Kubernetes Networking with Cilium - Deep DiveMichal Rostecki
Cilium is open source software for providing and transparently securing network connectivity and load balancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to protect and secure use of modern application protocols such as HTTP, gRPC and Kafka. The foundation of Cilium is the new Linux kernel technology BPF which supports the dynamic insertion of BPF bytecode into the Linux kernel at various integration points. This presentation reveals the secrets of Kubernetes networking and gives you a deep dive into Cilium and why it is awesome!
Kubernetes Networking with Cilium - Deep DiveMichal Rostecki
Cilium is open source software for providing and transparently securing network connectivity and load balancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to protect and secure use of modern application protocols such as HTTP, gRPC and Kafka. The foundation of Cilium is the new Linux kernel technology BPF which supports the dynamic insertion of BPF bytecode into the Linux kernel at various integration points. This presentation reveals the secrets of Kubernetes networking and gives you a deep dive into Cilium and why it is awesome!
Secured (Kerberos-based) Spark Notebook for Data Science: Spark Summit East t...Spark Summit
This presentation will provide technical design and development insights in order to set up a Kerberosied (secured) JupyterHub notebook using Spark. Joy will show how Bloomberg set up the Kerberos-based Spark-notebook-integrating JupyterHub, Sparkmagic, and Levy. Sparkmagic provides the Spark kernel for Scala and Python. Livy is one of the most promising open source software to allow to submit Spark jobs over http-based REST interfaces. In this presentation, Joy will highlight the capabilities of Sparkmagic and Livy, along with the gap or development required in order to integrate the software seamlessly to work with your secured Spark cluster. The Kerberos integration techniques that he’ll discuss can be applied to other types of authenticators, such as OAuth. No prior knowledge of any of these technologies is requied in order to understand this presentation.
Cluster API によるKubernetes環境のライフサイクル管理とマルチクラウド環境での適用Motonori Shindo
Cluster API は Kubernetes の宣言的APIとリソースの管理機能を活かし、Kubernetes環境のライフサイクル管理を行うもので、Kubernetesコミュニティで仕様の策定と開発が進められています。
これまでもKubernetes環境の構築を支援するツールはいくつかありましたが、Cluster APIはコミュニティからの大きな支持を得ており、Cluster APIのエコシステムが広がりつつあります。
本セッションでは Cluster API の概要と最新の動向、また、Cluster APIを利用した大規模マルチクラウド環境への適用などをデモを交えながら解説を行います。
本資料はCloud Operator Days Tokyo 2020登壇時の資料です。
A Quick introduction to the Rancher container orchestration system given at hiQ Labs. Rancher allows teams to quickly roll out containerized services in a sane and scalable way!
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
On-Demand Recording: https://www.nginx.com/resources/webinars/high-performance-load-balancing/
Join this webinar to learn:
* How to configure basic HTTP load balancing features
* The essential elements of load balancing: session persistence, health checks, and SSL termination
* How to load balance MySQL, DNS, and other common TCP/UDP applications
* How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
About the webinar
You’ve built a great application and it’s gaining in popularity. Or maybe you already have a hardware load balancer and you’re looking to replace it with a software solution. In this webinar we’ll share the latest information on how to scale-out and load balance your applications with NGINX and NGINX Plus.
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
Join this webinar to learn:
- How to configure basic HTTP load balancing features
- The essential elements of load balancing: session persistence, health checks, and SSL termination
- How to load balance MySQL, DNS, and other common TCP/UDP applications
- How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
Secured (Kerberos-based) Spark Notebook for Data Science: Spark Summit East t...Spark Summit
This presentation will provide technical design and development insights in order to set up a Kerberosied (secured) JupyterHub notebook using Spark. Joy will show how Bloomberg set up the Kerberos-based Spark-notebook-integrating JupyterHub, Sparkmagic, and Levy. Sparkmagic provides the Spark kernel for Scala and Python. Livy is one of the most promising open source software to allow to submit Spark jobs over http-based REST interfaces. In this presentation, Joy will highlight the capabilities of Sparkmagic and Livy, along with the gap or development required in order to integrate the software seamlessly to work with your secured Spark cluster. The Kerberos integration techniques that he’ll discuss can be applied to other types of authenticators, such as OAuth. No prior knowledge of any of these technologies is requied in order to understand this presentation.
