Mike Tougeron from Adobe presented lessons learned from implementing Kubernetes across 7 data centers over 7 months. Some key lessons included the importance of communication, defining responsibilities, and training for abstracting Kubernetes resources. Additional lessons focused on code pipelines to production, ensuring applications work well on Kubernetes through metrics and monitoring, and performing cluster upgrades carefully. Managing applications and infrastructure across multiple clouds also presented challenges addressed.
Kubernetes - 7 lessons learned from 7 data centers in 7 monthsMichael Tougeron
Learn from the rapid journey that Adobe Advertising Cloud took to reach a multi-cloud/multi-region deployment and the lessons learned along the way. Mike will cover 7 challenging scenarios with StatefulSets, GitOps, autoscaling for machine learning and auto-remediation. Go behind the scenes of the wins & failures to see how the engineering and platform teams prevented the derailing of their Kubernetes journey. From developing with spot instances in dev to multi-cloud in production, the cloud platform team has dealt with an interesting set of challenges. As Mike will show, even challenging requirements can lead to successful deployments.
An intro to serverless and OpenWhisk for Kafka usersDale Lane
My talk from Kafka Summit London 2019. It's aimed at Kafka users who want to know what the serverless buzz is all about, with an explanation of what it's for, and a quick crash course in how to get started with Apache OpenWhisk.
Video at https://dalelane.co.uk/blog/?p=3769
Video: https://youtu.be/U4cHbXYy1FQ
How to combine traditional IT governance with continuous delivery? Not At All!
A highly automated continuous deployment environment creates a whole new world of challenges for companies to meet their compliance and governance requirements. Traditional - manual - processes don’t manage to keep up with quick and frequent releases.
The solution to this conflict of interests is the automation of all compliance checks and the automated certification of every software delivery into production. Sounds obvious and simple, but it is difficult to implement.
The talk shows how we tackle this topic at DB Systel and how we create solutions for automated compliance certification.
See https://bit.ly/5pdops for more materials and the 5 DevOps Principles
Wie passt klassische IT Governance zu Continuous Delivery? Gar nicht!
Eine hochgradig automatisierte Continuous Deployment Welt stellt die Firma vor ganz neue Herausforderungen im Bereich Compliance und Governance. Klassische - manuelle - Prozesse kommen den schnellen und häufigen Releases gar nicht mehr hinterher. Die Lösung ist die Automation aller Governance prüfungen und die automatisierte Zertifizierung jeder Softwarelieferung. Das klingt banal und einfach, ist im Detail jedoch nicht einfach umzusetzen.
Der Vortrag zeigt am konkreten Beispiel der DB Systel, wie wir das Thema angehen und Lösungen für die automatisierte Zertifizierung geschaffen haben.
This presentation covers the following
Overview of AWS Developer Tools like AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy and AWS CodePipeline. Implementation of CI CD workflow with a 3 stage CodePipeline; 1. Pull the source code from two different repositories for WebApplication & Infrastructure Code
2. Compile the code, generate artifact and upload to S3
3. Spin up the infrastructure using Cloud Formation Template followed WebApplication Deployment using the Artifact stored in S3.
Walkthrough of buildspec and appspec files, Debugging Build & Deployment, Rollback of deployment and how to gauge the metrics to DevOps.
Kubernetes - 7 lessons learned from 7 data centers in 7 monthsMichael Tougeron
Learn from the rapid journey that Adobe Advertising Cloud took to reach a multi-cloud/multi-region deployment and the lessons learned along the way. Mike will cover 7 challenging scenarios with StatefulSets, GitOps, autoscaling for machine learning and auto-remediation. Go behind the scenes of the wins & failures to see how the engineering and platform teams prevented the derailing of their Kubernetes journey. From developing with spot instances in dev to multi-cloud in production, the cloud platform team has dealt with an interesting set of challenges. As Mike will show, even challenging requirements can lead to successful deployments.
