The document discusses using Kubernetes as an orchestrator for A10 Lightning Controller. Some key points:
1) Kubernetes allows for automatic recovery of pods on failure, easy rolling upgrades of code, and automated scaling of microservices.
2) Using Kubernetes allows the controller to be deployed on-premise and scaled across multiple VMs, with automated launching and scaling. Installation is also now independent of the underlying infrastructure.
3) The journey involved moving from a manual deployment to a Kubernetes deployment, which simplified overlay networking, environment variable passing, and simplified adding/replacing nodes.
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleRightScale
We highlight solutions to common Docker challenges that you may encounter as you move from initial experiments toward full-fledged Docker adoption. At RightScale, we’ve been sharing our lessons learned as we move toward a fully containerized environment leveraging a “sea of containers.” We’re now in the middle stages of that journey and will share some of the challenges we’ve encountered and how we’ve overcome them.
This presentation was made by Mangesh Patankar (Developer Advocate - IBM Cloud) as part of Container Conference 2018: www.containerconf.in.
"How do we make microservices resilient and fault-tolerant? How do we enforce policy decisions, such as fine-grained access control and rate limits? How do we enable timeouts/retries, health checks, etc.?
A service-mesh architecture attempts to resolve these issues by extracting the common resiliency features needed by a microservices framework away from the applications and frameworks and into the platform itself. Istio provides an easy way to create this service mesh."
See Webinar Recording at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=11
Get up to speed with the basics of cloud networking, including network setup, VPC, routing, and switching between multiple subnets.
In this presentation, we will discuss various aspects of how networking varies within the cloud, including:
1. Basic networking and how it maps to the cloud
2. Various Cloud networking concepts that allow customers to design their own network within the cloud
3. Run through examples of basic network setup, VPC, Routing, and switching between multiple subnets
4. Network security with security groups and VPN
More Webinars: https://resource.alibabacloud.com/webinar/index.htm
Server Load Balancer: www.alibabacloud.com/product/server-load-balancer
VPC: www.alibabacloud.com/product/vpc
Express Connect: www.alibabacloud.com/product/express-connect
VPN Gateway: www.alibabacloud.com/product/vpn-gateway
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...Docker, Inc.
I would like to introduce Elara, which is a centralized storage solution for building a huge container-based cloud platform and it can work as a Docker volume plugin.
Elara can work with openstack (Cinder, Manila, Swift) and storages such as SAN and NAS, it has several advantages:
- No central control node (Decentralized)
- Microservice architecture
- Supports Docker volume plugin with extended volume operations (snapshot, migration, QoS etc.)
- Supports different kinds of backend storage including block device, filesystem storage and object storage
- Supports storage resource scheduler (storage pools)
- Easy to install and use
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleRightScale
We highlight solutions to common Docker challenges that you may encounter as you move from initial experiments toward full-fledged Docker adoption. At RightScale, we’ve been sharing our lessons learned as we move toward a fully containerized environment leveraging a “sea of containers.” We’re now in the middle stages of that journey and will share some of the challenges we’ve encountered and how we’ve overcome them.
This presentation was made by Mangesh Patankar (Developer Advocate - IBM Cloud) as part of Container Conference 2018: www.containerconf.in.
"How do we make microservices resilient and fault-tolerant? How do we enforce policy decisions, such as fine-grained access control and rate limits? How do we enable timeouts/retries, health checks, etc.?
A service-mesh architecture attempts to resolve these issues by extracting the common resiliency features needed by a microservices framework away from the applications and frameworks and into the platform itself. Istio provides an easy way to create this service mesh."
See Webinar Recording at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=11
Get up to speed with the basics of cloud networking, including network setup, VPC, routing, and switching between multiple subnets.
In this presentation, we will discuss various aspects of how networking varies within the cloud, including:
1. Basic networking and how it maps to the cloud
2. Various Cloud networking concepts that allow customers to design their own network within the cloud
3. Run through examples of basic network setup, VPC, Routing, and switching between multiple subnets
4. Network security with security groups and VPN
More Webinars: https://resource.alibabacloud.com/webinar/index.htm
Server Load Balancer: www.alibabacloud.com/product/server-load-balancer
VPC: www.alibabacloud.com/product/vpc
Express Connect: www.alibabacloud.com/product/express-connect
VPN Gateway: www.alibabacloud.com/product/vpn-gateway
A New Centralized Volume Storage Solution for Docker and Container Cloud by W...Docker, Inc.
I would like to introduce Elara, which is a centralized storage solution for building a huge container-based cloud platform and it can work as a Docker volume plugin.
