This document summarizes a presentation about Contiv, an open source container networking solution. It introduces Contiv as a way to define and enforce network policies across infrastructure to integrate application intent with operational intent. Key features of Contiv highlighted include providing container networking for schedulers like Kubernetes and Docker, distributed policy enforcement, integration with physical infrastructure, and supporting rich network policies, tenants, and microservices. The presentation concludes with a demo of Contiv's network isolation and policy capabilities.
Docker Enterprise Networking and Cisco Contiv - Cisco Live 2017 BRKSDN-2256Mark Church
An overview of Docker networking and how the network is impacted by the deployment of containers. This dives into the specifics of how container networking works and also how the Cisco Contiv networking plugin integrates Cisco networking policies with Docker Enterprise.
Presentation + demo at Triangle Kubernetes and Openshift Meetup June 2017. Architecture overview and live demo of Contiv open container networking project working with Red Hat Openshift Container platform.
Openstack Summit: Networking and policies across Containers and VMsSanjeev Rampal
Container networking & policies across mixed cloud environments (containers, VMs, bare metal). Talk & demo at Openstack Summit 2017 Boston.
Video recording of talk: https://www.openstack.org/videos/boston-2017/cisco-networking-policies-across-containers-and-vms
Cisco Live 2017: Container networking deep dive with Docker Enterprise Editio...Sanjeev Rampal
Deep dive into container networking for Docker EE (Enterprise Edition) using open source Contiv networking solution. Talk + demo of Docker EE Swarm mode + Contiv.
Video recording of the talk is at the Cisco Live web site. www.ciscolive.com
Networking For Nested Containers: Magnum, Kuryr, Neutron IntegrationFawad Khaliq
In the OpenStack ecosystem, containers were introduced as first class citizens recently with the project Magnum and the networking for containers has also evolved since then. Project Kuryr makes networking available to containers through Neutron. This all brings together how Neutron networking benefits containers like it does virtual machines. However, to make Neutron, Kuryr and Magnum cover all the use cases for containers, nested containers inside Nova VMs require networking to work as seamlessly as it works for virtual machines or bare metal containers. In this session, we will talk about Magnum, Kuryr, Neutron integration and how the problem of nested container networking has been solved in the OpenStack community, it's architecture, the design, current status and next steps.
Docker Enterprise Networking and Cisco Contiv - Cisco Live 2017 BRKSDN-2256Mark Church
An overview of Docker networking and how the network is impacted by the deployment of containers. This dives into the specifics of how container networking works and also how the Cisco Contiv networking plugin integrates Cisco networking policies with Docker Enterprise.
Presentation + demo at Triangle Kubernetes and Openshift Meetup June 2017. Architecture overview and live demo of Contiv open container networking project working with Red Hat Openshift Container platform.
Openstack Summit: Networking and policies across Containers and VMsSanjeev Rampal
Container networking & policies across mixed cloud environments (containers, VMs, bare metal). Talk & demo at Openstack Summit 2017 Boston.
Video recording of talk: https://www.openstack.org/videos/boston-2017/cisco-networking-policies-across-containers-and-vms
Cisco Live 2017: Container networking deep dive with Docker Enterprise Editio...Sanjeev Rampal
Deep dive into container networking for Docker EE (Enterprise Edition) using open source Contiv networking solution. Talk + demo of Docker EE Swarm mode + Contiv.
Video recording of the talk is at the Cisco Live web site. www.ciscolive.com
Networking For Nested Containers: Magnum, Kuryr, Neutron IntegrationFawad Khaliq
In the OpenStack ecosystem, containers were introduced as first class citizens recently with the project Magnum and the networking for containers has also evolved since then. Project Kuryr makes networking available to containers through Neutron. This all brings together how Neutron networking benefits containers like it does virtual machines. However, to make Neutron, Kuryr and Magnum cover all the use cases for containers, nested containers inside Nova VMs require networking to work as seamlessly as it works for virtual machines or bare metal containers. In this session, we will talk about Magnum, Kuryr, Neutron integration and how the problem of nested container networking has been solved in the OpenStack community, it's architecture, the design, current status and next steps.
