This document contains the slides from a presentation about using JFrog Artifactory and Docker. It discusses how Artifactory can be used to manage Docker images across different environments like development, testing, staging and production. It also talks about building applications in layers using base images and promoting images through a pipeline. Key points are that Artifactory allows hosting multiple Docker repositories per host, using tags to promote images, and building applications in layers on top of base images for improved quality and speed.
Patterns and antipatterns in Docker image lifecycle as was presented at Globa...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle as was presented at Scale...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns & Antipatterns in Docker Image Lifecycleyoavl
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the anti-patterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
This talk takes it from the point that everybody already understand the need in the CI/CD pipeline and some of the basic techniques are taken for granted. It’s much more about tools, processes and automation.
Best Practices In Implementing Container Image Promotion PipelinesAll Things Open
Presented by: Baruch Sadogursky, JFrog
Presented at All Things Open 2020
Abstract: Surprisingly, implementing a secure, robust and fast promotion pipelines for container images is not as easy as it might sound. Automating dependency resolution (base images), implementing multiple registries for different maturity stages and making sure that we actually run in production containers from the images we intended can be tricky. In this talk, we will compare different approaches, compile a wish-list of features and create a pipeline that checks all the boxes using free and open-source tools.
Patterns and antipatterns in Docker image lifecycle as was presented at Oracl...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle @ Codemash 2017Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle @ DevOpsDays Charlotte 2017Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle as was presented at Globa...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle as was presented at Scale...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns & Antipatterns in Docker Image Lifecycleyoavl
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the anti-patterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
This talk takes it from the point that everybody already understand the need in the CI/CD pipeline and some of the basic techniques are taken for granted. It’s much more about tools, processes and automation.
Best Practices In Implementing Container Image Promotion PipelinesAll Things Open
Presented by: Baruch Sadogursky, JFrog
Presented at All Things Open 2020
Abstract: Surprisingly, implementing a secure, robust and fast promotion pipelines for container images is not as easy as it might sound. Automating dependency resolution (base images), implementing multiple registries for different maturity stages and making sure that we actually run in production containers from the images we intended can be tricky. In this talk, we will compare different approaches, compile a wish-list of features and create a pipeline that checks all the boxes using free and open-source tools.
Patterns and antipatterns in Docker image lifecycle as was presented at Oracl...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle @ Codemash 2017Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Patterns and antipatterns in Docker image lifecycle @ DevOpsDays Charlotte 2017Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Show an Open Source Project Some Love and Start Using Travis-CIJoel Byler
Lots of us are looking for an open source project to help with, but sometimes it is hard to find a way to contribute. I'd like to recommend that folks start to consider using Travis-CI and adding Travis-CI scripts to projects that don't already have them. Lets look at what it takes to build a project using Travis and the benefits that a project can take advantage of if they use the service.
This was originally presented at CodeMash v2.0.1.4 in Sandusky, Ohio on January 10, 2014
How QCLean Works? Introduction to Browser ExtensionsQing-Cheng Li
* Introduction to QCLean and browser extensions.
* How to write a simple chrome extension and how QCLean removes suggested pages and posts on Facebook newsfeed.
* How to inject code and override DOM prototype on webpages.
Testing containers with TestContainers @ AJUG 7/18/2017Viktor Gamov
You never know how your application performs once deployed to the production. Sure, you have unit tests, and your test coverage is sky high. However, you might depend on external resources like databases, web services, and distributed caches. Moreover, without a proper integration testing, you cannot be confident about the stability of your production environment. A long time ago, long before the invention of Docker, configuring the environment for integration testing was incredibly complicated and tedious. Developers and Ops were using fake database implementations, mocking servers, and all kinds of weird tricks to implement the environment without the real environment, but it was ugly, bulky, faulty and not cross-platform as well. Thanks to Docker, those days are long gone, now we can quickly prepare the environment with Docker for our tests.
In this talk, I would like to spread the word about awesome project TestContainers – an open source library that exposes API for JUnit tests. It provides lightweight, disposable instances of shared databases, distributed caches or grids, or anything else that can run in a Docker container, all securely and reliably downloaded from your Docker Hub.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at Downtown San J...Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
A talk I gave at Web Directions South 2009 about the current possibilities of the HTML5 video element, and its shortfalls in accessibility. Also briefly mentions audio and media fragment URIs. Takes a broad sweep at accessibility and usability features of HTML5 media elements.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at DevOps Detroit...Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
BotCommons: Metadata for Bots - Devoxx 2017Cisco DevNet
The lack of common practices around bot software make it to difficult to implement automated tooling for bots (such as discovery, versions transitioning, bot status) as well as inform end-users efficiently (such as bot commands, usage policy, feedback submission, point of contact for support).