Cluster API によるKubernetes環境のライフサイクル管理とマルチクラウド環境での適用Motonori Shindo
Cluster API は Kubernetes の宣言的APIとリソースの管理機能を活かし、Kubernetes環境のライフサイクル管理を行うもので、Kubernetesコミュニティで仕様の策定と開発が進められています。
これまでもKubernetes環境の構築を支援するツールはいくつかありましたが、Cluster APIはコミュニティからの大きな支持を得ており、Cluster APIのエコシステムが広がりつつあります。
本セッションでは Cluster API の概要と最新の動向、また、Cluster APIを利用した大規模マルチクラウド環境への適用などをデモを交えながら解説を行います。
本資料はCloud Operator Days Tokyo 2020登壇時の資料です。
A Quick introduction to the Rancher container orchestration system given at hiQ Labs. Rancher allows teams to quickly roll out containerized services in a sane and scalable way!
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
On-Demand Recording: https://www.nginx.com/resources/webinars/high-performance-load-balancing/
Join this webinar to learn:
* How to configure basic HTTP load balancing features
* The essential elements of load balancing: session persistence, health checks, and SSL termination
* How to load balance MySQL, DNS, and other common TCP/UDP applications
* How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
About the webinar
You’ve built a great application and it’s gaining in popularity. Or maybe you already have a hardware load balancer and you’re looking to replace it with a software solution. In this webinar we’ll share the latest information on how to scale-out and load balance your applications with NGINX and NGINX Plus.
Learn how to load balance your applications following best practices with NGINX and NGINX Plus.
Join this webinar to learn:
- How to configure basic HTTP load balancing features
- The essential elements of load balancing: session persistence, health checks, and SSL termination
- How to load balance MySQL, DNS, and other common TCP/UDP applications
- How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment
Introduction to Infrastructure as Code & Automation / Introduction to ChefAll Things Open
All Things Open 2014 - Day 2
Thursday, October 23rd, 2014
Nathen Harvey
Co-Host of Food Fight Show & Director of Community and #LEARNCHEF / Chef
DevOps
Introduction to Infrastructure as Code & Automation / Introduction to Chef
I will be giving a brief overview of the history of NGINX along with an overview of the features and functionality in the project as it stands today. I will give some real use case of example of how NGINX can be used to solve problems and eliminate complexity within infrastructure. I will then dive into the future of the modern web and how NGINX is monitoring and leveraging industry changes to enhance the product for individuals and companies in the industry.
Securing Your Containerized Applications with NGINXDocker, Inc.
Kevin Jones, NGNIX -
NGINX is one of the most popular images on Docker Hub and has been at the forefront of the web since the early 2000's. In this talk we will discuss how and why NGINX's lightweight and powerful architecture makes it a very popular choice for securing containerized applications as a sidecar reverse proxy within containers. We will highlight important aspects of application security that NGINX can help with, such as TLS, HTTP, AuthN, AuthZ and traffic control.
In this presentation, I show the audience how to implement HTTP caching best practices in a non-intrusive way in PHP Symfony 4 code base.
This presentation focuses on topics like:
- Caching using cache-control headers
- Cache variations using the Vary header
- Conditional requests using headers like ETag & If-None-Match
- ESI discovery & parsing using headers like Surrogate-Capability & Surrogate-Control
- Caching stateful content using JSON Web Token Validation in Varnish
More information about this presentation is available at https://feryn.eu/speaking/developing-cacheable-php-applications-php-limburg-be/
Scaling out on the cloud is easy. Especially, if you have a software provisioning system that helps you to deploy your environment wherever you want. This session will give you an overview of the fantastic new features of HAProxy V 1.5, and how you can integrate it into your environment to build a high available environment, using open source software. Starting with a single-webserver + mysql setup provisioned via chef, we will deploy an HA Proxy Cluster in front and scale out your nginx and mysql database backend.
Spelix is a webapplication using PHP on the server, HTML5 and JS on the client. PHP is running as a FastCGI process serving requests via Nginx. This presentations describes some of the key-takeaways that I've learned with that project, the essentials of running Nginx with PHP, starting from the basics, but also covering techniques like Memcached or leveraging the FastCGI cache. It contains several examples and performance comparison charts.
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...KubeAcademy
Load balancing is an important part of any resilient web application. Kubernetes supports a few options for external load balancing, but they are limited in features. After a brief discussion of those options and the features they lack, we’ll show how to build an advanced load balancing solution for Kubernetes on top of NGINX, utilizing Kubernetes features including Ingress, Annotations, and ConfigMap. We’ll conclude with a demo of how to use NGINX and NGINX Plus to expose services to the Internet.