DevNetCreate - ACI and Kubernetes IntegrationHank Preston
These are slides from my hands on lab workshop at DevNet Create 2019 in April. https://developer.cisco.com/devnetcreate/2019/agenda
Description:
Enterprises all over are embracing Kubernetes as the foundation for their cloud native, micro service applications. As they are, network security is becoming a top of mind question. The ACI CNI Plugin for Kubernetes brings the power of Application Centric Infrastructure (granular segmentation, robust operational visibility, and unsurpassed network performance) to the Docker container driven infrastructure of Kubernetes. In this session, you'll have a chance to see all of this in action through a guided exploration of your very own Kubernetes cluster integrated with an ACI fabric. You'll start by diving into how a typical application looks after being deployed to Kubernetes within the ACI fabric. See each individual container and pod show up within the ACI operational dashboards. Look at how the load balancing and traffic routing is handled within the network by ACI, just like any other application environment. Then begin to enhance the policies applied to the application by segmenting applications by name spaces for better isolation between running applications. But we won't stop there, before you're done you'll build contracts to explicitly control the flow of traffic between the tiers of your application to ensure business and security policies are applied to containerized applications running within Kubernetes with the same contracts and filters you're using for traditional workloads.
NetBox as the Source of Truth for Cisco NSO ConfigurationsHank Preston
NetBox “knows” how the network is supposed to be configured, and Cisco NSO can ensure that configuration is actually applied. In this talk we’ll look at an example of how this can be done, and is used in production to manage the DevNet Sandbox Network.
In DevNet Sandbox we are on a journey to adopt NetDevOps design and operational principals throughout our platform. And “journey” is the right word. Like many of you, we have to balance the innovation and modernization of the approach with day to day “keep the lights on” activities and priority projects. But one of the first things we tackled was to adopt NetBox as our Source of Truth. We knew this was critical to being able to move forward in any meaningful way.
As part of making NetBox the Source of Truth, we knew we needed to drive the network configurations pushed out to the network from NetBox directly, having a second “Source of Truth” maintained in our configuration management tool, was counter to the goals of our project. Our network configuration management tool is Cisco NSO, and it has a “Configuration Database” or CDB that could be seen as a “Source of Truth” as well. What we worked on was a way to populate the relevant parts of the CDB from NetBox.
This talk will share how we approached this challenge and how we leverage the magic of Python to bring them together. And the work isn’t done yet or perfect. A few thoughts about areas we need to improve and how we plan to move forward will also be discussed.
How we built Packet's bare metal cloud platformPacket
Overview on Packet's approach to bare metal server and network automation for our public cloud. Presented at the Downtech NY Tech meetup on May 19th, 2016
This was presented at the "Microservices for Enterprises" meetup, March 31, 2016 in Palo Alto, California.
We review the experience of deploying Project Calico in enterprise container environments, and compare/contrast with traditional virtual networking approaches.
Simple, Scalable and Secure Networking for Data Centers with Project CalicoEmma Gordon
Traditional overlay networks using VXLAN are more complicated to setup and diagnose than is necessary for the majority of data centers. Calico offers an alternative Layer 3 solution - aside from simplicity, this also offers benefits in terms of improved scale and security.
These are the Calico slides from the SDN Switzerland meetup on 13/11/2015,
Kubernetes and lastminute.com: our course towards better scalability and proc...Michele Orsi
Kubernetes adoption is straight forward when starting from scratch or in public clouds, but what the journey looks like when your starting point is a legacy infrastructure with high-traffic?
In this talk we present our experience that begun almost 1 year ago and challenged everything inside our organisation. Developer teams changed the way they work, product owners benefit from the new speed achieved and the need of new roles emerged in IT department.
We will explain our lessons learnt and the way to get the best out of this solution.
Simplifying and Securing your OpenShift Network with Project CalicoAndrew Randall
OpenShift Commons Webinar presented on March 2 2017
OpenShift networking works great out of the box, right? So why would you consider anything else? This briefing examines an alternative approach that has benefits for many scenarios – from tightly securing a few high value AWS instances to scaling a large private cloud deployment. Come learn about how how Calico differs from traditional solutions like OpenShift SDN, and see how Calico has now been integrated with Kubernetes and OpenShift to provide a smooth deployment experience, and lessons learned across hundreds of enterprise users.