An intro to serverless and OpenWhisk for Kafka usersDale Lane
My talk from Kafka Summit London 2019. It's aimed at Kafka users who want to know what the serverless buzz is all about, with an explanation of what it's for, and a quick crash course in how to get started with Apache OpenWhisk.
Video at https://dalelane.co.uk/blog/?p=3769
Video: https://youtu.be/U4cHbXYy1FQ
How to combine traditional IT governance with continuous delivery? Not At All!
A highly automated continuous deployment environment creates a whole new world of challenges for companies to meet their compliance and governance requirements. Traditional - manual - processes don’t manage to keep up with quick and frequent releases.
The solution to this conflict of interests is the automation of all compliance checks and the automated certification of every software delivery into production. Sounds obvious and simple, but it is difficult to implement.
The talk shows how we tackle this topic at DB Systel and how we create solutions for automated compliance certification.
See https://bit.ly/5pdops for more materials and the 5 DevOps Principles
Wie passt klassische IT Governance zu Continuous Delivery? Gar nicht!
Eine hochgradig automatisierte Continuous Deployment Welt stellt die Firma vor ganz neue Herausforderungen im Bereich Compliance und Governance. Klassische - manuelle - Prozesse kommen den schnellen und häufigen Releases gar nicht mehr hinterher. Die Lösung ist die Automation aller Governance prüfungen und die automatisierte Zertifizierung jeder Softwarelieferung. Das klingt banal und einfach, ist im Detail jedoch nicht einfach umzusetzen.
Der Vortrag zeigt am konkreten Beispiel der DB Systel, wie wir das Thema angehen und Lösungen für die automatisierte Zertifizierung geschaffen haben.
This presentation covers the following
Overview of AWS Developer Tools like AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy and AWS CodePipeline. Implementation of CI CD workflow with a 3 stage CodePipeline; 1. Pull the source code from two different repositories for WebApplication & Infrastructure Code
2. Compile the code, generate artifact and upload to S3
3. Spin up the infrastructure using Cloud Formation Template followed WebApplication Deployment using the Artifact stored in S3.
Walkthrough of buildspec and appspec files, Debugging Build & Deployment, Rollback of deployment and how to gauge the metrics to DevOps.
Ever wondered what makes a cloud-native application “cloud-native”? Ever wondered what the unique challenges are and how best to address them on fully-open Java technologies? In this workshop, you’ll learn what it means to be cloud-native and how that impacts application development. You’ll learn about Eclipse MicroProfile, an industry collaboration defining technologies for the development and management of cloud-native microservices. With a full set of MicroProfile workshop modules available to you, you’ll be able to start with the basics of REST services and progress to more advanced topics, or you can jump right in and develop secure, fault tolerant, configurable and monitorable microservices.
Once you’ve developed your microservice, you’ll learn how to package it in a Docker container and deploy it to a Kubernetes cluster. Finally, you’ll learn the role OpenShift the hybrid cloud enterprise container platform. You'll deploy your application, scale it up and create routes that allow you to manage traffic to and from your deployments.
A look at the reason why software testing is important, and ways to streamline our efforts. These slides outline how MicroShed Testing can be applied for testing enterprise Java applications easily. For more information, visit https://microshed.org/microshed-testing/
Enabling and accelerating multi-tenancy with Capgemini Digital Cloud Platform...Capgemini
For de-centralized organizations, multiple cloud instances and databases can drive up costs, limit scalability and maintainability, and prevent growth. In this session, you’ll learn how to enable and accelerate multi-tenancy for optimal performance and efficiency. You’ll hear lessons and best practices from Capgemini’s work implementing multi-tenancy at the infrastructure, platform, and application levels while ensuring seamless operation across any cloud environment thanks to Red Hat OpenShift. There will also be a discussion of how accelerators like Capgemini’s Digital Cloud Platform can cut time to market by up to 50%. Learn more: https://www.capgemini.com/service/cloud-services/cloud-native-powered-by-red-hat/
So you want to provision a test environment...DevOps.com
With cloud technologies, it’s easier than ever to provision a couple of servers. It seems every cloud has its own way of expressing an environment definition as a file. However, teams that are just scripting their infrastructure encounter problems. How do you manage costs? How do you share services with other teams? What about getting test data? How do you manage complexity? What happens when you want to be in multiple clouds?