Elara can work with openstack (Cinder, Manila, Swift) and storages such as SAN and NAS, it has several advantages:
- No central control node (Decentralized)
- Microservice architecture
- Supports Docker volume plugin with extended volume operations (snapshot, migration, QoS etc.)
- Supports different kinds of backend storage including block device, filesystem storage and object storage
- Supports storage resource scheduler (storage pools)
- Easy to install and use
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaHostedbyConfluent
Streaming architectures have been on the rise steadily and as a result, we have seen the adoption of Kafka go up too. With the diverse spread of use cases across multiple industries, we have seen a variety of Kafka deployments across our hundreds of Kafka customers. Along the way, we have learnt some best practices as well as what not to do in mission-critical architectures. Join Joe Niemiec, Sr. Product Manager at Cloudera, as he shares these insights in this session that covers topics such as - The many ways that Kafka has been deployed in the field Standalone clusters, multiple clusters in a single data center and multiple clusters geographically distributed performing replication Clusters of all sizes small and large, few messages to hundreds of thousands per second Discussion about architecture failure domains Configurations tuned and used in specific deployments
Launch and Scale Your E-commerce Website with MagentoAlibaba Cloud
See webinar recording of this presentation at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=29
Setting up an e-commerce website with the right level of scalability, global reach, and performance to evolve with your own business growth can be a difficult challenge for most SMEs. In this webinar, you will learn how to quickly deploy a global, scalable, and highly available e-commerce website on the cloud with the popular e-commerce tool Magento.
This presentation will also give you a hands-on understanding of Alibaba Cloud SAS (Simple Application Server) service to conveniently deploy an e-commerce website and how to configure Magento to fit your business needs.
About Simple Application Server
Simple Application Server optimizes the user experience of setting up a simple application by making it easy for entry-level users to use cloud computing products. It provides one-click application deployment and supports domain name resolution, website publishing, security, and application management.
Responding to Digital Transformation With RDS Database TechnologyAlibaba Cloud
See Webinar Recording at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=30
Learn how your business can gain an advantage and utilize ApsaraDB for RDS to enhance data flexibility, security, performance, and stability amid the backdrop of digital transformation.
Chen Zhaoshang of the Alibaba Cloud Database Product team will share how traditional industries can meet database challenges and leverage distributed architecture transformation using MySQL and other open technologies to reduce the overall cost of ownership and realize cross-data-center disaster tolerance deployment while ensuring data consistency. He will also share how to ensure database security databases and alleviate concerns about data migration to the cloud.
ApsaraDB for RDS: www.alibabacloud.com/product/apsaradb-for-rds
More Webinars: https://resource.alibabacloud.com/webinar/index.htm
Guaranteed Event Delivery with Kafka and NodeJS | Amitesh Madhur, NutanixHostedbyConfluent
The business systems of an organization are a continuous source of events. Each system also needs to know about events happening in the other systems. Exchanging these events through direct API calls creates a web of inter-dependencies, is fragile and fails to scale. We examine how this problem can be solved through the use of right integration patterns implemented as a light-weight event hub that leverages the power of Kafka and Confluent to operate at enterprise scale. We demonstrate how JavaScript with its event-driven programming model can be a good fit for implementing an event hub that ensures guaranteed message delivery in the face of failures within the individual subscriber systems.
Many organizations having large engineering teams skilled in NodeJS and a multitude of NodeJs applications. We show how these teams can easily leverage the power of Kafka and scale their applications with the right architectural building blocks. We also offer insights from our own experience of building NodeJS based Kafka applications.
Building an Event-oriented Data Platform with Kafka, Eric Sammer confluent
While we frequently talk about how to build interesting products on top of machine and event data, the reality is that collecting, organizing, providing access to, and managing this data is where most people get stuck. Many organizations understand the use cases around their data – fraud detection, quality of service and technical operations, user behavior analysis, for example – but are not necessarily data infrastructure experts. In this session, we’ll follow the flow of data through an end to end system built to handle tens of terabytes an hour of event-oriented data, providing real time streaming, in-memory, SQL, and batch access to this data. We’ll go into detail on how open source systems such as Hadoop, Kafka, Solr, and Impala/Hive are actually stitched together; describe how and where to perform data transformation and aggregation; provide a simple and pragmatic way of managing event metadata; and talk about how applications built on top of this platform get access to data and extend its functionality.
Attendees will leave this session knowing not just which open source projects go into a system such as this, but how they work together, what tradeoffs and decisions need to be addressed, and how to present a single general purpose data platform to multiple applications. This session should be attended by data infrastructure engineers and architects planning, building, or maintaining similar systems.
