for code and system deployments across 100’s of nodes and how we achieved this at Webengage. We will provide an overview of the deployment process and give a demonstration as an example
Outlines :
How ansible is a straightforward , easy way to manage multiple cloud resources
Intended Audience :
Previous experience with configuration management systems
Previous experience with AWS and Ansible
This document discusses how to run Docker containers on AWS OpsWorks. OpsWorks is a configuration management service that allows users to automate infrastructure and applications on AWS. It uses Chef to define recipes and run lists that are triggered by lifecycle events. The document outlines how to create a custom Docker layer in OpsWorks that will install Docker, manage Docker images and containers, and update configurations across instances. It recommends using the chef-docker cookbook to define recipes for setup, deploy, configure, and undeploy events that will install Docker, deploy containers, update shared configurations, and remove containers respectively.
The document discusses several new Docker tools: Docker Machine, Docker Compose, and Docker Swarm. Docker Machine allows automatically provisioning Docker environments on platforms like EC2, DigitalOcean, Azure and VirtualBox. Docker Compose defines and runs multi-container Docker applications. Docker Swarm turns a pool of Docker hosts into a single, virtual Docker host. Examples are provided for deploying containers to DigitalOcean using Docker Machine and running multi-container apps with Docker Compose.
A tutorial on how to setup CloudStack to expose an S3 interface.
S3 is the amazon web service simple storage service. It is used to create containers on a backend storage system and storage objects in them. S3 is one (if not the one) of the most successfull AWS web service, it scales to billions of objects and serves millions of users.
In this talk we show how to enable a S3 service with the cloudstack management server. This is a tech preview to show the compatibility between CloudStack and AWS services. CloudStack does not implement a distributed data store behind this S3 compatible service but instead uses a traditional file system like NFS to store the objects. This has the advantage of giving users an S3 compatible interface to their cloudstack based cloud.
In future Apache CloudStack releases a true S3 service will be available via the storage systems used like Riack CS, glusterfs and Ceph.
This document summarizes an Ansible and AWS meetup. It discusses using Ansible to provision and configure AWS resources like EC2 instances, security groups, ELBs, and more through idempotent playbooks. Key points covered include Ansible's agentless architecture, dynamic AWS inventory plugin, core modules like ec2 and cloudformation, templates, roles for reuse, and examples of provisioning playbooks that launch instances and apply configurations. It also briefly mentions NetflixOSS projects that use Ansible like Aminator for AMIs and Asgard for provisioning.
DevOps tool that automates software deployment, infrastructure provisioning, and service orchestration using YAML playbooks and powerful modules; it is agentless, uses SSH to push configuration changes to managed nodes, and supports platforms like Linux, Windows, and network devices through a simple Python-based architecture and human-readable YAML files. Ansible can be used to automate tasks across multiple servers through ad-hoc commands or reusable playbooks and its modules help with common administrative tasks like package management, user management, and service management.
Blue/Green deployments have been an important, if rarely implemented, technique in the Continuous Delivery playbook for years. Their aim is simple: provision, deploy, test — and optionally roll-back — your application before it's served to the public. Betterment's deployment architecture takes a similar, but more straightforward approach, accomplishing the important goals sought out by Blue/Green practitioners. Dubbed 'Cyan' (a mixture of Blue/Green), Betterment uses Ansible to provision new instances, push the latest artifacts to them, and ensure that they're healthy before marking them ready for production. All this ensures fast, stable, zero-downtime rollout with minimal human interaction. We'll discuss Betterment's philosophical approach to shipping new code and then dive into the nitty-gritty Ansible that powers the whole thing.
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
Slides from Jeff Mitchell's talk "The Secure Introduction Problem: Getting Secrets Into Containers" at ContainerDays NYC 2016: http://dynamicinfradays.org/events/2016-nyc/programme.html#secrets
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
A review of AWS security concepts, leaks at Beamly, an Introduction to Hashicorp Vault and how we use use Vault at Beamly.