Istio Triangle Kubernetes Meetup Aug 2019Ram Vennam
It's been two years since we introduced the Istio project to the Triangle Kubernetes Meetup group. This presentation will be a brief re-introduction of the Istio project, and a summary of the updates to the Istio project since its 1.0 release.
When you are designing a production environment security is essential. All the Docker ecosystem but in particular Docker Swarm allows us to ship our containers out of our laptop, how can we make this process safe? During my talk, I will share tips around production environment, immutability and how troubleshooting common attack as code injection with Docker. Static analysis of our images, content trust with Notary to make our journey secure.
How can we setup a cluster on the main cloud providers with VPN and node labeling to expose only a portion of our cluster? I will also show what Docker provides (Content Trust, Static Analysis) but also open source alternatives as Notary, centos/clair and Cilium.
In the end of this talk, we had a better idea around how manage Docker in production.
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Andrew Randall
Presentation for the London Mesos Users Meetup, 11 May 2016.
An overview of the current state of the art in container networking, with lessons learned over the last 12 months or so deploying Project Calico in the real world.
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
Contiv provides a higher level of networking abstraction for microservices: it provides built-in service discovery and service routing for scale out services, working with schedulers like Docker Swarm, Kubernetes, Mesos and Nomad. We will see some code examples, basic use cases and an easy tutorial on the web.
DevNetCreate - ACI and Kubernetes IntegrationHank Preston
These are slides from my hands on lab workshop at DevNet Create 2019 in April. https://developer.cisco.com/devnetcreate/2019/agenda
Description:
Enterprises all over are embracing Kubernetes as the foundation for their cloud native, micro service applications. As they are, network security is becoming a top of mind question. The ACI CNI Plugin for Kubernetes brings the power of Application Centric Infrastructure (granular segmentation, robust operational visibility, and unsurpassed network performance) to the Docker container driven infrastructure of Kubernetes. In this session, you'll have a chance to see all of this in action through a guided exploration of your very own Kubernetes cluster integrated with an ACI fabric. You'll start by diving into how a typical application looks after being deployed to Kubernetes within the ACI fabric. See each individual container and pod show up within the ACI operational dashboards. Look at how the load balancing and traffic routing is handled within the network by ACI, just like any other application environment. Then begin to enhance the policies applied to the application by segmenting applications by name spaces for better isolation between running applications. But we won't stop there, before you're done you'll build contracts to explicitly control the flow of traffic between the tiers of your application to ensure business and security policies are applied to containerized applications running within Kubernetes with the same contracts and filters you're using for traditional workloads.
NetBox as the Source of Truth for Cisco NSO ConfigurationsHank Preston
NetBox “knows” how the network is supposed to be configured, and Cisco NSO can ensure that configuration is actually applied. In this talk we’ll look at an example of how this can be done, and is used in production to manage the DevNet Sandbox Network.
In DevNet Sandbox we are on a journey to adopt NetDevOps design and operational principals throughout our platform. And “journey” is the right word. Like many of you, we have to balance the innovation and modernization of the approach with day to day “keep the lights on” activities and priority projects. But one of the first things we tackled was to adopt NetBox as our Source of Truth. We knew this was critical to being able to move forward in any meaningful way.
As part of making NetBox the Source of Truth, we knew we needed to drive the network configurations pushed out to the network from NetBox directly, having a second “Source of Truth” maintained in our configuration management tool, was counter to the goals of our project. Our network configuration management tool is Cisco NSO, and it has a “Configuration Database” or CDB that could be seen as a “Source of Truth” as well. What we worked on was a way to populate the relevant parts of the CDB from NetBox.
This talk will share how we approached this challenge and how we leverage the magic of Python to bring them together. And the work isn’t done yet or perfect. A few thoughts about areas we need to improve and how we plan to move forward will also be discussed.
How we built Packet's bare metal cloud platformPacket
Overview on Packet's approach to bare metal server and network automation for our public cloud. Presented at the Downtech NY Tech meetup on May 19th, 2016
This was presented at the "Microservices for Enterprises" meetup, March 31, 2016 in Palo Alto, California.