Better, faster, cheaper infrastructure with apache cloud stack and riak cs reduxJohn Burwell
Software is eating infrastructure. Migrating reliability and
scalability responsibilities up the stack from specialized hardware to software, cloud orchestration platforms such as Apache CloudStack (ACS) and object stores such as Riak CS increase the utilization and density of compute and storage resources by dynamically shifting workloads based on demand. Together, these platform can saturate compute and storage of 1000s of commodity hosts with strong operational visibility and end-user self-service.
This presentation explores cloud design strategies to achieve high availability and reliability using commodity components. It then applies these strategies using Apache CloudStack and Riak CS.
La agilidad y disponibilidad de la nube así como las constantes demandas de velocidad de los negocios, han provocado el surgimiento de aplicaciones basadas en microservicios. En esta charla veremos cómo utilizar esta arquitectura en Azure.
Azure Cosmos DB Kafka Connectors | Abinav Rameesh, MicrosoftHostedbyConfluent
Kafka Connectors are used extensively in data migration solutions, serving as a middle tier when migrating data across databases. In addition, microservice architectures also use Kafka Connectors heavily when communicating with one another while still operating independently on their own data stores. In this talk, we cover these use cases in more detail along with a deep dive into the architecture of the source and sink Kafka Connectors for Cosmos DB.
The Road Most Traveled: A Kafka Story | Heikki Nousiainen, AivenHostedbyConfluent
When moving to a cloud native architecture Moogsoft knew they needed more scale than Rabbit could provide. Moogsoft moved into Kafka which is known for quick writing and driving heavy event driven workloads on top of niceties such as replayability. Choosing the tool was easy, finding a vendor that ticked all their boxes was not. They needed to ensure scalability, upgradability, builds via existing IAC pipelines, and observability via existing tools. When Moogsoft found Aiven, they were impressed with their offering and ability to scale on demand. During this presentation we will explore how Moogsoft used Aiven for Kafka to manage and scale their data in the cloud.
Mainframe Integration, Offloading and Replacement with Apache Kafka | Kai Wae...HostedbyConfluent
Legacy migration is a journey. Mainframes cannot be replaced in a single project. A big bang will fail. This has to be planned long-term.
Mainframe offloading and replacement with Apache Kafka and its ecosystem can be used to keep a more modern data store in real-time sync with the mainframe, while at the same time persisting the event data on the bus to enable microservices, and deliver the data to other systems such as data warehouses and search indexes.
This session walks through the different steps some companies are already gone through. Technical options like Change Data Capture (CDC), MQ, and third-party tools for mainframe integration, offloading and replacement are explored.
The Mushroom Cloud Effect or What Happens When Containers Fail? by Alois Mayr...Docker, Inc.
Micro service architectures result in up to 20 times larger environments than their monolithic counterparts. In such big and interconnected environments container metrics will tell you about infrastructure health but not service health. Even if you have implemented service health checks to quickly react on service failures, in a resilient system you will see intermediary mushroom cloud effects of a large number of services being affected temporarily. How do you find out what really caused the problem and how to distinguish effect vs. cause?
In this session we will do post-mortem analysis by walking through different cases of failures we've observed in a real-world large e-commerce production environment and show you how to figure out what actually caused the failures.
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaHostedbyConfluent
Streaming architectures have been on the rise steadily and as a result, we have seen the adoption of Kafka go up too. With the diverse spread of use cases across multiple industries, we have seen a variety of Kafka deployments across our hundreds of Kafka customers. Along the way, we have learnt some best practices as well as what not to do in mission-critical architectures. Join Joe Niemiec, Sr. Product Manager at Cloudera, as he shares these insights in this session that covers topics such as - The many ways that Kafka has been deployed in the field Standalone clusters, multiple clusters in a single data center and multiple clusters geographically distributed performing replication Clusters of all sizes small and large, few messages to hundreds of thousands per second Discussion about architecture failure domains Configurations tuned and used in specific deployments
Launch and Scale Your E-commerce Website with MagentoAlibaba Cloud
See webinar recording of this presentation at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=29
Setting up an e-commerce website with the right level of scalability, global reach, and performance to evolve with your own business growth can be a difficult challenge for most SMEs. In this webinar, you will learn how to quickly deploy a global, scalable, and highly available e-commerce website on the cloud with the popular e-commerce tool Magento.
This presentation will also give you a hands-on understanding of Alibaba Cloud SAS (Simple Application Server) service to conveniently deploy an e-commerce website and how to configure Magento to fit your business needs.
About Simple Application Server
Simple Application Server optimizes the user experience of setting up a simple application by making it easy for entry-level users to use cloud computing products. It provides one-click application deployment and supports domain name resolution, website publishing, security, and application management.