Watch YouTube video here: http://bit.ly/25ytNAD
Join DevOps Exchange London Meetup: http://bit.ly/22y4Var
Follow DOXLON on Twitter: http://bit.ly/1ZdugEJ
In a dynamic infrastructure world, let's stop pretending credentials aren't public knowledge in an organization and just assume that they have already been leaked, now what?
Using ansible vault to protect your secretsExcella
This document discusses how Ansible Vault can be used to encrypt sensitive data like passwords and private keys to protect secrets when committing infrastructure as code to source control on GitHub. It recommends encrypting only sensitive information, not all files, and splitting encrypted variable files into directories. It also provides tips for using a password script and Jenkins to automate running plays with encrypted data without exposing passwords in plain text. The document aims to help balance the security of encrypting secrets with the usability of infrastructure as code workflows.
This document provides an overview of HashiCorp Vault for securely storing, accessing, and managing secrets. It discusses how Vault can be used to securely store secrets like API keys, passwords, and certificates. The document outlines Vault's architecture, data storage options, authentication methods, policies for access control, and integrating systems using Vault. It also provides an agenda for a demonstration of Spring Cloud Vault integration for retrieving database credentials from Vault and using them to connect to a MySQL database.
Get an overview of HashiCorp's Vault concepts.
Learn how to start a Vault server.
Learn how to use the Vault's postgresql backend.
See an overview of the Vault's SSH backend integration.
This presentation was held on the DigitalOcean Meetup in Berlin. Find more details here: https://www.meetup.com/DigitalOceanBerlin/events/237123195/
Chickens & Eggs: Managing secrets in AWS with Hashicorp VaultJeff Horwitz
Presented to the Philly DevOps Meetup November 29, 2016.
Managing secrets is hard. It’s even harder in the cloud. At Jornaya (formerly LeadiD), we chose Hashicorp Vault to manage our secrets in AWS, and I’d like to share our experience with everyone.
PerconaLive 2016 Santa Clara presentation on Hashicorp Vault with CTO Armon Dadger
https://www.percona.com/live/data-performance-conference-2016/sessions/using-vault-decouple-secrets-applications
Modern tooling to assist with developing applications on FreeBSDSean Chittenden
Discuss a workflow and the tooling for FreeBSD engineers to develop locally on their laptop (OS-X, Windows, or FreeBSD), and push applications to bare metal or the cloud. The tooling required to provide good automation from a developer laptop to production takes time to evolve, however this lecture will jumpstart a series of best practices for FreeBSD engineers who want to see their business applications run on FreeBSD.
Like Ruby on Rails for Node - the Sails js frameworkStenio Ferreira
The document discusses Sails.js, a web framework for Node.js. It describes Sails.js as a framework that provides conventions and tools for building custom RESTful APIs and web applications using Node.js. The document outlines features of Sails.js like blueprints, templates, database integration, websockets, and routes. It also discusses how Sails.js compares to other Node.js frameworks and common questions around using Sails.js for user management, deployment, and testing.
This document discusses Nomad and Consul, two products from HashiCorp that help with deploying and discovering services at scale. Nomad is a cluster scheduler that allows specifying jobs to deploy applications across datacenters. It provides advantages like higher resource utilization, decoupling work from resources, and better quality of service. Consul is a service discovery and configuration tool that supports monitoring, high availability, and prepared queries to locate healthy service instances across datacenters. The presentation covers the architectures and advantages of both Nomad and Consul for running workloads at large scale.
This document discusses HashiCorp tools for infrastructure automation, including Packer, Terraform, and Vault. It provides an overview of each tool's purpose and functionality, such as using Packer to create machine images, Terraform to provision and manage cloud infrastructure as code, and Vault to securely manage secrets. It also describes a case study of using Packer and Terraform to help a UK retailer move infrastructure to the cloud. Training courses are recommended to help organizations adopt these tools.
PostgreSQL High-Availability and Geographic Locality using consulSean Chittenden
Virtual IPs or floating IPs have long been the workhorse mechanism for providing high-availability for database systems, however floating IP addresses have several limitations that make it problematic in modern data centers and cloud environments, notably that it requires all members be in the same Layer-2 domain. consul is a strongly consistent way of providing high-availability services in Layer-3 environments and provides fail-over across different geographic regions. In this talk we will discuss the benefits, setup, and use of consul for fail-over of PostgreSQL, both in a local data center scenario and a geographic redundancy scenario where databases are split across multiple data centers.