That simple text document starts to look insufficient.
Join IBM’s Bill Stoddard and Eric Minick for a look at what it really takes to create environments on demand that are actually useful and to get into production faster. In this webinar, we will highlight common “gotchas” that trip teams up and how to set a path for success.
With this support you would be able to have the basic of Azure and you will have the necessary knowledge to take the AZ900 Microsoft Azure Fundamentals Exam.
This support is a summary from the path Azure fundamentals in Microsoft Learn: https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/.
Azure Day Rome Reloaded 2019 - Cloud Journey – FastTrack for Azureazuredayit
Starting from a scenario with obsolete legacy infrastructure services, we moved the entire .NET application landscape to Azure Platform as a Service.
The migration strategy was based on Azure Database Migration and was completed in a month and a half using Azure PaaS (Database as a Service, App Service and Application Gateway).
With minimal application changes, we were able to provide workload optimization, management optimization and Infrastructure as Code, which resulted in a reduction in the number of servers (from 30 to 5), in management effort (-70%) and in deployment time for the client.
A Toolchain for Lean Architecture at American AirlinesShahir Daya
IBM Think 2019 session: At American Airlines, we have been undergoing a significant microservices transformation, leveraging the latest in IBM Cloud and Agile. Ensuring that leading architectural practices were embedded into our approach was critical for the successes we have realized. The practices needed to be lean to be effective and not cause a drag on shipping code. In this talk, we will describe the architectural practices such as maintaining an architecture backlog, making architectural decisions, tracking technical debt, etc. and how we have been using GitHub and other tools to enable these practices.
Multi cloud costs how to leverage insight and avoid overspendingAppvia
A comprehensive walkthrough discussing public cloud pricing, challenges, solutions and best practices on how to save up to 70% on cloud spend. Featuring Kore Cost - multi cloud (AWS, GCP, Azure) cost predictions at the point of provisioning, and actual spend breakdown analysis.
Watch full webinar here: https://www.appvia.io/cloud-costs
Learn more about Kore and Kore Cost at https://www.appvia.io/solutions/kore
React Native App Development in 2023-Tips to Practice.pdfTechugo
Cross-platform development is not a new trend. However, it is a necessity in modern app development. React Native, a cross-platform tool, allows you to create mobile apps for Android and IOS at the same time. The framework should be familiar to developers.
Ensure the integration of Microservices with Consumer Driven ContractsIngo Griebsch
These slides provide a first overview of how to ensure the integration of Microservices with Consumer Driven Contracts.
The slides are intended primarily for people who previously have little or no experience with the subject, but want to get an overview of the subject, without having too much to deal with the technical details.
https://www.learntek.org/azure-training/
Learntek is global online training provider on Big Data Analytics, Hadoop, Machine Learning, Deep Learning, IOT, AI, Cloud Technology, DEVOPS, Digital Marketing and other IT and Management courses.
https://www.learntek.org/azure-training/
Learntek is global online training provider on Big Data Analytics, Hadoop, Machine Learning, Deep Learning, IOT, AI, Cloud Technology, DEVOPS, Digital Marketing and other IT and Management courses.
In this session we talk about how IBM Services and Research have partnered to apply new approaches to migration including AI planning, pattern-driven automation and machine learning to simplify the migration process—from the pre-migration assessment phase to pattern-driven automation of the execution.
Is expanding your company's presence in the target market your goal? Increasing your reach and the visibility of your business is your only goal, regardless of whether you are an enterprise, SMB, or startup preparing to launch a new product.
How IBM is helping developers win the race to innovate with next-gen cloud se...Michael Elder
In the race to transform, enterprises employ cloud to deliver innovation and stay ahead of the competition. New services are built natively on cloud, but what about the 80% of enterprise applications that have not yet moved to the cloud.