Responding to Digital Transformation With RDS Database TechnologyAlibaba Cloud
See Webinar Recording at https://resource.alibabacloud.com/webinar/detail.htm?webinarId=30
Learn how your business can gain an advantage and utilize ApsaraDB for RDS to enhance data flexibility, security, performance, and stability amid the backdrop of digital transformation.
Chen Zhaoshang of the Alibaba Cloud Database Product team will share how traditional industries can meet database challenges and leverage distributed architecture transformation using MySQL and other open technologies to reduce the overall cost of ownership and realize cross-data-center disaster tolerance deployment while ensuring data consistency. He will also share how to ensure database security databases and alleviate concerns about data migration to the cloud.
ApsaraDB for RDS: www.alibabacloud.com/product/apsaradb-for-rds
More Webinars: https://resource.alibabacloud.com/webinar/index.htm
Guaranteed Event Delivery with Kafka and NodeJS | Amitesh Madhur, NutanixHostedbyConfluent
The business systems of an organization are a continuous source of events. Each system also needs to know about events happening in the other systems. Exchanging these events through direct API calls creates a web of inter-dependencies, is fragile and fails to scale. We examine how this problem can be solved through the use of right integration patterns implemented as a light-weight event hub that leverages the power of Kafka and Confluent to operate at enterprise scale. We demonstrate how JavaScript with its event-driven programming model can be a good fit for implementing an event hub that ensures guaranteed message delivery in the face of failures within the individual subscriber systems.
Many organizations having large engineering teams skilled in NodeJS and a multitude of NodeJs applications. We show how these teams can easily leverage the power of Kafka and scale their applications with the right architectural building blocks. We also offer insights from our own experience of building NodeJS based Kafka applications.
Building an Event-oriented Data Platform with Kafka, Eric Sammer confluent
While we frequently talk about how to build interesting products on top of machine and event data, the reality is that collecting, organizing, providing access to, and managing this data is where most people get stuck. Many organizations understand the use cases around their data – fraud detection, quality of service and technical operations, user behavior analysis, for example – but are not necessarily data infrastructure experts. In this session, we’ll follow the flow of data through an end to end system built to handle tens of terabytes an hour of event-oriented data, providing real time streaming, in-memory, SQL, and batch access to this data. We’ll go into detail on how open source systems such as Hadoop, Kafka, Solr, and Impala/Hive are actually stitched together; describe how and where to perform data transformation and aggregation; provide a simple and pragmatic way of managing event metadata; and talk about how applications built on top of this platform get access to data and extend its functionality.
Attendees will leave this session knowing not just which open source projects go into a system such as this, but how they work together, what tradeoffs and decisions need to be addressed, and how to present a single general purpose data platform to multiple applications. This session should be attended by data infrastructure engineers and architects planning, building, or maintaining similar systems.
Better, faster, cheaper infrastructure with apache cloud stack and riak cs reduxJohn Burwell
Software is eating infrastructure. Migrating reliability and
scalability responsibilities up the stack from specialized hardware to software, cloud orchestration platforms such as Apache CloudStack (ACS) and object stores such as Riak CS increase the utilization and density of compute and storage resources by dynamically shifting workloads based on demand. Together, these platform can saturate compute and storage of 1000s of commodity hosts with strong operational visibility and end-user self-service.
This presentation explores cloud design strategies to achieve high availability and reliability using commodity components. It then applies these strategies using Apache CloudStack and Riak CS.
La agilidad y disponibilidad de la nube así como las constantes demandas de velocidad de los negocios, han provocado el surgimiento de aplicaciones basadas en microservicios. En esta charla veremos cómo utilizar esta arquitectura en Azure.
Azure Cosmos DB Kafka Connectors | Abinav Rameesh, MicrosoftHostedbyConfluent
Kafka Connectors are used extensively in data migration solutions, serving as a middle tier when migrating data across databases. In addition, microservice architectures also use Kafka Connectors heavily when communicating with one another while still operating independently on their own data stores. In this talk, we cover these use cases in more detail along with a deep dive into the architecture of the source and sink Kafka Connectors for Cosmos DB.
The Road Most Traveled: A Kafka Story | Heikki Nousiainen, AivenHostedbyConfluent
When moving to a cloud native architecture Moogsoft knew they needed more scale than Rabbit could provide. Moogsoft moved into Kafka which is known for quick writing and driving heavy event driven workloads on top of niceties such as replayability. Choosing the tool was easy, finding a vendor that ticked all their boxes was not. They needed to ensure scalability, upgradability, builds via existing IAC pipelines, and observability via existing tools. When Moogsoft found Aiven, they were impressed with their offering and ability to scale on demand. During this presentation we will explore how Moogsoft used Aiven for Kafka to manage and scale their data in the cloud.
