What does Serverless mean for DevOps, in practical terms? While Serverless does reduce the need for server-centric DevOps, it poses new challenges in many areas including security, app deployment and cloud resource provisioning, partly due to an explosion of "nanoservices". Based on a current project using AWS, we cover relevant tools, techniques and tips to deliver a smooth serverless experience for development through to production.
Delivered at Bristol DevOps meetup, 27 Jun 2018. To see detailed notes covering extra points not on slides, click the Notes link just below (or download the Powerpoint).
Update: here's the correct link for Gojko Adzic talk on the Backendless slide - https://www.youtube.com/watch?v=w7X4gAQTk2E
Building serverless app_using_aws_lambda_b4usolutionHoa Le
Scaling applications is a big problem whether your applications are deployed on-premises or on the cloud, that means you have to provision and manage servers such as how much CPU, storage and database power that applications need.
AWS Lambda is a compute service that runs your code in response to events and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information. AWS Lambda starts running your code within milliseconds of an event such as an image upload, in-app activity, website click, or output from a connected device.
Building serverless app_using_aws_lambda_b4usolutionHoa Le
Scaling applications is a big problem whether your applications are deployed on-premises or on the cloud, that means you have to provision and manage servers such as how much CPU, storage and database power that applications need.
AWS Lambda is a compute service that runs your code in response to events and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information. AWS Lambda starts running your code within milliseconds of an event such as an image upload, in-app activity, website click, or output from a connected device.
AWS Lambda is a new compute service that runs your code in response to events and automatically manages compute resources for you. In this session, you will learn what you need to get started quickly, including a review of key
features, a live demonstration, how to use AWS Lambda with Amazon S3 event notifications and Amazon DynamoDB streams, and tips on getting the most out of AWS Lambda functions.
Speakers:
Dean Bryen, AWS Solutions Architect and
Andrew Wheat, Senior Developer Media Services BBC
Lambda and serverless - DevOps North East Jan 2017Mike Shutlar
Introduction to AWS Lambda, serverless architectures, & the new AWS Serverless Application Model.
Source code for demo serverless application available here:
https://github.com/infectedsoundsystem/lambda-refarch-webapp
AWS Lambda is a new compute service that runs your code in response to events and automatically manages compute resources for you. In this session, you learn what you need to get started quickly, including a review of key features, a live demonstration, how to use AWS Lambda with Amazon S3 event notifications and Amazon DynamoDB streams, and tips on getting the most out of Lambda functions.
Serverless design considerations for Cloud Native workloadsTensult
We have built a news website with more than a billion views per month and we are sharing the learnings from that experience covering Serverless architectures, Design considerations, and Gotchas.
Serverless needs no introduction these days. It is viewed as a magic recipe for organisations moving to cloud and for those moving beyond the container hell.
LEGO.com was migrated from a legacy monolith eCommerce platform onto serverless on AWS. This employed serverless and managed services at its core within an agile development process. Is early success with serverless a springboard to future possibilities? Does serverless really deliver what it promises?
We will look at how serverless helped in the migration and what can it do to the organisation beyond its initial adoption!
Building Serverless Web Applications - May 2017 AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn the basics of AWS Lambda and Amazon API Gateway
- Understand how to build a web application using these services
- Learn to architect a serverless application
- Gain an overview of frameworks for building serverless applications
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? In this session, you will learn how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverless applications, such as the AWS Serverless Application Model (AWS SAM), Chalice, and ClaudiaJS.
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )Amazon Web Services
In the middle of 2015, Expedia started using AWS Lambda for serverless computing. We built boilerplate templates in Node.js, Java, and Python so development teams could build and deploy serverless applications into AWS. Currently, we have 300 AWS Lambda functions processing 40 million invocations per day.
In this session, we will discuss how development teams use boilerplate templates to create serverless applications with Amazon API Gateway and AWS Lambda and how they deploy them to AWS. We will cover patterns, architectural design choices, and the benefits --- like cost, scale, availability, and operations --- of running serverless applications.