In this session, we'll answer these questions: How do I integrate next-gen technology like Blockchain, Watson IoT, and Data &AI into my new applications? How do I make multicloud an advantage instead of adding new complexity?
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif A.
Arif PhD deals with how efficiently applications are deployed in distributed fog environments. A short abstract of the thesis is given below:
Fog computing architectures are composed of a large number of machines distributed across a geographical area such as a city or a region. In this context it is important to support a quick startup of applications deployed in the for of docker containers. This thesis explores the reasons for slow deployment and identifies three improvement opportunities: (1) improving the Docker cache hit rate; (2) speed-up the image installation operation; and (3) accelerate the application boot phase after the creation of a container.
CI/CD Best Practices for Your DevOps JourneyDevOps.com
The journey to realizing DevOps in any organization is fraught with a number of obstacles for developers and other stakeholders. These challenges are often caused by key CI/CD practices being misunderstood, partially implemented or even completely skipped. Now, as the industry positions itself to build on DevOps practices with a Software Delivery Management strategy, it’s more important than ever that we implement CI/CD best practices, and prepare for the future.
Join host Mitchell Ashely, and CloudBees’ Brian Dawson, DevOps evangelist, and Doug Tidwell, technical marketing director, as they explore and review the CI/CD best practices which serve as your stepping stones to DevOps and a successful Software Delivery Management strategy.
The webinar will cover CI/CD best practices including:
Containers and environment management
Continuous delivery or deployment
Movement from Dev to Ops
By the end of the webinar, you’ll understand the key steps for implementing CI/CD and powering your journey to DevOps and beyond.
Ever wondered what makes a cloud-native application “cloud-native”? Ever wondered what the unique challenges are and how best to address them on fully-open Java technologies? In this workshop, you’ll learn what it means to be cloud-native and how that impacts application development. You’ll learn about Eclipse MicroProfile, an industry collaboration defining technologies for the development and management of cloud-native microservices. With a full set of MicroProfile workshop modules available to you, you’ll be able to start with the basics of REST services and progress to more advanced topics, or you can jump right in and develop secure, fault tolerant, configurable and monitorable microservices.
Once you’ve developed your microservice, you’ll learn how to package it in a Docker container and deploy it to a Kubernetes cluster. Finally, you’ll learn the role OpenShift the hybrid cloud enterprise container platform. You'll deploy your application, scale it up and create routes that allow you to manage traffic to and from your deployments.
A look at the reason why software testing is important, and ways to streamline our efforts. These slides outline how MicroShed Testing can be applied for testing enterprise Java applications easily. For more information, visit https://microshed.org/microshed-testing/
Enabling and accelerating multi-tenancy with Capgemini Digital Cloud Platform...Capgemini
For de-centralized organizations, multiple cloud instances and databases can drive up costs, limit scalability and maintainability, and prevent growth. In this session, you’ll learn how to enable and accelerate multi-tenancy for optimal performance and efficiency. You’ll hear lessons and best practices from Capgemini’s work implementing multi-tenancy at the infrastructure, platform, and application levels while ensuring seamless operation across any cloud environment thanks to Red Hat OpenShift. There will also be a discussion of how accelerators like Capgemini’s Digital Cloud Platform can cut time to market by up to 50%. Learn more: https://www.capgemini.com/service/cloud-services/cloud-native-powered-by-red-hat/
So you want to provision a test environment...DevOps.com
With cloud technologies, it’s easier than ever to provision a couple of servers. It seems every cloud has its own way of expressing an environment definition as a file. However, teams that are just scripting their infrastructure encounter problems. How do you manage costs? How do you share services with other teams? What about getting test data? How do you manage complexity? What happens when you want to be in multiple clouds?
That simple text document starts to look insufficient.
Join IBM’s Bill Stoddard and Eric Minick for a look at what it really takes to create environments on demand that are actually useful and to get into production faster. In this webinar, we will highlight common “gotchas” that trip teams up and how to set a path for success.