Mainframe Integration, Offloading and Replacement with Apache Kafka | Kai Wae...HostedbyConfluent
Legacy migration is a journey. Mainframes cannot be replaced in a single project. A big bang will fail. This has to be planned long-term.
Mainframe offloading and replacement with Apache Kafka and its ecosystem can be used to keep a more modern data store in real-time sync with the mainframe, while at the same time persisting the event data on the bus to enable microservices, and deliver the data to other systems such as data warehouses and search indexes.
This session walks through the different steps some companies are already gone through. Technical options like Change Data Capture (CDC), MQ, and third-party tools for mainframe integration, offloading and replacement are explored.
The Mushroom Cloud Effect or What Happens When Containers Fail? by Alois Mayr...Docker, Inc.
Micro service architectures result in up to 20 times larger environments than their monolithic counterparts. In such big and interconnected environments container metrics will tell you about infrastructure health but not service health. Even if you have implemented service health checks to quickly react on service failures, in a resilient system you will see intermediary mushroom cloud effects of a large number of services being affected temporarily. How do you find out what really caused the problem and how to distinguish effect vs. cause?
In this session we will do post-mortem analysis by walking through different cases of failures we've observed in a real-world large e-commerce production environment and show you how to figure out what actually caused the failures.
Monitoring, Logging and Tracing on KubernetesMartin Etmajer
In this presentation, I'll describe a variety of tools, like the Kubernetes Dashboard, Heapster, Grafana, Fluentd, Elasticsearch, Kibana, Jolokia and OpenTracing to bring Monitoring, Logging and Tracing to the Kubernetes container platform.
More tips and tricks for running containers like a pro - Rancher Online MEetu...Shannon Williams
Whether you’re a longtime container user, or entirely new to Docker, it’s never too late to pick up more tips and tricks for running containers in production. In the February 2017 online Rancher meetup, we covered four topics useful for anyone managing containers and infrastructure at scale.
- Autoscaling Docker containers and infrastructure with webhooks in Rancher
- Secrets Management with Rancher and Vault
- Getting the most out of containers and the Traefik load balancer
- Launching applications with Kubernetes Dashboard and Helm
You can find a recording of the meetup at: http://rancher.com/event/february-2017-online-meetup/
Smuggling Multi-Cloud Support into Cloud-native Applications using Elastic Co...Nane Kratzke
Elastic container platforms (like Kubernetes, Docker Swarm, Apache Mesos) fit very well with existing cloud-native application architecture approaches. So it is more than astonishing, that these already existing and open source available elastic platforms are not considered more consequently for multi-cloud approaches. Elastic container platforms provide inherent multi-cloud support that can be easily accessed. We present a solution proposal of a control process which is able to scale (and migrate as a side effect) elastic container platforms across different public and private cloud-service providers. This control loop can be used in an execution phase of self-adaptive auto-scaling MAPE loops (monitoring, analysis, planning, execution). Additionally, we present several lessons learned from our prototype implementation which might be of general interest for researchers and practitioners. For instance, to describe only the intended state of an elastic platform and let a single control process take care to reach this intended state is far less complex than to define plenty of specific and necessary multi-cloud aware workflows to deploy, migrate, terminate, scale up and scale down elastic platforms or applications.
We're really happy to say that today we made the first meetup about Kubernetes in Russia! Thanks to all speakers and guests! Join us: https://twitter.com/kubernetesMSK
We're really happy to say that today we made the first meetup about Kubernetes in Russia! Thanks to all speakers and guests! Join us: https://twitter.com/kubernetesMSK
With so many different tools at our disposable, how do you pick which ones to learn? At our latest meetup for Denver Code Club, we explored some best practices on evaluating new technology and how you can choose the right tools for you.
Bitnami, Deis, Google and the Kubernetes community have been working on developing Helm, a tool for streamlining the deployment of containerized applications on Kubernetes. Bitnami currently offers a set of Helm packages, known as charts, to make it easy to deploy your favorite open source applications on Kubernetes with a single command. Join our webinar to learn how to quickly get started with Helm:
In this webinar you will learn:
- How to deploy Kubernetes-native applications
- How to manage the lifecycle of applications on Kubernetes using Helm
- The benefits of using Bitnami Helm Charts
- The best practices we've learned while creating and configuring - Bitnami Helm charts
- How to get started with Bitnami Helm Charts
Bangalore Container Conference 2017 (BCC '17) is the first conference on container technologies in India. Organizations are increasingly adopting containers and related technologies in production. Hence, the main focus of this conference is “Containers in Production”. This one-day conference sets the perfect stage for container enthusiasts, developers, users and experts to meet together and learn from each others experiences. This deck provides details for sponsoring the conference.