We review the experience of deploying Project Calico in enterprise container environments, and compare/contrast with traditional virtual networking approaches.
Simple, Scalable and Secure Networking for Data Centers with Project CalicoEmma Gordon
Traditional overlay networks using VXLAN are more complicated to setup and diagnose than is necessary for the majority of data centers. Calico offers an alternative Layer 3 solution - aside from simplicity, this also offers benefits in terms of improved scale and security.
These are the Calico slides from the SDN Switzerland meetup on 13/11/2015,
Kubernetes and lastminute.com: our course towards better scalability and proc...Michele Orsi
Kubernetes adoption is straight forward when starting from scratch or in public clouds, but what the journey looks like when your starting point is a legacy infrastructure with high-traffic?
In this talk we present our experience that begun almost 1 year ago and challenged everything inside our organisation. Developer teams changed the way they work, product owners benefit from the new speed achieved and the need of new roles emerged in IT department.
We will explain our lessons learnt and the way to get the best out of this solution.
Simplifying and Securing your OpenShift Network with Project CalicoAndrew Randall
OpenShift Commons Webinar presented on March 2 2017
OpenShift networking works great out of the box, right? So why would you consider anything else? This briefing examines an alternative approach that has benefits for many scenarios – from tightly securing a few high value AWS instances to scaling a large private cloud deployment. Come learn about how how Calico differs from traditional solutions like OpenShift SDN, and see how Calico has now been integrated with Kubernetes and OpenShift to provide a smooth deployment experience, and lessons learned across hundreds of enterprise users.
Istio Triangle Kubernetes Meetup Aug 2019Ram Vennam
It's been two years since we introduced the Istio project to the Triangle Kubernetes Meetup group. This presentation will be a brief re-introduction of the Istio project, and a summary of the updates to the Istio project since its 1.0 release.
When you are designing a production environment security is essential. All the Docker ecosystem but in particular Docker Swarm allows us to ship our containers out of our laptop, how can we make this process safe? During my talk, I will share tips around production environment, immutability and how troubleshooting common attack as code injection with Docker. Static analysis of our images, content trust with Notary to make our journey secure.
How can we setup a cluster on the main cloud providers with VPN and node labeling to expose only a portion of our cluster? I will also show what Docker provides (Content Trust, Static Analysis) but also open source alternatives as Notary, centos/clair and Cilium.
In the end of this talk, we had a better idea around how manage Docker in production.
Container Networking: the Gotchas (Mesos London Meetup 11 May 2016)Andrew Randall
Presentation for the London Mesos Users Meetup, 11 May 2016.
An overview of the current state of the art in container networking, with lessons learned over the last 12 months or so deploying Project Calico in the real world.
Introduction to the Container Networking and Security
Similar to Microservices and containers networking: Contiv, an industry leading open source solution from Cisco - Luca Relandini - Codemotion Amsterdam 2017
Microservices and containers networking: Contiv, an industry leading open sou...Codemotion
Contiv provides a higher level of networking abstraction for microservices: it provides built-in service discovery and service routing for scale out services, working with schedulers like Docker Swarm, Kubernetes, Mesos and Nomad. We will see some code examples, basic use cases and an easy tutorial on the web.
Luca Relandini - Microservices and containers networking: Contiv, deep dive a...Codemotion
Contiv provides a higher level of networking abstraction for microservices: it provides built-in service discovery and service routing for scale out services, working with schedulers like Docker Swarm, Kubernetes, Mesos and Openshift. A powerful policy-based management that makes networking on large scale easy. We will see some code examples, use cases and an easy tutorial on the web. This session is a follow up to the successful sessions at Codemotion Rome and Amsterdam in 2016: we'll go deeper into the architecture and the use cases.
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. As IT strives to become Fast IT, application architectures are undergoing fundamental disruption to enable faster development to deployment lifecycles. As part of this trend, the number of applications being created using microservices architectures and container technologies like Docker is exploding. This new "cloud native" framework makes deployments on-prem or public cloud seamless. In this session, we will look at these evolving trends and how several open source technologies have converged to provide enterprises the ability to innovate at unprecedented levels.