With this support you would be able to have the basic of Azure and you will have the necessary knowledge to take the AZ900 Microsoft Azure Fundamentals Exam.
This support is a summary from the path Azure fundamentals in Microsoft Learn: https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/.
Azure Day Rome Reloaded 2019 - Cloud Journey – FastTrack for Azureazuredayit
Starting from a scenario with obsolete legacy infrastructure services, we moved the entire .NET application landscape to Azure Platform as a Service.
The migration strategy was based on Azure Database Migration and was completed in a month and a half using Azure PaaS (Database as a Service, App Service and Application Gateway).
With minimal application changes, we were able to provide workload optimization, management optimization and Infrastructure as Code, which resulted in a reduction in the number of servers (from 30 to 5), in management effort (-70%) and in deployment time for the client.
A Toolchain for Lean Architecture at American AirlinesShahir Daya
IBM Think 2019 session: At American Airlines, we have been undergoing a significant microservices transformation, leveraging the latest in IBM Cloud and Agile. Ensuring that leading architectural practices were embedded into our approach was critical for the successes we have realized. The practices needed to be lean to be effective and not cause a drag on shipping code. In this talk, we will describe the architectural practices such as maintaining an architecture backlog, making architectural decisions, tracking technical debt, etc. and how we have been using GitHub and other tools to enable these practices.
Multi cloud costs how to leverage insight and avoid overspendingAppvia
A comprehensive walkthrough discussing public cloud pricing, challenges, solutions and best practices on how to save up to 70% on cloud spend. Featuring Kore Cost - multi cloud (AWS, GCP, Azure) cost predictions at the point of provisioning, and actual spend breakdown analysis.
Watch full webinar here: https://www.appvia.io/cloud-costs
Learn more about Kore and Kore Cost at https://www.appvia.io/solutions/kore
React Native App Development in 2023-Tips to Practice.pdfTechugo
Cross-platform development is not a new trend. However, it is a necessity in modern app development. React Native, a cross-platform tool, allows you to create mobile apps for Android and IOS at the same time. The framework should be familiar to developers.
Ensure the integration of Microservices with Consumer Driven ContractsIngo Griebsch
These slides provide a first overview of how to ensure the integration of Microservices with Consumer Driven Contracts.
The slides are intended primarily for people who previously have little or no experience with the subject, but want to get an overview of the subject, without having too much to deal with the technical details.
https://www.learntek.org/azure-training/
Learntek is global online training provider on Big Data Analytics, Hadoop, Machine Learning, Deep Learning, IOT, AI, Cloud Technology, DEVOPS, Digital Marketing and other IT and Management courses.
https://www.learntek.org/azure-training/
Learntek is global online training provider on Big Data Analytics, Hadoop, Machine Learning, Deep Learning, IOT, AI, Cloud Technology, DEVOPS, Digital Marketing and other IT and Management courses.
In this session we talk about how IBM Services and Research have partnered to apply new approaches to migration including AI planning, pattern-driven automation and machine learning to simplify the migration process—from the pre-migration assessment phase to pattern-driven automation of the execution.
Is expanding your company's presence in the target market your goal? Increasing your reach and the visibility of your business is your only goal, regardless of whether you are an enterprise, SMB, or startup preparing to launch a new product.
How IBM is helping developers win the race to innovate with next-gen cloud se...Michael Elder
In the race to transform, enterprises employ cloud to deliver innovation and stay ahead of the competition. New services are built natively on cloud, but what about the 80% of enterprise applications that have not yet moved to the cloud.
In this session, we'll answer these questions: How do I integrate next-gen technology like Blockchain, Watson IoT, and Data &AI into my new applications? How do I make multicloud an advantage instead of adding new complexity?
Arif's PhD Defense (Title: Efficient Cloud Application Deployment in Distrib...Arif A.