The document discusses using Vagrant and cloud platforms like GCP to develop and deploy applications from development to production. It introduces Vagrant as a tool for setting up and managing development environments and shows how to use Vagrant with FreeBSD. It then demonstrates provisioning a FreeBSD VM on GCP and discusses identity and access management on the cloud platform. The document aims to provide an overview of using Vagrant for development and cloud platforms like GCP for production deployments.
This session walks through the mechanics of AWS bill computation and consolidated billing to help you understand your bill. AWS billing has many features to help you manage and control your costs in the AWS cloud environment including detailed billing reports, programmatic access, cost allocation, billing alerts, and IAM access. We provide an overview of these features and then demonstrate how to use and incorporate them into your own account setup.
Not to be confused with Oracle Database Vault (a commercial db security product), Data Vault Modeling is a specific data modeling technique for designing highly flexible, scalable, and adaptable data structures for enterprise data warehouse repositories. It is not a replacement for star schema data marts (and should not be used as such). This approach has been used in projects around the world (Europe, Australia, USA) for the last 10 years but is still not widely known or understood. The purpose of this presentation is to provide attendees with a detailed introduction to the technical components of the Data Vault Data Model, what they are for and how to build them. The examples will give attendees the basics for how to build, and design structures when using the Data Vault modeling technique. The target audience is anyone wishing to explore implementing a Data Vault style data model for an Enterprise Data Warehouse, Operational Data Warehouse, or Dynamic Data Integration Store. See more content like this by following my blog http://kentgraziano.com or follow me on twitter @kentgraziano.
Choosing to migrate to Kubernetes can be a tough decision, and even tougher to execute. We at Kash Corp took the plunge just over a year ago with Kubernetes 1.2, and haven't looked back. This talk will detail some of our solutions to dealing with Configuration Management, Continuous Delivery, Monitoring, Maintenance, as well as talk about mistakes, frustrations and lessons learned along the way, and where we're going next.
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It allows you to group hosts, schedule containers, enable communication between containers, associate containers to storage, and ensure high availability and scalability. The demo uses Minikube to run a single-node Kubernetes cluster locally, installs Helm package manager, and deploys a MySQL database cluster on Kubernetes with replication and load balancing using Helm charts. It also shows how to connect to and upgrade the MySQL deployment.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Idan Tohami
- How to use Ansible to automate your applications in AWS.
- What is Ansible and why is it different?
- How to control cloud deployments securely
- How to control AWS resources using dynamic inventory and tags.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Idan Tohami
- How to use Ansible to automate your applications in AWS.
- What is Ansible and why is it different?
- How to control cloud deployments securely
- How to control AWS resources using dynamic inventory and tags.
Run the elastic stack on kubernetes with eck Daliya Spasova
This document discusses the challenges of running the Elastic Stack on Kubernetes and introduces Elastic Cloud on Kubernetes (ECK) as a solution. ECK uses operators to deploy and manage Elasticsearch, Kibana, APM Server, and other Elastic products on Kubernetes. The operator watches custom resources, and its reconciliation loop automatically handles tasks like creating pods, configmaps, secrets, services and managing upgrades/scaling without downtime or data loss. ECK provides simplified configuration, security, high availability, and automation to make running Elastic Stack on Kubernetes easier.
Build Your Own CaaS (Container as a Service)HungWei Chiu
In this slide, I introduce the kubernetes and show an example what is CaaS and what it can provides.
Besides, I also introduce how to setup a continuous integration and continuous deployment for the CaaS platform.
Bitbucket Pipelines - Powered by KubernetesNathan Burrell
This talk covers how pipelines uses Kubernetes to power its builder infrastructure and shares some tips on running Kubernetes at scale in a secure way.
This presentation was presented to the sydney Kubernetes meetup on the 3rd of August 2017.