The goal of the BotCommons project is to define some industry common practices to publish metadata for bots.
This BOF is about sharing current thoughts and drive the initiative further with developer communities and industry professionals.
https://cfp.devoxx.be/2017/talk/HHX-6365/BotCommons:_Metadata_for_Bots
Auf Augenhöhe mit Android Studio und Gradleinovex GmbH
Mit Android Studio und dem neuen Gradle-Build-System stehen der Community große Veränderungen ins Haus. Neben der Euphorie gibt es allerdings auch Skepsis: Was wird aus den bestehenden Tools? Wie stabil und bugfrei sind die "neuen" schon? Und halten sie auch was sie versprechen? Wir zeigen an praktischen Beispielen die Vorteile und Tücken der neuen Tools im täglichen Entwickeln und im CI-Server Einsatz.
Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab. The initial development have been done on Gogs but we have forked it and named it Gitea. If you want to read more about the reasons why we have done that please read this blog post.
https://docs.gitea.io/en-us/
Building Your Own Native App Visual Testing Module with AppiumWim Selles
We all know that Appium can do (almost) everything you tell it to do, but in the end we always ask it to do the same thing: to automate our happy and/or our error flow. The result can give us the confirmation that the user can still buy a product, or verify if his bank account still has a positive balance.
But what if we need to know more than that: what if we also need to verify the layout of our app? The answer would be easy, as there are plenty of open-source or paid solutions that can help you with that. However, almost all of these solutions focus on web/hybrid apps, not on native iOS and or Android apps.
Wim faced this challenge when he was automating a React Native app for a customer. There was no image comparison tool that could do what he wanted it to do, so he rolled up his sleeves and started building one. In this talk, Wim will walk down the path he took and he will explain:
- Why he used ResembleJS as a core visual comparison solution
- The things he learned about Appium in the process (pro tips!)
- The differences between iOS and Android and how he managed to solve this in one cross-platform solution
- The pros and cons of the solution
Patterns and antipatterns in Docker image lifecycle as was presented at DC Do...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Building a private CI/CD pipeline with Java and Docker in the cloud as presen...Baruch Sadogursky
A private Java (Maven or Gradle) repository as a service can be set up in the cloud. A private Docker registry as a service can be easily set up in the cloud. But what if you want to build a holistic CI/CD pipeline on the cloud of your choice?
Baruch Sadogursky walks you through setting up a universal artifact repository, which can serve for both Java and Docker. You’ll learn how to build a CI/CD pipeline with traceable metadata from the Java source files all the way to Docker images. Baruch uses Amazon, Azure, and Google Cloud as examples, although the recipes shown are applicable to other clouds as well.
Show an Open Source Project Some Love and Start Using Travis-CIJoel Byler
Lots of us are looking for an open source project to help with, but sometimes it is hard to find a way to contribute. I'd like to recommend that folks start to consider using Travis-CI and adding Travis-CI scripts to projects that don't already have them. Lets look at what it takes to build a project using Travis and the benefits that a project can take advantage of if they use the service.
This was originally presented at CodeMash v2.0.1.4 in Sandusky, Ohio on January 10, 2014
How QCLean Works? Introduction to Browser ExtensionsQing-Cheng Li
* Introduction to QCLean and browser extensions.
* How to write a simple chrome extension and how QCLean removes suggested pages and posts on Facebook newsfeed.
* How to inject code and override DOM prototype on webpages.
Testing containers with TestContainers @ AJUG 7/18/2017Viktor Gamov
You never know how your application performs once deployed to the production. Sure, you have unit tests, and your test coverage is sky high. However, you might depend on external resources like databases, web services, and distributed caches. Moreover, without a proper integration testing, you cannot be confident about the stability of your production environment. A long time ago, long before the invention of Docker, configuring the environment for integration testing was incredibly complicated and tedious. Developers and Ops were using fake database implementations, mocking servers, and all kinds of weird tricks to implement the environment without the real environment, but it was ugly, bulky, faulty and not cross-platform as well. Thanks to Docker, those days are long gone, now we can quickly prepare the environment with Docker for our tests.