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...Amazon Web Services
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you’ll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We’ll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We’ll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
AWS Speaker : Danilo Poccia, Technical Evangelist - Amazon Web Services
AWS re:Invent 2016: The State of Serverless Computing (SVR311)Amazon Web Services
Join us to learn about the state of serverless computing from Dr. Tim Wagner, General Manager of AWS Lambda. Dr. Wagner discusses the latest developments from AWS Lambda and the serverless computing ecosystem. He talks about how serverless computing is becoming a core component in how companies build and run their applications and services, and he also discusses how serverless computing will continue to evolve.
AWS Lambda is a new compute service that runs your code in response to events and automatically manages compute resources for you. In this session, you will learn what you need to get started quickly, including a review of key
features, a live demonstration, how to use AWS Lambda with Amazon S3 event notifications and Amazon DynamoDB streams, and tips on getting the most out of AWS Lambda functions.
Speakers:
Dean Bryen, AWS Solutions Architect and
Andrew Wheat, Senior Developer Media Services BBC
Lambda and serverless - DevOps North East Jan 2017Mike Shutlar
Introduction to AWS Lambda, serverless architectures, & the new AWS Serverless Application Model.
Source code for demo serverless application available here:
https://github.com/infectedsoundsystem/lambda-refarch-webapp
AWS Lambda is a new compute service that runs your code in response to events and automatically manages compute resources for you. In this session, you learn what you need to get started quickly, including a review of key features, a live demonstration, how to use AWS Lambda with Amazon S3 event notifications and Amazon DynamoDB streams, and tips on getting the most out of Lambda functions.
Serverless design considerations for Cloud Native workloadsTensult
We have built a news website with more than a billion views per month and we are sharing the learnings from that experience covering Serverless architectures, Design considerations, and Gotchas.
Serverless needs no introduction these days. It is viewed as a magic recipe for organisations moving to cloud and for those moving beyond the container hell.
LEGO.com was migrated from a legacy monolith eCommerce platform onto serverless on AWS. This employed serverless and managed services at its core within an agile development process. Is early success with serverless a springboard to future possibilities? Does serverless really deliver what it promises?
We will look at how serverless helped in the migration and what can it do to the organisation beyond its initial adoption!
Building Serverless Web Applications - May 2017 AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn the basics of AWS Lambda and Amazon API Gateway
- Understand how to build a web application using these services
- Learn to architect a serverless application
- Gain an overview of frameworks for building serverless applications
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? In this session, you will learn how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverless applications, such as the AWS Serverless Application Model (AWS SAM), Chalice, and ClaudiaJS.
AWS re:Invent 2016: Serverless Computing Patterns at Expedia (SVR306) )Amazon Web Services
In the middle of 2015, Expedia started using AWS Lambda for serverless computing. We built boilerplate templates in Node.js, Java, and Python so development teams could build and deploy serverless applications into AWS. Currently, we have 300 AWS Lambda functions processing 40 million invocations per day.
In this session, we will discuss how development teams use boilerplate templates to create serverless applications with Amazon API Gateway and AWS Lambda and how they deploy them to AWS. We will cover patterns, architectural design choices, and the benefits --- like cost, scale, availability, and operations --- of running serverless applications.
Getting Started with AWS Lambda and the Serverless Cloud - AWS Summit Cape T...Amazon Web Services
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you’ll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We’ll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We’ll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
AWS Speaker : Danilo Poccia, Technical Evangelist - Amazon Web Services
AWS re:Invent 2016: The State of Serverless Computing (SVR311)Amazon Web Services
Join us to learn about the state of serverless computing from Dr. Tim Wagner, General Manager of AWS Lambda. Dr. Wagner discusses the latest developments from AWS Lambda and the serverless computing ecosystem. He talks about how serverless computing is becoming a core component in how companies build and run their applications and services, and he also discusses how serverless computing will continue to evolve.
Accenture Cloud Platform helps customers manage public and private enterprise cloud resources effectively and securely. In this session, learn how we designed and built new core platform capabilities using a serverless, microservices-based architecture that is based on AWS services such as AWS Lambda and Amazon API Gateway. During our journey, we discovered a number of key benefits, including a dramatic increase in developer velocity, a reduction (to almost zero) of reliance on other teams, reduced costs, greater resilience, and scalability. We describe the (wild) successes we’ve had and the challenges we’ve overcome to create an AWS serverless architecture at scale. Session sponsored by Accenture.