Cloud computing has won and most companies are using more than one public and private clouds. This has created challenges and complexity which are addressed by new technology such as Istio service mesh.
Enabling Production Grade Containerized Applications through Policy Based Inf...Docker, Inc.
This session covers the solution addressing the needs of enabling product-grade containerized applications. You will learn how operations teams running containerized applications in a shared infrastructure can define and enforce policies to provide security, monitoring, and performance for network, storage, and computing. You will learn about Contiv and Mantl, open source projects that create a framework for cloud native application development and infrastructure with application intent and operational policies. Contiv integrates Cisco infrastructure (UCS, Nexus, and ACI) with Docker Datacenter to help enterprises adopt containers at a larger scale.
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMitchell Pronschinske
DevOps tools became very popular with the adoption of public cloud, but Operational teams now realize that their benefits can be extended to enterprise data centers. In reality, cloud native tools can help bridge public clouds and private data centers by enabling a common framework to manage applications and their underlying infrastructure components.
In this session you’ll learn about the latest Cisco ACI integrations with Hashicorp Terraform and Consul to deliver a powerful solution for end-to-end on-prem and cloud infrastructure deployments.
Cisco® Application Centric Infrastructure (ACI) is an innovative architecture that radically simplifies, optimizes, and accelerates the entire application deployment lifecycle. Cloud, mobility, and big data applications are causing a shift in the data center model. Cisco ACI redefines the power of IT, enabling IT to be more responsive to changing business and application needs, enhancing agility, and adding business value. Cisco ACI delivers a transformational operating model for next-generation data center and cloud applications. This Cisco ACI hands lab will step you through from the ACI Fabric concepts to deployment. • Cisco ACI Overview • ACI Fabric Discovery • ACI Building Basic Network Constructs • ACI Building Policy Filters and Contracts • : Deploying a 3-Tier Application Network Profile • ACI Integrating with VMware • Deploying a Service Graph with Application Network Profile • Exploring Monitoring and Troubleshooting
Cisco Live: Containers on Enterprise Compute and NetworksMichael Duarte
Containers are the next evolutionary step in how applications are managed and consumed. Allowing application teams to control and optimize their application deployment process. Along with the advantages provided to application teams, it's also a dynamic shift for data center design. Allowing for better resource utilization, and management resulting in both cost savings and faster IT. This session will explain how Cisco IT has delivered this new paradigm in Cloud Technology by using Cisco ACI, Cisco UCS and open-source solutions like Kubernetes.
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Mike Herbet, Principal Engineer, Cisco, Dave Cole, Consulting Systems Engineer, Cisco, Sean Comrie, Technical Solutions Architect, Cisco focused on the application centric infrastructure (ACI) at Cisco Connect Toronto.
Similar to Microservices and containers networking: Contiv, an industry leading open source solution from Cisco - Luca Relandini - Codemotion Amsterdam 2017 (20)
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Codemotion
Increased complexity makes it very hard and time-consuming to keep your software bug-free and secure. We introduce fuzz-testing as a method for automatically and continuously discovering vulnerabilities hidden in your code. The talk will explain how fuzzing works and how to integrate fuzz-testing into your Software Development Life Cycle to increase your code’s security.
Pompili - From hero to_zero: The FatalNoise neverending storyCodemotion
It was 1993 when we decided to venture in a beat'em up game for Amiga. The Catalypse's success story pushed me and my comrade to create something astonishing for this incredible game machine... but things went harder, assumptions were slightly different, and italian competitors appeared out of nowhere... the project died in 1996. Story ended? Probably not...
Il Commodore 65 è un prototipo di personal computer che Commodore avrebbe dovuto mettere in commercio quale successore del Commodore 64. Purtroppo la sua realizzazione si fermò appunto allo stadio prototipale. Racconterò l'affascinante storia del suo sviluppo ed il perchè della soppressione del progetto ormai ad un passo dalla immissione in commercio.
Rivivere l'ebbrezza di progettare un vecchio computer o una consolle da bar è oggi possibile sfruttando le FPGA, ovvero logiche programmabili che consentono a chiunque di progettare il proprio hardware o di ricrearne uno del passato. In questa sessione si racconta come dal reverse engineering dell'hardware di vecchie glorie come il Commodore 64 e lo ZX Spectrum sia stato possibile farle rivivere attraverso tecnologie oggi alla portata di tutti.