Containers require a new approach to networking. How are your containers communicating with each other? This talk will go through the different network topologies of Kubernetes. How Kubernetes addresses networking compared to traditional physical networking concepts. What are your options for networking using Kubernetes. What is the CNI (Container Network Interface) and how it affects Kubernetes networking.
Secure Your Containers: What Network Admins Should Know When Moving Into Prod...Cynthia Thomas
This session offers techniques for securing Docker containers and hosts using open source network virtualization technologies to implement microsegmentation. Come learn real tips and tricks that you can apply to keep your production environment secure.
If you are considering a lift-and-shift from on-prem to public cloud, this talk is for you. Our team runs a centralized build farm for Nokia's software division. The build farm consists of a fleet of Jenkins Masters, a Kubernetes cluster, artifact storage, and various back-office services for monitoring and automation. This talk gives an overview of how we migrated our build farm from an on-prem OpenStack-based datacenter to AWS. It was a successful migration, but we made several mistakes along the way and would like to share what we learned.
Stack: Ansible, AWX, Terraform, Jenkins, Artifactory, Prometheus, Grafana, Elasticsearch, Kubernetes, AWS EKS
https://cfp.cfgmgmtcamp.be/2020/talk/EGJCKT/
DockerCon SF 2015 : Reliably shipping containers in a resource rich world usi...Docker, Inc.
Slides from Diptanu Choudhury's talk at DockerCon SF 2015
Talk Description:
Netflix has a complex micro-services architecture that is operated in an active-active manner from multiple geographies on top of AWS. Amazon gives us the flexibility to tap into massive amounts of resources, but how we use and manage those is a constantly evolving and ever-growing task. We have developed Titan to make cluster management, application deployments using Docker and process supervision much more robust and efficient in terms of CPU/memory utilization across all of our servers in different geographies.
Titan, a combination of Docker and Apache Mesos, is an application infrastructure gives us a highly resilient and dynamic PAAS, that is native to public clouds and runs across multiple geographies. It makes it easy for us to manage applications in our complex infrastructure and gives us the ability to make changes in the IAAS layer without impacting developer productivity or sacrificing insight into our production infrastructure.
DevOps Fest 2019. Stanislav Kolenkin. Сonnecting pool Kubernetes clusters: Fe...DevOps_Fest
On this IT sense, we will talk about the Federation.
The Federation is a very flexible tool for connecting several clusters and gives us a lot possibilities in K8s control.
With the help of the Federation, we can easily:
- sync resources across clusters
- cross cluster discovery
We will also discuss how to connect several Kubernetes clusters into one network, how to reach services in each Kubernetes cluster...
CloudZone's Meetup at Google offices, 20.08.2018
Covering Google Cloud Platform Kubernetes Engine in Depth, including networking, compute, storage, monitoring & logging
Provided an overview about Hybrid Networking including Containers and VM. It also touches upon opensource solutions like Openstack Kuryr, Opendaylight.
AWS re:Invent 2016: Advanced Tips for Amazon EC2 Networking and High Availabi...Amazon Web Services
In this session, we focus on designing for high availability, with evaluation criteria for using services and features such as Amazon Route 53, Elastic Load Balancing, Auto Scaling, route tables, network interfaces, device clustering, and the Transit VPC architecture. We also explore how to create highly available networking between regions as well as on-premises.
(SACON) Anand Tapikar - Attack vectors of Kubernetes infra. Are we on right ...Priyanka Aash
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. K8s groups containers that make up an application into logical units for easy management and discovery. It was originally designed by Google and is now maintained by the Cloud Native Computing Foundation. As organizations accelerate their adoption of containers and container orchestrators, they will need to take necessary steps to protect such a critical part of their compute infrastructure.
How this topic is relevant 1 out of 5 organization going for container installation Container security attack vectors are rising Recently major vulnerability discovered in containers and got good media attention Duration (Mentioned on sacon.io, if not as per program committee call).
Simplify Your Way To Expert Kubernetes ManagementDevOps.com
Kubernetes is a deep and complex technology that is evolving fast with new functionality and a growing ecosystem of cloud-native solutions. While the public cloud delivers an almost frictionless user experience, configuring and managing a production Kubernetes environment is an enormous technical challenge for the majority of enterprises that choose to do so on premises. Without the right approach, operationalizing Kubernetes in the data center can take upwards of 6 months, jeopardizing developer productivity and speed-to-market.