In this talk, I would like to spread the word about awesome project TestContainers – an open source library that exposes API for JUnit tests. It provides lightweight, disposable instances of shared databases, distributed caches or grids, or anything else that can run in a Docker container, all securely and reliably downloaded from your Docker Hub.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at Downtown San J...Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
A talk I gave at Web Directions South 2009 about the current possibilities of the HTML5 video element, and its shortfalls in accessibility. Also briefly mentions audio and media fragment URIs. Takes a broad sweep at accessibility and usability features of HTML5 media elements.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at DevOps Detroit...Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
BotCommons: Metadata for Bots - Devoxx 2017Cisco DevNet
The lack of common practices around bot software make it to difficult to implement automated tooling for bots (such as discovery, versions transitioning, bot status) as well as inform end-users efficiently (such as bot commands, usage policy, feedback submission, point of contact for support).
The goal of the BotCommons project is to define some industry common practices to publish metadata for bots.
This BOF is about sharing current thoughts and drive the initiative further with developer communities and industry professionals.
https://cfp.devoxx.be/2017/talk/HHX-6365/BotCommons:_Metadata_for_Bots
Auf Augenhöhe mit Android Studio und Gradleinovex GmbH
Mit Android Studio und dem neuen Gradle-Build-System stehen der Community große Veränderungen ins Haus. Neben der Euphorie gibt es allerdings auch Skepsis: Was wird aus den bestehenden Tools? Wie stabil und bugfrei sind die "neuen" schon? Und halten sie auch was sie versprechen? Wir zeigen an praktischen Beispielen die Vorteile und Tücken der neuen Tools im täglichen Entwickeln und im CI-Server Einsatz.
Gitea is a painless self-hosted Git service. It is similar to GitHub, Bitbucket or Gitlab. The initial development have been done on Gogs but we have forked it and named it Gitea. If you want to read more about the reasons why we have done that please read this blog post.
https://docs.gitea.io/en-us/
Building Your Own Native App Visual Testing Module with AppiumWim Selles
We all know that Appium can do (almost) everything you tell it to do, but in the end we always ask it to do the same thing: to automate our happy and/or our error flow. The result can give us the confirmation that the user can still buy a product, or verify if his bank account still has a positive balance.
But what if we need to know more than that: what if we also need to verify the layout of our app? The answer would be easy, as there are plenty of open-source or paid solutions that can help you with that. However, almost all of these solutions focus on web/hybrid apps, not on native iOS and or Android apps.
Wim faced this challenge when he was automating a React Native app for a customer. There was no image comparison tool that could do what he wanted it to do, so he rolled up his sleeves and started building one. In this talk, Wim will walk down the path he took and he will explain:
- Why he used ResembleJS as a core visual comparison solution
- The things he learned about Appium in the process (pro tips!)
- The differences between iOS and Android and how he managed to solve this in one cross-platform solution
- The pros and cons of the solution
Patterns and antipatterns in Docker image lifecycle as was presented at DC Do...Baruch Sadogursky
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Building a private CI/CD pipeline with Java and Docker in the cloud as presen...Baruch Sadogursky
A private Java (Maven or Gradle) repository as a service can be set up in the cloud. A private Docker registry as a service can be easily set up in the cloud. But what if you want to build a holistic CI/CD pipeline on the cloud of your choice?
Baruch Sadogursky walks you through setting up a universal artifact repository, which can serve for both Java and Docker. You’ll learn how to build a CI/CD pipeline with traceable metadata from the Java source files all the way to Docker images. Baruch uses Amazon, Azure, and Google Cloud as examples, although the recipes shown are applicable to other clouds as well.
Building a private CI/CD pipeline with Java and Docker in the Cloud as presen...Baruch Sadogursky
A private Java (Maven or Gradle) repository as a service can be setup in the cloud. A private Docker registry as a service can be easily setup in the cloud. But what if you want to build a holistic CI/CD pipeline, and on the cloud of YOUR choice?
In this talk Baruch will take you through steps of setting up a universal artifact repository, which can serve for both Java and Docker. You’ll learn how to build a CI/CD pipeline with traceable metadata from the Java source files all the way to Docker images. Amazon, Azure, and Google Cloud (do you have setup that works on these?) will be used as an example although the recipes shown would be applicable to other cloud as well.
Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrogDocker, Inc.
Docker is hot. However, as Docker container use spreads into more mature production pipelines, there can be issues about control of Docker images to ensure they are production-ready. Is a promotion-based model appropriate to control and track the flow of Docker images from development to production? We will demonstrate how to implement a promotion model for docker images, and then show how to distribute them to any kind of consumer, being it a customer or a data center.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at QCon NYC 2017Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
DevОps is usually viewed from a traditional perspective of a collaboration of Dev, Ops, and QA, driven by the change in Culture, People, and Process. But how do you know where you stand and where to move? As in almost any field, data and metrics give you the gauges and instruments. In this talk, we’ll talk about the key measurements for the DevOps transformation process and provide you with 3 metrics you can start measuring tomorrow.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at Gr8Conf 2017Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at The Pittsburgh...Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
Where the Helm are your binaries? as presented at Canada Kubernetes MeetupsBaruch Sadogursky
Do you always know what’s going on with your product artifacts since the moment they are built by the CI server from Git sources all the way to being deployed by Helm into Kuberenetes?
In this talk, we will show how to build a reliable and transparent pipeline from code to cluster using Git, Artifactory, Docker, Kubernetes, and Helm. We’ll show how you such a pipeline can help you answer the big questions: What to deploy, What is deployed, and what is this artifact that I am looking for. This kind of transparency is critical for today’s environments, and Kubernetes with Helm shouldn’t be an exception.
A lecture given at MIT in Boston about the benefits and technicalities of open web standards for Video and Audio. Lots of examples how to manipulate live video using CSS3 and Canvas.
Java REST API Framework Comparison - UberConf 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Java REST API Framework Comparison - PWX 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
This is a talk I gave at IPC 2014 in Munich.
It's about how to build durable web apis based on the experience gained at Namshi while we were developing our SOA architecture
Java REST API Comparison: Micronaut, Quarkus, and Spring Boot - jconf.dev 2020Matt Raible
"Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!"
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2020/01/09/java-rest-api-showdown
GitHub repo: https://github.com/oktadeveloper/okta-java-rest-api-comparison-example
Similar to Patterns and antipatterns in Docker image lifecycle as was presented at DevopsDays Austin 2017 (20)
DevOps Patterns & Antipatterns for Continuous Software Updates @ NADOG April ...Baruch Sadogursky
So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possibly go wrong?
In this talk, we’ll analyze real-world software update fails and how multiple DevOps patterns, that fit a variety of scenarios, could have saved the developers. Manually making sure that everything works before sending an update and expecting the user to do acceptance tests before they update is most definitely not on the list of such patterns.
Join us for some awesome and scary continuous update horror stories and some obvious (and some not so obvious) proven ideas for improvement and best practices you can start following tomorrow.
So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possibly go wrong?
In this talk, we’ll analyze real-world software update fails and how multiple DevOps patterns, that fit a variety of scenarios, could have saved the developers. Manually making sure that everything works before sending an update and expecting the user to do acceptance tests before they update is most definitely not on the list of such patterns.
Join us for some awesome and scary continuous update horror stories and some obvious (and some not so obvious) proven ideas for improvement and best practices you can start following tomorrow.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at Oracle Code NY...Baruch Sadogursky
In this talk, we’ll take you to a scaling journey, from 3 developers to a 100. We’ll talk about the challenges each milestone in this growth brings, both technological and methodological, and how to solve those challenges using the right mix of people, the right selection of tools and the correctly crafted process. The speakers excel in the different aspects of this triangle and went through this journey (more than once) themselves. And the fun and entertaining presentation as a Greek tragedy can’t hurt, can it?
Data driven devops as presented at QCon London 2018Baruch Sadogursky
Devops is usually viewed from a traditional perspective of a collaboration of Dev, Ops, and QA, driven by the change in Culture, People, and Process. But how do you know where you stand and where to move? As in almost any field, data and metrics give you the gauges and instruments. In this talk, we’ll talk about the key measurements for the DevOps transformation process and provide you with 3 metrics you can start measuring tomorrow.
A Research Study Into DevOps Bottlenecks as presented at Oracle Code LA 2018Baruch Sadogursky
We asked the Fortune 500 software delivery leaders what holds them back. This talk is the analysis of their insights on what bottlenecks they encountered in their DevOps journey.