AWS Competency Partner
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
Join us to learn about the state of serverless computing from Dr. Tim Wagner, General Manager of AWS Lambda. Dr. Wagner discusses the latest developments from AWS Lambda and the serverless computing ecosystem. He talks about how serverless computing is becoming a core component in how companies build and run their applications and services, and he also discusses how serverless computing will continue to evolve.
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksAmazon Web Services
AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app. In this session, we dive deep into AWS Lambda to learn about capabilities, features and benefits.
Learning Objectives:
• Dive deep into AWS Lambda
• Learn about the capabilities, features and benefits of AWS Lambda
• Learn about the different use cases
• Learn how to get started using AWS Lambda
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewaySteve Androulakis
Stephen Liedig (Amazon Web Services) is a Public Sector Solutions Architect at AWS working closely with local and state governments, educational institutions, and non-profit organisations across Australia and New Zealand to design, and deliver, highly secure, scalable, reliable and fault-tolerant architectures in the AWS Cloud while sharing best practices and current trends, with a specific focus on DevOps, messaging, and serverless technologies.
The “Twelve-Factor” application model has come to represent twelve best practices for building modern, cloud-native applications. With guidance on things like configuration, deployment, runtime, and multiple service communication, the Twelve-Factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications.
Although serverless computing and AWS Lambda have changed how application development is done, the “Twelve-Factor” best practices remain relevant and applicable in a serverless world. In this talk, Chris will share with you how to apply the “Twelve-Factor” model to serverless application development with AWS Lambda and Amazon API Gateway and show you how these services enable you to build scalable, low cost, and low administration applications.
The “Twelve-Factor” application model has come to represent twelve best practices for building modern, cloud-native applications. With guidance on things like configuration, deployment, runtime, and multiple service communication, the Twelve-Factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although serverless computing and AWS Lambda have changed how application development is done, the “Twelve-Factor” best practices remain relevant and applicable in a serverless world. In this talk, we’ll apply the “Twelve-Factor” model to serverless application development with AWS Lambda and Amazon API Gateway and show you how these services enable you to build scalable, low cost, and low administration applications.
AWS re:Invent 2016 was AWS’ largest event yet with over 32,000 attendees, 400 breakout sessions, and two keynotes of new product announcements. In this talk, we’ll explore the core themes of AWS re:Invent 2016 such as serverless and artificial intelligence. We will also drill down into several of the services and features unveiled including AWS Batch, AWS Shield, Aurora for Postgres, X-Ray, Polly, Lex, Rekognition, AWS Step Functions. Light appetizers and refreshments will be provided.
by Rahul Sareen, Sr. IoT Consultant, AWS Professional Services
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you’ll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We’ll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We’ll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
Lightning talk introducing serverless technology, then covering how DevOps is evolving to meet the challenges of the serverless world.
- for a deeper look at this topic with more content in slides, see my more recent talk "How Serverless Changes DevOps"
Delivered at DDD Southwest, 21 Apr 2018. To see detailed text covering what I said, click the Notes link just below (or download the Powerpoint).
How to use Ansible to go faster when creating AWS resources, building servers, and deploying apps. This talk focuses on how AWS developers and admins can use simple Ansible scripts to rapidly create AWS resources including VPCs, security groups and instances, then configure new development and production servers, and deploy their apps. No more "snowflake servers"!
(Click 2nd slide for video) Deploy PHP apps faster in 2017. This talk focuses on how PHP developers can use simple Ansible scripts to rapidly configure new dev and production servers from scratch, and deploy their apps. No more "snowflake servers"!
This is a general introduction to DevOps essentials and Ansible, with a few extras for PHP developers, including some best practice tips and overview of two major Ansible-based PHP projects, Drupal-VM and Trellis (modern WordPress setup).
Integrating Web Apps with Canvas - Salesforce1 World TourRichard Donkin
Overview of Force.com Canvas, a technology that enables you to rapidly integrate third party web applications (on-premise or cloud) into a Salesforce environment, showing their user interface within a secure iframe.