In this webinar, you’ll learn from Nutanix cloud native experts on how to fast-track your way to operationalizing a production-ready Kubernetes environment on-prem.
Specifically, we’ll talk about:
How containerized applications use IT resources (and why legacy infrastructure isn’t built for Kubernetes);
The main advantages of running Kubernetes on prem (as part of a multi-cloud strategy);
Key aspects of Kubernetes lifecycle management that greatly benefit from automation.
Migration of an Enterprise UI Microservice System from Cloud Foundry to Kuber...Tony Erwin
Presented at Open Source Summit Japan with Jonathan Schweikhart on June 21, 2018.
Abstract: The 40 Node.js microservices making up the IBM Cloud UI historically have been deployed as apps on Cloud Foundry (CF), an open source PaaS. But, recently, this enterprise microservice system has been migrated to run on Kubernetes to take advantage of improved orchestration, higher availability, and better performance. Tony Erwin & Jonathan Schweikhart will discuss their team's journey and provide you with insights into the advantages of Kube over CF. Even more importantly, they will describe approaches to solving new problems that took the place of old ones, such as: 1) adapting PaaS apps to run as containers on Kube, 2) enabling geo load balancing between the different runtimes (to vette Kube before completely turning off CF), 3) integrating tools like Prometheus into existing monitoring systems, and more! Their team's first-hand experiences will help you avoid pitfalls as you prepare your own migrations to Kube!
Link to Info on Talk: https://ossalsjp18.sched.com/event/EaYj/migration-of-an-enterprise-ui-microservice-system-from-cloud-foundry-to-kubernetes-tony-erwin-jonathan-schweikhart-ibm?iframe=no
NOTE: CF is always evolving and the limitations on private networking and private host names mentioned in the slides are no longer current. If you have access to CF API 2.115.0 or higher (released on June 25, 2018), you can leverage CF's service discovery feature (see https://docs.cloudfoundry.org/devguide/deploy-apps/cf-networking.html#discovery ).
Our webinar presents a critical analysis of serverless technology and our thoughts about its future. We use Emerging Technology Analysis Canvas (ETAC), a framework built to analyze emerging technologies, as the methodology of our study. Based on our analysis, we believe that serverless can significantly impact applications and software development workflows.
We’ve also made two further observations:
Limitations, such as tail latencies and cold starts, are not deal breakers for adoption. There are significant use cases that can work with existing serverless technologies despite these limitations.
We see a significant gap in required tooling and IDE support, best practices, and architecture blueprints. With proper tooling, it is possible to train existing enterprise developers to program with serverless. If proper tools are forthcoming, we believe serverless can cross the chasm in 3-5 years.
A detailed analysis can be found here: A Survey of Serverless: Status Quo and Future Directions. Join our webinar as we discuss this study, our conclusions, and evidence in detail.
Flying to clouds - can it be easy? Cloud Native ApplicationsJacek Bukowski
Nowadays "cloud" and "microservice" terms are used all the time, even overused. Does any system must be the "microservices" deployed in the "cloud"? Definitely not! However once you see that your system may benefit from that architecture, the next question is how to get there - how to fly to the clouds?
Spring was always about simplifying the complicated aspects of your enterprise system. Netflix went to microservice architecture long before this term even was created. Both are very much contributed to open source software. How can you benefit from joint forces of the both?
Similar to Kubernetes as Orchestrator for A10 Lightning Controller (20)
Sphinx is the open-source tool for converting reStructured Text into various formats for publishing product documentation. This deck talks about getting started with authoring documentation using Sphinx
This presents challenges faced by a large FinTech company adopting Kubernetes/Container and cloud environment for deploying their application with very high level of security .
Other than technical challenges, this also talks about non-tech challenges faced by various stakeholders during the adoption. Talks about entire journey from decision making to deploying a full automated deployment environment, CI/CD pipeline, devops processes etc.
Security and Observability of Application Traffic in KubernetesAkshay Mathur
Advance Load Balancers in containerized form can provide security and observability into traffic, improve application response time and lower down overall operational burden.
In Kubernetes env East-West traffic security and access control between microservices is very important especially when it is done effectively without imposing a lot of cost overhead.
Solution for using AWS cloud on the fly for an application deployed in data centre. Dynamically start additional instance in AWS using monitoring and triggers from A10 Lightning Application Delivery Service (ADS) and AWS Lambda.
Shared Security Responsibility Model of AWSAkshay Mathur
I heard many people saying that they need not worry about security of their application (or it is automatically PCI compliant) just because the application is hosted in AWS EC2.