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks
Alfonso described how Weave open source projects (Weave Net and Weave Scope) can help with networking, visualization, and control for ECS. Specifically, Weave acts as a key communicator for networking containers with its multi-host overlay and additional features (including automatic DNS service discovery and multicast).
A 60-minute tour of AWS Compute (November 2016)Julien SIMON
This document summarizes a 60-minute tour of AWS compute services, including Amazon EC2, Elastic Beanstalk, EC2 Container Service, and AWS Lambda. It provides an overview of each service, including its core capabilities and use cases. Examples and demos are shown for Elastic Beanstalk, EC2 Container Service, and AWS Lambda. Additional resources are referenced for going deeper with ECS and Lambda.
Sean O'Sullivan uses AWS for his companies LocalSocial and Dial2Do. He runs EC2 instances with AMIs containing his application code. LocalSocial uses S3 for storage, EC2 instances, and EBS volumes for databases. Dial2Do uses CloudFront for content delivery. Backups are done to S3. The monthly costs for a small EC2 instance and associated services is around $75. Overall, AWS provides an easy and flexible way for startups to experiment and manage infrastructure and costs.
WebCamp 2016: DevOps. Ярослав Погребняк: Gobetween - новый лоад балансер для ...WebCamp
Сравним монолитную и микросервисную архитектуры, увидим почему существующие решения (nginx, haproxy) плохо справляются с потребностями микросервисов, и рассмотрим опыт создания собственного open-source лоад балансера.
The document discusses Intuit's journey to building a modern software-as-a-service (SaaS) platform using Kubernetes. It outlines the goals of increasing release cycle time, release frequency, and recoverability. It then describes challenges around multi-tenancy, common functionality, resilience, monitoring, and costs. Intuit developed the Keiko project to help solve these challenges, which includes tools like an addon manager, instance manager, upgrade manager, and active monitor. The solutions have helped Intuit improve velocity, operability, and security when developing and running microservices on Kubernetes.
This document discusses moving a Magento e-commerce platform to the AWS cloud to improve scalability, availability, and cost efficiency. It provides an overview of traditional Magento infrastructure and proposes an alternative infrastructure design on AWS using services like EC2, ELB, RDS, S3, CloudFront, Route53, and Elasticache. It highlights key considerations for each technology and steps to automate the infrastructure and deployment process.
An overview of extension points in Kubernetes. Extend Kubernetes using API Aggregation, Custom Resource Definitions and your own Controllers. Kubernetes Meetup Frankfurt, March 25th 2019 at Meshcloud GmbH
This document discusses tools for managing large scale computing environments: Cobbler, Puppet, and Func. Cobbler is a provisioning system that automates OS installation and configuration. Puppet is a configuration management tool that defines system configurations and ensures consistency. Func provides a Python API to manage systems, allowing them to be treated as Python objects. It includes modules to control services, run commands, and integrate with monitoring tools like Nagios. These tools help reduce complexity and enable consistent configuration of large numbers of systems.
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsMichael Zhang
This document discusses tools for managing large scale computing environments: Cobbler, Puppet, and Func. Cobbler is a provisioning system that automates OS installation and configuration. Puppet is a configuration management tool that defines system configurations and ensures consistency. Func provides a Python API to manage systems, allowing them to be treated as Python objects. It includes modules to control services, run commands, and integrate with monitoring tools like Nagios. These tools help reduce complexity and enable consistent configuration of large numbers of systems.
Serverless frameworks are changing the way we do computing. In open source container world, Kubernetes is playing a pivotal role in manifesting this. This presentation will go deep into various features of Kubernetes to create serverless functions.
Also includes a comparative study of various serverless frameworks such as Kubeless, Fission and Funktion are available in open source world. Will conclude with an implementation demo and some real world use cases.
Presented in serverless summit 2017: www.inserverless.com
Kubernetes for FaaS (Function as a Service) - Serverless evolution, some basic constructs, kubenetes features, comparisons - from Serverless conference 2017 Bangalore.