Includes:
- why Canvas is essential to integrate diverse enterprise web apps
- how it works for both desktop and mobile, using Salesforce1
- tips from Cloudfind developers to solve some key challenges with Internet Explorer and Safari
Minecraft in 500 lines with Pyglet - PyCon UKRichard Donkin
A short walkthrough of some of the code from an impressive 500 line Python game - a simple version of Minecraft, using the Pyglet 3D library. Links to resources for Pyglet and Python gaming generally.
Downloading the file for use in PowerPoint / LibreOffice will let you see the builds on some of the code slides, which may help a bit.
Minecraft in 500 lines of Python with PygletRichard Donkin
A short walkthrough of some of the code from an impressive 500 line Python game - a simple version of Minecraft, using the Pyglet 3D library. Links to resources for Pyglet and Python gaming generally.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
2. $ whoami
• DevOps engineer, working as contractor
• Serverless, Terraform, AWS
• Ansible, Docker, Linux, databases
• Startups and enterprises
• Currently engaged at Seccl Technology
• Fintech startup building innovative API-based platform
@rdonkin
linkedin.com/in/rdonkin
tempohq.net
3. • What is Serverless?
• What Changes for DevOps?
• DevOps != Server Management
• DevOps Areas for Serverless
• App Architectures
• Automation Tools
• Environments
• Monitoring and Observability
• Cold Start
• Security
Topics
11. DevOps != Server Management
• Agile for Infrastructure (Patrick Debois)
• "Better software, faster and more safely" (Helen Beal)
12. DevOps Areas for Serverless
Configuration management
Deployment
• Cloud resource provisioning
• App deployment
Management
• Monitoring, alerting
• Observability, logging
• Application performance
• Application Cost Management
Developer Environments
CI/CD
High availability
• Multi-region
Security
• Access controls
• Authentication inc. MFA
• Secret management
• Intrusion detection/prevention
• Auditing
Dependency management
• Software supply chain
All delivered using Infrastructure as Code
13. When Not To Use Serverless
• Long-running functions
• Max 5 min on AWS
• CaaS alternatives: ECS, EKS, Fargate, AWS Batch
• Server alternatives: EC2, SQS
• Low-latency functions
• Lambda "cold start" on AWS – delays of 100ms to 10 sec
• Workload is flat, or very high compute
• Spiky workloads are better fit
• Consider TCO of equivalent solution inc. HA, scaling
• Existing apps
• Move slices into serverless (background processing and operations tasks)
15. Serverless App Architectures
Option API Functions Comment
Monolith POST /api backend Single function for app
Microservices POST /custs
Add customer
customers Function per resource
e.g. customer
GET /custs/:id
Get customer
ditto
Nanoservices POST /custs
Add customer
create-cust Function per endpoint
e.g. add customer
GET /custs/:id
Get customer
get-cust
Choice affects cold start, monitoring, separate deployment, …
Nanoservices model very common 100s – 1000s of cloud resources
16. Automation Tools
• Cloud Resource Provisioning
• Important resources
• IAM access controls
• Serverless "frameworks"
• Deploy functions
• Provision resources bound to functions
• Easy 'build, deploy, test' for developers
• Configuration management
• Parameter model + templating
• Developer laptops, Jenkins, ELK
• Pure templating tools also relevant
AWS SAM
17. Environments and Naming
• Stage environment
• All resources include stage env name
• Examples: devfrisby, staging, prod
• Serverless Framework – uses 'stage' in all resources
• Very quick and cheap to create and destroy
• Personal environment in cloud, limited isolation
• Core environment:
• AWS account
• Limit blast radius
• Supports various stage envs
• Examples: dev, test, prod
• IAM roles - assume-role from master account
• Define naming rules for everything
18. Monitoring, Logging, Observability
• No server or network monitoring needed!