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Codemotion
There's a lot of talk about blockchain, but how does the technology behind it actually work? For developers, getting some hands-on experience is the fastest way to get familiair with new technologies. So let's build a blockchain, then! In this session, we're going to build one in plain old Java, and have it working in 40 minutes. We'll cover key concepts of a blockchain: transactions, blocks, mining, proof-of-work, and reaching consensus in the blockchain network. After this session, you'll have a better understanding of core aspects of blockchain technology.
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Codemotion
When was the last time you were truly lost? Thanks to the maps and location technology in our phones, a whole generation has now grown up in a world where getting lost is truly a thing of the past. Location technology goes far beyond maps in the palm of our hand, however. In this talk, we will explore how a ridesharing app works. How do we discover our destination?How do we find the closest driver? How do we display this information on a map? How do we find the best route?To answer these questions,we will be learning about a variety of location APIs, including Maps, Positioning, Geocoding etc.
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Codemotion
Eward Driehuis, SecureLink's research chief, will guide you through the bumpy ride we call the cyber threat landscape. As the industry has over a decade of experience of dealing with increasingly sophisticated attacks, you might be surprised to hear more attacks slip through the cracks than ever. From analyzing 20.000 of them in 2018, backed by a quarter of a million security events and over ten trillion data points, Eward will outline why this happens, how attacks are changing, and why it doesn't matter how neatly or securely you code.
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Codemotion
IoT revolution is ended. Thanks to hardware improvement, building an intelligent ecosystem is easier than never before for both startups and large-scale enterprises. The real challenge is now to connect, process, store and analyze data: in the cloud, but also, at the edge. We’ll give a quick look on frameworks that aggregate dispersed devices data into a single global optimized system allowing to improve operational efficiency, to predict maintenance, to track asset in real-time, to secure cloud-connected devices and much more.
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Codemotion
What if Virtual Reality glasses could transform your environment into a three-dimensional work of art in realtime in the style of a painting from Van Gogh? One of the many interesting developments in the field of Deep Learning is the so called "Style Transfer". It describes a possibility to create a patchwork (or pastiche) from two images. While one of these images defines the the artistic style of the result picture, the other one is used for extracting the image content. A team from TNG Technology Consulting managed to build an AI showcase using OpenCV and Tensorflow to realize such goggles.
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Codemotion
Blockchain (and Cryptocurrency) is an evolution of 20-year old research from scientists like Chaum, Lamport, and Castro & Liskov. Due to the current hype, it's hard to distinguish beneficial aspects of the technology from a desire for a "silver bullet" for device security, verifiable logistics, or "saving democracy". The problem: blockchain introduces new security challenges - and blind adoption without understanding reduces overall security. In this talk, Melanie Rieback and Klaus Kursawe explain the pitfalls and limits of blockchain, so you can avoid making your applications LESS secure.
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Codemotion
Networking is a core part of computing in the digital world we inhabit. But, how well do you know how it works? Do you understand all the moving parts of the OSI stack inside your computer, and how the network is actually put together? How can this ever work? This guided safari of layers, standards, protocols, and happenstance will bring us close to the copper wire, and up through the layers of CDMA/CD, ARP, routing and HTTP. We will make a few excursions through patchworks that still work forty years later, and cleverly designed mechanisms that show that simplicity is the only way to last.
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Codemotion
Performance tests are not only an important instrument for understanding a system and its runtime environment. It is also essential in order to check stability and scalability – non-functional requirements that might be decisive for success. But won't my cloud hosting service scale for me as long as I can afford it? Yes, but… It only operates and scales resources. It won't automatically make your system fast, stable and scalable. This talk shows how such and comparable questions can be clarified with performance tests and how DevOps teams benefit from regular test practise.
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Codemotion
Sascha will demonstrate the opportunities and challenges of Conversational AI learned from the practice. Both Technology and User Experience will be covered introducing a process finding micro-moments, writing happy paths, gathering intents, designing the conversational flow, and finally publishing on almost all channels including Voice Services and Chatbots. Valuable for enterprises, developers, and designers. All live on stage in just minutes and with almost no code.