Arif PhD deals with how efficiently applications are deployed in distributed fog environments. A short abstract of the thesis is given below:
Fog computing architectures are composed of a large number of machines distributed across a geographical area such as a city or a region. In this context it is important to support a quick startup of applications deployed in the for of docker containers. This thesis explores the reasons for slow deployment and identifies three improvement opportunities: (1) improving the Docker cache hit rate; (2) speed-up the image installation operation; and (3) accelerate the application boot phase after the creation of a container.
CI/CD Best Practices for Your DevOps JourneyDevOps.com
The journey to realizing DevOps in any organization is fraught with a number of obstacles for developers and other stakeholders. These challenges are often caused by key CI/CD practices being misunderstood, partially implemented or even completely skipped. Now, as the industry positions itself to build on DevOps practices with a Software Delivery Management strategy, it’s more important than ever that we implement CI/CD best practices, and prepare for the future.
Join host Mitchell Ashely, and CloudBees’ Brian Dawson, DevOps evangelist, and Doug Tidwell, technical marketing director, as they explore and review the CI/CD best practices which serve as your stepping stones to DevOps and a successful Software Delivery Management strategy.
The webinar will cover CI/CD best practices including:
Containers and environment management
Continuous delivery or deployment
Movement from Dev to Ops
By the end of the webinar, you’ll understand the key steps for implementing CI/CD and powering your journey to DevOps and beyond.
Similar to Kubernetes for Developers - 7 lessons learned from 7 data centers in 7 months (meetup) (20)
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Adobe Advertising Cloud allows you to manage video, display, and search advertising across traditional TV and digital formats.
./deploy-ami.py master --context aws-lab
Repeat, repeat, repeat
There's always a medium that someone doesn't read even if they are supposed to
Shout it from the mountain top
Still drives me nuts
Deploybot deploys yaml after being committed to git
Team A wrote app, Team X had failure, Who gets alerts?
Assumptions made by all parties involved
Same type of problem with Registry server
All boils down to lack of communication
Don’t have good answer for everyone
Balance is key to success
Crucial to success
Slow pipeline slows down adoption & Creates friction
Easy pipeline creates the “that’s it?” question far too often :)
We chose canary - app teams are not far enough to support cross-cluster LB
Most data warehousing and analytics processing happens in AWS
Bidding and ad serving then happen in via one of our six Openstack regions throughout the world
Allows us the best of both worlds
Burstable compute and storage when we need it
Cheap, fast, low-latency compute that the majority of our workload needs
We re-used much of the AWS code, and adapted it to be modular based on the target cloud
Consistency across clusters and clouds
Write once, target
OSSIA – Open Stack Simple Inventory API
Written in-house by Mykola Moglyenko
Allows us to tag pods by their physical location in the cage, and make decisions that evenly spread out workloads
Adobe will be open-sourcing this tool this spring
Does a fixed hostname make a difference? For example zookeeper
How does the app/service save its state? In memory or on disk?
What about cluster data? Is it sharded? Replicated?
How well does it handle rescheduling?
How do other applications or teams access the app/service?
How many people have run an elasticsearch cluster, or at least know about elasticsearch?
We followed a blog post to set it up in K8s.
Not a bad thing! We just didn’t think in a kubernetes way
It looked like this.
This lived in our AWS cluster, where our ML jobs causing a lot of auto-scaling up and down
Fair amount of volatility
When we first deployed it, it worked!
Then we upgraded our nodes, which meant draining and replacing them one at a time
Lots of app rescheduling
Lots of autoscaler activity
While deploying new worker images to our nodes, we noticed this happening to elasticsearch
Everything was suddenly in CLBO
Unassigned primary and replicas
When we got things back up, we found we had lost 7% of our data (this was in dev)
Converted es-master deployment to a StatefulSet
Makes sure that master nodes are gracefully removed and re-added, without impacting quorum
Adjusted cluster deployment scripts
Respect the pod disruption budget for longer timeouts
Pre-cordon nodes
Increase size of cluster before draining nodes
Disabled the cluster-autoscaler (so the cluster will stay inflated)