This was presented in AWS meetup to make it clear to audience that security is shared responsibility. While AWS takes care of security at L1 & L2 and provide tools for L3 & L4, we need to take care of security at L7 (Application layer)
This is an effort towards teaching Angular JS from what an average Javascript developer already know. The presentation tries to fill the gap rather than posing Angular as a magical framework.
Creating Single Page Web App using Backbone JSAkshay Mathur
This was presented during the workshop on the topic. The complete code of the app that was created during the workshop is available at Github https://github.com/mathurakshay/explore-venues
This is the content of first workshop os a 3 workshop series for learning to create Single Page Web Apps.
This focuses on introducing the HTML, CSS and Javascript to the newbies.
MongoDB is a popular NoSQL database. This presentation was delivered during a workshop.
First it talks about NoSQL databases, shift in their design paradigm, focuses a little more on document based NoSQL databases and tries drawing some parallel from SQL databases.
Second part, is for hands-on session of MongoDB using mongo shell. But the slides help very less.
At last it touches advance topics like data replication for disaster recovery and handling big data using map-reduce as well as Sharding.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
4. Why we thought of Kubernetes
• On failure, K8s brings up the pod automatically
• Rolling upgrade of code can be done easily
• Scaling policy can be setup to scale each micro service as needed
• Pod health can be monitored easily and acted upon
5. What we achieved at high level
• Controller was only available as SaaS
• Launch and Scaling was manual
• Installation was dependent on
underlying infrastructure platform
• Controller is available for on-premise
• It can be scaled from One VM to
Multiple depending on use case
• Launch and Scaling is automated
• Installation is independent of underlying
infrastructure platform
From AWS VMs to K8s Containers in Multiple Environments
6. Current Environment for Controller
• Kubernetes core components
• Kube-dns – Internal DNS service
• Flannel – Overlay networking
• Heapster – Monitoring of pods
• Kubernetes Dashboard - Helps monitoring the pods
• jq – Programmatically Editing JSONs for K8s objects
7. The Journey: From to
• Everything was manual to start with
• Selecting Master and Minion
• Mapping node port to container port
• Cross node communication Configuration
• Limitations Realized
• Cant run same type of pod on one node
• Packaging and distribution issues e.g. build process automation
• Data loss when node stops
8. The Journey: From to
• Second Level Issues – After some level of simplifications
• Cumbersome overlay network configuration
• Passing env info to pod – Startup script env variables are not scalable
• Installation was still too many steps
• Thought for Future – Solved now
• Adding node to the K8s cluster when more capacity is needed
• Migrating static IP of the node to other node when node is replaced
• Adding component in future with minimal change in existing components
9. Design Choices
• Keep all micro-services as is
• One K8s service per micro-service
• One pod per k8s deployment
• Multiple services exposed externally
• Continue to use third-party registry service
• Kubernetes Registry Service can be used instead of third-party
10. Accessing Micro Services
• Multiple micro services of Controller are required to be accessed from
outside
• Micro services accessing each other also can’t depend on IP address
• Kubernetes Services and kube-dns allow fixing name as well as a fixed IP
address for each service
• All internal access (between components) is using service name
• Service IP is mapped to Node IP for all external access
• Public static IP is assigned to the node for external access
11. Simplifying Networking
• Each pod gets the IP address that is internal to the node
• Overlay networking facilitates communication between pods across nodes
• Flannel creates an overlay network that spans across nodes
• Each pod gets IP address from same subnet
• This subnet is internal to the K8s cluster
• This provides seamless communication between pods across nodes
• Private Subnet for Service IPs is configured in K8s configuration
13. Persisting Data
• Pods may come and go or can spawn across nodes
• Persistence is required for maintaining the state across reboots or across
clusters
• NFS, AWS EBS, GCE Persistent Disk or Azure Disk can be used as K8s
Persistent Volume (PV)
• In K8s Deployment object, ‘PV Claims’ can be done by each Pod, as needed
• K8s provides PV matching the Claim to the Pod
• This mounts the PV file system into container’s file system
15. Deploying Clustered Applications
• Cluster application (e.g. datastores) each pod need to know about other pod
running same application
• Such applications needs to be deployed using K8s Stateful Set
• K8s Stateful Set provide fixed names for each instance/pod
• PV Claims in each instance of Stateful Set also have fixed names
• Having fix names help a lot in the configuration and functioning of clustered
applications
• When the application requires more capacity, it is easy to add
16. We do many exciting things
You can join the team
mshah@a10networks.com
amathur@a10networks.com
Thanks
Editor's Notes
External access
Least expensive and can be used across clouds
Drawback is node monitoring