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Codemotion
A key challenge we face at Pacmed is quickly calibrating and deploying our tools for clinical decision support in different hospitals, where data formats may vary greatly. Using Intensive Care Units as a case study, I’ll delve into our scalable Python pipeline, which leverages Pandas’ split-apply-combine approach to perform complex feature engineering and automatic quality checks on large time-varying data, e.g. vital signs. I’ll show how we use the resulting flexible and interpretable dataframes to quickly (re)train our models to predict mortality, discharge, and medical complications.
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Codemotion
Coolblue is a proud Dutch company, with a large internal development department; one that truly takes CI/CD to heart. Empowerment through automation is at the heart of these development teams, and with more than 1000 deployments a day, we think it's working out quite well. In this session, Pat Hermens (a Development Managers) will step you through what enables us to move so quickly, which tools we use, and most importantly, the mindset that is required to enable development teams to deliver at such a rapid pace.
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...Codemotion
Quantum computers can use all of the possible pathways generated by quantum decisions to solve problems that will forever remain intractable to classical compute power. As the mega players vie for quantum supremacy and Rigetti announces its $1M "quantum advantage" prize, we live in exciting times. IBM-Q and Microsoft Q# are two ways you can learn to program quantum computers so that you're ready when the quantum revolution comes. I'll demonstrate some quantum solutions to problems that will forever be out of reach of classical, including organic chemistry and large number factorisation.
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Codemotion
Chinese food exploded across America in the early 20th century, rapidly adapting to local tastes while also spreading like wildfire. How was it able to spread so fast? The GY6 is a family of scooter engines that has achieved near total ubiquity in Europe. It is reliable and cheap to manufacture, and it's made in factories across China. How are these factories able to remain afloat? Chinese-American food and the GY6 are both riveting studies in product-market fit, and both are the product of a distributed open source-like development model. What lessons can we learn for open source software?
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Codemotion
The design space has exploded in size within the last few years and Sketch is one of the most important milestones to represent the phenomenon. But behind the scenes of this growing reality there is a remote team that revolutionizes the design space all without leaving the home office. This talk will present how Sketch has grown to become a modern, product designer's tool.
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Codemotion
Would you fly in a plane designed by a craftsman or would you prefer your aircraft to be designed by engineers? We are learning that science and empiricism works in software development, maybe now is the time to redefine what “Software Engineering” really means. Software isn't bridge-building, it is not car or aircraft development either, but then neither is Chemical Engineering. Engineering is different in different disciplines. Maybe it is time for us to begin thinking about retrieving the term "Software Engineering" maybe it is time to define what our "Engineering" discipline should be.
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Codemotion
What is the job of a CTO and how does it change as a startup grows in size and scale? As a CTO, where should you spend your focus? As an engineer aspiring to be a CTO, what skills should you pursue? In this inspiring and personal talk, I describe my journey from early Red Hat engineer to CTO at Bloomon. I will share my view on what it means to be a CTO, and ultimately answer the question: Should the CTO be coding?
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
39. Policies are applied to Groups
Finally, we associate the policy with a group (a group is an arbitrary collection of containers,
e.g. a tier for a microservice) and then run some containers that belong to db group
Let’s create two more containers:
The policy db-policy (ports open and closed) is applied to all the 3 containers:
Managing many end points as a single object makes it easy and fast, think about auto-scaling
(especially when integrated with Swarm, Kubernetes, etc.)
40. Contiv is Microservices Ready
• Support for grouping Applications
• Allows scale-out instances of container applications to be grouped together
• Policies specified on a micro-service tier, rather than individual container workloads
• Efficient forwarding between Microservice tiers
• Allows a fixed (DNS published) VIP for a micro-service
• Containers within the micro-services can come and go
• Their IP addresses are mapped to the service IP for east-west traffic
• Eliminates single point of forwarding (proxy) between micro-service tiers
• Application visibility at service levels (across the cluster)
Web
Group
App
Group
DB
Group
Allow grouping of
containers/pods
Specify Policies
between groups or
from outside the
network