• No servers to install agents on …
• May need 'middleware hook' on every function
• Monitor app health & performance
• IOPipe, Dashbird, Epsagon, Thundra, …
• Some direct, some via CloudWatch
• Logging – CloudWatch Logs, ELK/EFK
• Debugging
• Distributed tracing – AWS XRay
• Observability – Honeycomb
• Charity Majors talk
Monitoring = unit tests for ops
Observability = debugging tool for ops
19. Cold Start on AWS Lambda (1)
• Cold start delays on first run
• 100 ms for Node/Python "hello world"
• Several sec for Java/C# with low RAM
• Warm start – no extra delay
• Can cache data per function instance
• Reduce cold start time
• Allocate more memory/CPU
• Strip out unused code
• Reduce scope of functions
• Reduce cold start frequency
• Increase scope of functions
• Function warming (concurrent)
20. Cold Start on AWS Lambda (2)
• More cold start delays
• DBs: creating a connection (MySQL, MongoDB, etc)
– 100s of ms
• Can also overwhelm RDS with too many connections
• VPCs: creating ENI (approx. 7-10 sec latency)
• Possible solutions
• DB connection caching + pooling using Lambda:
• Cache connection in function's warmed state
• Lambda concurrency limit to avoid overwhelming RDS
• Avoid VPCs for interactive functions
• DBs with connectionless APIs – e.g. DynamoDB
21. Security and Secrets
• No servers to secure & patch!
• No servers to run security agents …
• May need 'middleware hook'
• Tools:
• AWS CloudTrail - auditing AWS operations
• CloudTracker - analyze CloudTrail -> least-privilege
IAM policies
• AWS Guard Duty - intrusion detection
• AWS Macie – check for sensitive info in S3
• AWS Config – check configs
• Puresec – learn app behavior and block attacks
• Secret management
• AWS Parameter Store or Secrets Manager
25. "Backendless" web apps
Goal: no backend code – not even FaaS
• Frontend-centric
• Origin: mobile backend services - e.g. Firebase and Parse
• Smart frontend app + BaaS only
• Background processing may still use FaaS
• Much lower costs
• 400K users for $100/month – Mindmup app, Gojko Adzic
• Leverage client hardware
• Gojko Adzic talk: https://www.youtube.com/watch?v=Xi_WrinvTnM
• Forrest Brazeal blog post: https://read.acloud.guru/why-do-you-care-so-much-about-your-backend-when-your-customers-dont-
81f4e6433593
26. DevOps – Key Elements
• whole team collaborating
• deploy very frequently
• automate repeated work
• MTTR >> MTBF
• business-focused monitoring
• continuous learning and
improvement
27. Ops != Server Management
Operations is the constellation of your org's technical skills, practices,
and cultural values around designing, building, scaling and maintaining
systems.
-- Charity Majors, @mipsytipsy
Ops is the process of
delivering value to users
Editor's Notes
DevOps engineer, working on serverless, container-based and server-centric projects.
Talking about serverless and its impact on DevOps tools and techniques, based on a current fintech project.
So what is serverless? Well, a vast amount of security, scalability and managing failover is someone else's problem – Amazon and others will take care of this with serverless, rather than giving you a virtual server to manage.
This includes choosing the IaaS instance type, OS image, installing dependencies, creating filesystems, configuring databases, and ensuring security updates – all handled by the cloud provider.
Serverless is like PaaS, only more so – you just deploy app code as stateless functions. The difference is auto scaling and high availability – the cloud provider runs as many servers as you need.
FaaS = run single stateless function, as many copies as needed - no problem with Wall of Traffic - very good for spiky workloads
Triggered by events such as an API Gateway request, or a file being uploaded to S3.
The other part of serverless is BaaS = object storage, databases, authentication, … all run by the cloud provider so you don't have to.
Most servers are mostly idle, like this guy. A key part of serverless is that you don't pay for idle time. Just pay as you go, for the compute and storage you use.
As with a well-managed Kubernetes cluster, the servers run by Amazon or Microsoft "run hot" at 90% plus utilization, reducing the price you pay for functions.
Ref: https://www.slideshare.net/NCore1/unite-2017-going-serverless-gertjan-vanthienen slide 2 - servers are 30% idle generally, and on AWS it's over 90%.
So serverless has many benefits for scaling, security and so on. The question is: does this mean Less Ops or No Ops?
There are a few Serverless people who say that "DevOps is the new legacy" due to serverless – this seems to be due to equating DevOps with server management.
For a good review of what DevOps is, see https://puppet.com/blog/what-is-devops
These are areas for a pure serverless environment, without any containers, servers, VPNs or VPCs (virtual networks).
Configuration management – this particularly focuses on managing a tree of complex parameters, defining them in a structure that is DRY yet still allows local variations for specific projects or tasks (e.g. upgrading Node.js version in one dev environment before promoting to test environment.) These parameters are used by almost every part of the DevOps solution including tools such as Terraform, Ansible, Serverless Framework, etc.