Sched Link: http://sched.co/6Bc9
NGINX: Basics & Best Practices - EMEA BroadcastNGINX, Inc.
On-demand recording: nginx.com/resources/webinars/nginx-basics-best-practices-live-emea
You have heard of NGINX and the benefits it can provide to your web application, but maybe you are not sure how to get started. There are a lot of tutorials online, but they can be outdated and contradict each other – making things more challenging.
This webinar will teach you how to:
* Install NGINX and verify it’s properly running
* Create NGINX configurations for reverse proxy, load balancing, and more
* Improve performance using keepalives and other NGINX directives
* Debug and troubleshoot using NGINX logs
NGINX Plus is often deployed in a cluster, and the new features in R16 help our customers working in a clustered environment. New features include global rate limiting, a cluster-aware key-value store, Random with Two Choices load-balancing algorithm, and more.
Join this webinar to learn:
- About the new cluster-aware features in NGINX Plus R16: global rate limiting, key-value store, and Random with Two Choices load balancing
- How to use key-value stores in use cases such as DDoS mitigation and dynamic bandwidth limiting
- About enhanced UDP load balancing, AWS PrivateLink support, and additional new features
- How the NGINX Plus R16 features behave in action, in a live demo
https://www.nginx.com/resources/webinars/whats-new-nginx-plus-r16/
Google is ranking your site higher if you have SSL installed. And now some browsers are warning us if a site is not
secure. Here is the presentation from a Meetup I lead on adding SSL to your website.
Migrating Your WordPress Site to HTTPS - Getting it right the first time Word...Paul Thompson
Discover step by step how to migrate your WordPress site to HTTPS successfully. Covers all the changes necessary ensure all functionality and SEO value is maintained during migration.
How we use Varnish at Opera Software, from the beginning (2009) to now.
Presentation hold for the 5th Varnish Users Group meeting (VUG5) held in Paris on March 22nd 2012.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
112. 112
client
server
1. query hostname
With HSTS preload list
hosts DNS
2. return ip
6. GET https
7. return page & HSTS
preload list
renderer
3.GET
page
5.is HSTS
4.query
113. 113
client
server
1. query hostname
With HSTS preload list
hosts DNS
2. return ip
6. GET https
7. return page & HSTS
preload list
renderer
3.GET
page
5.is HSTS
8.return
page 4.query
118. 118
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are
listening on port 80.
● Serve all subdomains over HTTPS.
119. 119
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are
listening on port 80.
● Serve all subdomains over HTTPS.
– In particular,you must support HTTPS for the www
subdomain if a DNS record for that subdomain exists.
120. 120
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are
listening on port 80.
● Serve all subdomains over HTTPS.
– In particular,you must support HTTPS for the www
subdomain if a DNS record for that subdomain exists.
● Serve an HSTS header on the base domain for HTTPS requests:
121. 121
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are
listening on port 80.
● Serve all subdomains over HTTPS.
– In particular,you must support HTTPS for the www
subdomain if a DNS record for that subdomain exists.
● Serve an HSTS header on the base domain for HTTPS requests:
– The max-age must be at least 31536000 seconds (1 year).
122. 122
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are
listening on port 80.
● Serve all subdomains over HTTPS.
– In particular,you must support HTTPS for the www
subdomain if a DNS record for that subdomain exists.
● Serve an HSTS header on the base domain for HTTPS requests:
– The max-age must be at least 31536000 seconds (1 year).
– The includeSubDomains directive must be specified.
123. 123
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are
listening on port 80.
● Serve all subdomains over HTTPS.
– In particular,you must support HTTPS for the www subdomain
if a DNS record for that subdomain exists.
● Serve an HSTS header on the base domain for HTTPS requests:
– The max-age must be at least 31536000 seconds (1 year).
– The includeSubDomains directive must be specified.
– The preload directive must be specified.
124. 124
Submission Requirements
● Serve a valid certificate.
● Redirect from HTTP to HTTPS on the same host, if you are listening on port 80.
● Serve all subdomains over HTTPS.
– In particular,you must support HTTPS for the www subdomain if a DNS
record for that subdomain exists.
● Serve an HSTS header on the base domain for HTTPS requests:
– The max-age must be at least 31536000 seconds (1 year).
– The includeSubDomains directive must be specified.
– The preload directive must be specified.
– If you are serving an additional redirect from your HTTPS site, that redirect
must still have the HSTS header (rather than the page it redirects to).