You know what to expect by now: funny and puzzling questions about Java 8 and Java 9, JFrog t-shirts are airborne, the usual combo of learning and fun ahead!
By Baruch Sadogursky
Devops is usually viewed from a traditional perspective of a collaboration of Dev, Ops and QA, driven by the change in Culture, People and Process. But how do you know where you stand and were to move? As in almost any field, data and metrics give you the gauges and instruments. In this talk we’ll talk about the key measurements for the DevOps transformation process and provide you with 3 metrics you can start measuring tomorrow.
A Research Study into DevOps Bottlenecks as presented at Codemash 2018Baruch Sadogursky
By Baruch Sadogursky
We asked the Fortune 500 software delivery leaders what holds them back. This talk is the analysis of their insights on what bottlenecks they encountered in their DevOps journey.
Best Practices for Managing Docker Versions as presented at JavaOne 2017Baruch Sadogursky
By Baruch Sadogursky
There are three hard things in computer science: cache invalidation, naming things, and off-by-one errors. This session tackles naming, especially Docker version naming. Labels, tags, checksums...how should you use them to keep track of Docker versions? What about dev versus prod images—how best to distinguish those? What about the “latest” tag? What about cleanup? Could we do more? Versioning often seems like a simple problem, but when you have a tool that gives you as much power and flexibility as Docker does, it often helps to develop guidelines. The presentation examines the tools available for managing Docker images and some simple patterns you can employ in various use cases for CI/CD to keep track of your containers.
Troubleshooting & Debugging Production Microservices in Kubernetes as present...Baruch Sadogursky
Debugging applications in production is like being the detective in a crime movie. Especially with microservices. Especially with containers. Especially in the cloud. Trying to see what’s going on in a production deployment at scale is impossible without proper tools! Google has spent over a decade deploying containerized Java applications at unprecedented scale and the infrastructure and tools developed by Google have made it uniquely possible to manage, troubleshoot, and debug, at scale.
Join this session to see how you can diagnose and troubleshoot production issues w/ out of the box Kubernetes tools, as well as getting insight from the ecosystem with Weave Scope, JFrog Artifactory & Stackdriver tools.
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at Devoxx 2017Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
Amazon Alexa Skills vs Google Home Actions, the Big Java VUI Faceoff as prese...Baruch Sadogursky
In this session we will compare and contrast the experience of implementing voice user interface for the two market leader voice activated assistants. Both are extendable, both have Java APIs, but which is better? Two speakers, two laptops, two IDEs writing Java code to implement the same Alexa Skill and Google Home Action and you pick the winner!
DevOps @Scale (Greek Tragedy in 3 Acts) as it was presented at DevOps Days Be...Baruch Sadogursky
As in a good Greek Tragedy, scaling devops to big teams has 3 stages and usually end badly. In this play (it’s more than a talk!) we’ll present you with Pentagon Inc, and their way to scaling devops from a team of 3 engineers to a team of 100 (spoiler – it’s painful!)
Java Puzzlers NG S02: Down the Rabbit Hole as it was presented at The Pittsbu...Baruch Sadogursky
Moar puzzlers! The more we work with Java 8, the more we go into the rabbit hole. Did they add all those streams, lambdas, monads, Optionals and CompletableFutures only to confuse us? It surely looks so! And Java 9 that heads our way brings even more of what we like the most, more puzzlers, of course! In this season we as usual have a great batch of the best Java WTF, great jokes to present them and great prizes for the winners!
Developer relations strategy is often an afterthought. This session’s speaker asks whether that’s OK and gets the opinion of DevRel leaders from companies large and small.
In this talk, Baruch Sadogursky presents the challenges of a high demand SaaS product incident triage at scale, as well as discuss the sources of log items, including the platform, tenants and other types of log sources. He will show practical examples of collector and filters configuration and will take you through a number of real world examples of problems investigations using Artifactory and Sumo Logic.
[Webinar] The Frog And The Butler: CI Pipelines For Modern DevOpsBaruch Sadogursky
No relationship in DevOps is more important than that between your CI/CD server and your Binary Repository. Jenkins has long been the go-to server for CI/CD, and JFrog Artifactory has long been one of the most popular integrations with it. This webinar focuses on the new features of the integration, leveraging the Jenkins Pipeline DSL for infrastructure-as-code of your favorite artifactory features whether it be generic, maven, gradle or Docker, and will show an end-to-end example of pipelines across multiple technologies and how powerful these new capabilities are.