Cloud resource provisioning – some data-centric resources that aren't owned by a single serverless function should be owned by an infra provisioning process – e.g. databases, critical storage buckets, event stores, and message queues. This provides clear ownership and avoids accidental deletion if a function that owns the resource is deleted.
Application Cost Management – given the PAYG model for serverless, it's possible to have big surprises in costs, depending on traffic volume and how the app is coded, but it's also possible to drill into a large amount of granular cost data to optimize this. Tooling in this area is still immature, and there is not even a good term for it.
All of this should of course use infrastructure as code, for the normal reasons, and be usable in multi environments so that new DevOps code can be tested safely without impacting the main dev/test/prod environments.
Convergence of CaaS and serverless is one way that long-running functions and lower-latency can be supported
Background processing for apps, or ops tasks such as backups and disk space pruning, are often an easy way into serverless.
I believe that DevOps is not disappearing, but evolving in response to some of the new challenges as you move into the serverless world, to make sure your app *keeps working* in production.
With the nanoservices model, each serverless function is an independent unit, acting as a nanoservice, not just a microservice. That's great for scaling, but you now have more to monitor and configure than before.
Serverless deployment frameworks are crucial to manage the large number of cloud resources if your serverless app is adopting the Nanoservices model, and arguably also if you use the Microservices model, due to proliferation of development environments (covered later).
Pure templating tools such as j2cli (based on Jinja2) might also be relevant instead of configuration management (CM) tools, if you don't have a very large and complex set of parameters to manage. However, any use of servers will require a CM tool alongside cloud resource provisioning tools.
Blast radius – Lambda concurrency limits, security breaches, etc have a limited impact if there is less in each AWS account, i.e. one per core environment. Hence we would use assume-role from a master AWS account, allowing a single set of AWS credentials to access the required target account (core environment).
Why deploy to a stage env even when developing?
Access to full range of BaaS services for integration testing during development (using S3, DBs, message queues, etc), without writing mocks
Ensures that everyone deploys frequently,to cloud, which makes development closer to production – hence some key operability characteristics are more likely to be thought about earlier in software lifecycle (DevOps style)
You still need to detect your app isn't working, or is too slow - so monitoring and logging remain crucial. Some people run a separate ELK stack with serverless on AWS, to provide richer searching and analysis than CloudWatch logs allow.
The complexity of serverless architectures also drives the need for observability, which lets you drill down into really hard bugs in production, by capturing rich data that's easily analysed.
With function warming, it's important that it's concurrent – if the traffic to a certain function requires N concurrent instances of the function, you must ensure that you invoke it (in warming mode) concurrently in a small enough window that you get N instances. Some discussions of function warming don't address this point.
Function consolidation means putting otherwise separate requests into a single larger function so that it's more likely to be "naturally warm" – this can work, but can mean slower cold starts when they do occur.
ENI = elastic network interface. Lambda functions can optionally be placed into a VPC to access its servers, or linked VPCs (on-premise servers, or DBaaS such as Amazon RDS or MongoDB Atlas)
DB connection reaping – various approaches including https://www.jeremydaly.com/manage-rds-connections-aws-lambda/
or just use the connection caching approach on slide which will ensure no more than N connections with a function concurrency limit of N.
need to consider what happens when AWS kills a warm function (after some hours) – this may leave an open DB connection in the DB server, so connection reaping may be required then.
Serverless has real benefits for developers and the business – running those invisible servers is "someone else's problem", and you get a lot of security, scalability and high availability for free.
"Don't Pay for Idle" is a key point, giving huge cost savings and letting you manage application costs at a granular level.
Far from disappearing, DevOps is already evolving to meet the challenges of serverless.
This has been a very quick tour of how Serverless is changing DevOps. Thank you!
deploy very frequently (e.g. daily or faster)
small batch sizes – make small changes to software
automate repeated work
automated testing
automated deployment (servers, cloud resources and apps)
whole team collaborating
not just tools
focus on time to repair more than time between failures
rapid recovery
business-focused monitoring
monitor highest value first
Continuous learning and improvement – rapid iteration and feedback to improve Devops mettrics