Apache Accumulo (like all distributed, data stores) provides scalability at the cost of increased complexity. While Accumulo’s algorithms for handling fault tolerance or distributing load across a cluster may always be complex to the average Accumulo user, there are parts of Accumulo that can be simplified and improved to provide a better user experience. It should be easy for users to install and run Accumulo, write a simple Accumulo client, and troubleshoot common issues. This talk will cover how the Accumulo user experience has improved with Accumulo 2.0 and the creation of the Uno and Muchos tools. The talk will end with a discussion of possible future work to make the user experience better.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Digital Marketing Trends in 2024 | Guide for Staying AheadWask
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
3. JUST EAT
“the world’s leading marketplace for online food delivery”
- Amazon Web Services
- Run hundreds of EC2 Instances at peak
- Customers Worldwide
- Microservices > 100
- Multiple accounts, environments
- Using HashiCorp tools in since 2015
4. Consul - Initial Rollout
- Cluster Per Environment
- Seed key/values from GitHub (git2consul)
- Expand keys : true
- Every EC2 Instance runs Consul Agent
- Each microservice registers a service and has custom ACL
- Used Consul-Template to generate .config files
7. Consul-Template
Setup
- Consul-Template pre-baked on AMIs (Packer)
- Service installed during deployment
- Consul-Template files bundled with feature package
- Generated *.config files (.Net)
Lessons Learnt
- Replacing static files meant more effort to run locally
- Worked well
- However... web.config and connectionstrings.config cannot be changed without cycling AppPool !
8. Consul Libraries
.NET Libraries
- using https://github.com/PlayFab/consuldotnet
JustEatConsul
- Setup Client
- Setup default endpoints - key prefixes
- Create configuration object recursively checking all key/values (remove prefix)
- Return configuration object:
var defaultTimeout = configurationRoot[“timeout”]
10. Consul Watches
HttpReload
- Endpoint to trigger rebuild of the ConfigurationRoot
Consul Watch
- Windows (NSSM) Service setup during deployment
- “Watches” key prefixes for the feature deployed
- Invokes a WebRequest to local endpoint
- Only rebuild when a value used by the feature is changed
12. Consul ACLs
ACL per Feature
- Generated during Deployment
Lessons Learnt
- Adding new endpoints, meant a deployment to get new ACL
- Use events and triggers
- Avoid different rules across types of environment
- Create Ad-hoc ACLs...and tidy them afterwards!
- Clear browser local storage
13. Source of Truth
- Launched a Consul Cluster for Just Eat Source of Truth
- Accounts, Environments, Features, Teams
- UI has transformed JSON files to readable content
- Reliable
Use Case : Centralised Data
14. Use Case : Consul Locks
“Unique” Instance Value
- Require unique node name, used for :
- Consul Node
- Monitoring Stats
- Log Files
- Each EC2 needs an instance position
- Use AWS service SimpleDB - being retired….
Deployment
- Instance Locks key/value
- Finds free position,
- Allocates values
- Releases Lock
15. Lessons Learnt
- Very easy to setup
- Configurable - retries, timeouts, number of locks
- Reliable
Consul Locks
001
003
002
16. Vault
“Why aren’t you using Vault?”
- “We plan to….”
Approach
- Launch separate Vault Clusters
- Keep “config” distinct
- Not held in source control
- Backed by Consul
- Manually added passwords
18. Vault
Challenges
- Mechanism to create “tokens” for EC2 instances
- How to access the secrets
- Keeping it simple vs making it secure
- Backing up the data
- Mechanism to add secrets
- Alerting, Auditing, Logging
20. .NET Library
- using https://github.com/rajanadar/VaultSharp
JustEatVault
- Use token generated during deployment
var password = configuration[“my_password”]
Vault - Accessing Secrets
21. Lessons Learnt
- Vault instances didn’t forward requests…..
- Look after your keys
- Read the docs slowly
Vault
22. - Consul, Packer, Vault, Nomad….
- Use available open source tools
- Newer versions solving workarounds
Summary
23. Summary
- Some roll-out/migration pain - ports, stats
- Read the docs
- Use the features that suit your needs
- Still making the case for Terraform