Groovy Puzzlers S04: The Bytecode Bites Back at Gr8Conf US 2017Baruch Sadogursky
Did you think that we were out of puzzlers?! Well, we might be - but the Groovy community sure isn’t! Per usual, we’ve got a bunch of awesomely puzzling contributions and you are going to have a shot at winning one of the prizes. Attend this session to have some fun while getting a workout in for those muscles - you’ll tease your brain and then stretch out for the flying t-shirts too!
Trust your software in production as it was presented at Detroit JUGBaruch Sadogursky
How do you manage your software as it is progressing from development to production? Do you version and monitor your builds with enough metadata to know what's going on? Can you manage any software language or package type through a single point of universal control? Are you always sure your dependencies are secure before deployment? If you want to trust your software in production, join me and learn how to implement an end-to-end management and security pipeline for your software pipelines.
Java Puzzlers NG as it was presented at Detroit Java User GroupBaruch Sadogursky
Not sure about you, but working with Java 8 made me lose all of my hair and most of my sleep (or was it the jet lag?). If you still haven’t reached the level of Brian Goetz in mastering lambdas and strings, this session is for you. And if you think you have, here’s some bad news for you: you should attend as well. You’ll see some surprising, bizarre, and inconceivable parts of Java 8, so you won’t be (too) surprised when they hit you in production. Like any other puzzlers session, this one consists lots of puzzling questions, answers from the audience, t-shirts flying around, and a lot of fun—all for one purpose: to make you understand Java 8 better.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
20. That’s why.
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
FROM ubuntu
RUN apt-get install -y software-properties-common python
RUN apt-get install -y nodejs
RUN mkdir /var/www
ADD app.js /var/www/app.js
CMD ["/usr/bin/node", "/var/www/app.js"]
Latest version
Latest version
Latest version
Latest version
21. That’s why.
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
FROM ubuntu:14.04
RUN apt-get install -y software-properties-common python
RUN apt-get install -y nodejs
RUN mkdir /var/www
ADD app.js /var/www/app.js
CMD ["/usr/bin/node", "/var/www/app.js"]
Better now?
22. That’s why.
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98
RUN apt-get install -y software-properties-common python
RUN apt-get install -y nodejs
RUN mkdir /var/www
ADD app.js /var/www/app.js
CMD ["/usr/bin/node", "/var/www/app.js"]
And now?
23. That’s why.
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98
RUN apt-get install -y software-properties-common python
RUN apt-get install -y nodejs
RUN mkdir /var/www
ADD app.js /var/www/app.js
CMD ["/usr/bin/node", "/var/www/app.js"]
And now?What about those?
24. That’s why.
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98
RUN mvn clean install
CMD ”java –jar Main.class"
What about this?
25. That’s why.
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98
RUN download_random_sh*t_from_the_internet.sh
CMD ["/usr/bin/node", "/var/www/app.js"]
And how about this?
26. That’s why you don’t trust Docker
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
34. What’s up with the gates?!
- QA shouldn’t test dev images
35. What’s up with the gates?!
- QA shouldn’t test dev images
- non-tested images shouldn't be
staged
36. What’s up with the gates?!
- QA shouldn’t test dev images
- non-tested images shouldn't be
staged
- non-staged, non-tested or dev
images shouldn’t end up in
production!!!
41. How can we support this?
https://host:8081/artifactory/docker-dev/busybox
https://host:8081/artifactory/docker-staging/busybox
https://host:8081/artifactory/docker-qa/busybox
https://host:8081/artifactory/docker-prod/busybox
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
45. Virtual hosts/ports to the rescue
https://host:port/v2/busybox
Registry host Tag name
docker tag host:port/busybox
46. Virtual hosts/ports to the rescue
https://host:8081/artifactory/docker-dev/busybox
Virtual repository name Tag name
https://host:port/v2/busybox
Context name
Registry host Tag name
docker tag host:port/busybox
47. server {
listen 5001;
server_name 192.168.99.100;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2;
…
}
}
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES
48. But then you realize…
Wait a second, now I need
to pull, retag and push for
every step?!
49.
50.
51. Anatomy of a container
@JBARUCH #DEVOPSDAYSAUSTIN HTTP://JFROG.COM/SHOWNOTES