Software Architecture Conference 2018, London (UK): Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract:
In a microservice world, things become more complex. Platforms such as Kubernetes address a lot of the complexity; they handle resource isolation and utilization, networking, and deployments nicely. But a lot of the involved complexity such as load balancing, rollout scenarios, circuit breaking, retries, rate limiting, observability, tracing and transport security is still left up to the development teams.
Of course, you can address all of these challenges in your microservices programmatically using popular open-source components such as Hystrix, Ribbon, Eureka, the EFK Stack, Prometheus or Jaeger. But, unfortunately, this approach can quickly lead to excessive library bloat and suddenly your microservices are not quite so micro anymore.
All this might seem acceptable if you’re on a single, consistent development stack like Java EE or Spring Boot. But tackling these complexities becomes even more challenging if you’re dealing with multiple stacks and multiple frameworks, to say nothing about dealing with legacy applications that you can’t modify to retrofit these requirements.
In comes Istio to the rescue. It is a so-called service mesh that addresses many of the cross-cutting communication concerns in a microservice architecture. Think of Istio as AOP (aspect-oriented programming) for microservice communication. Instead of implementing everything directly within your services, Istio transparently injects and decorates the desired concerns into the individual communication channels.
Mario-Leander Reimer offers an overview of Istio and explains how it addresses the inherent complexities in microservice architectures. He briefly discusses the conceptual architecture and the main building blocks of Istio before diving into several examples deployed on a live Kubernetes cluster to demonstrate the different traffic management features, as well as diagnosability and security.
Connecting All Abstractions with IstioVMware Tanzu
SpringOne Platform 2017
Ramiro Salas, Pivotal
The concept of a service mesh represents a paradigm shift on application connectivity for distributed systems, with wide implications for analytics, policy and extensibility. In this talk, we will explain what a service mesh is, the power it brings to microservices, and its impact on Cloud Foundry and K8s, both separately and together. We will also discuss the implications for the traditional network infrastructure, and the shifting of responsibilities from L3/4 to L7, and our current thinking of using Istio to integrate all abstractions.
A Hitchhiker's Guide to Cloud Native API GatewaysQAware GmbH
ContainerDays 2019, Hamburg: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: Good APIs are the center piece of any successful digital product and cloud native application architecture. But for complex systems with many API consumers the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle and enforce concerns like routing, versioning, rate limiting, access control, diagnosability or service catalogs in a microservice architecture. So this session will have a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Kong, Tyc, KrakenD, et.al. But which one of these is the right one to use in your next project? Let's find out. Leander will start off by briefly explaining the API gateway pattern and derive a simple criteria catalog. He will then continue by comparing and showcasing the most promising ones.
Connecting All Abstractions with IstioVMware Tanzu
SpringOne Platform 2017
Ramiro Salas, Pivotal
The concept of a service mesh represents a paradigm shift on application connectivity for distributed systems, with wide implications for analytics, policy and extensibility. In this talk, we will explain what a service mesh is, the power it brings to microservices, and its impact on Cloud Foundry and K8s, both separately and together. We will also discuss the implications for the traditional network infrastructure, and the shifting of responsibilities from L3/4 to L7, and our current thinking of using Istio to integrate all abstractions.
A Hitchhiker's Guide to Cloud Native API GatewaysQAware GmbH
ContainerDays 2019, Hamburg: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: Good APIs are the center piece of any successful digital product and cloud native application architecture. But for complex systems with many API consumers the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle and enforce concerns like routing, versioning, rate limiting, access control, diagnosability or service catalogs in a microservice architecture. So this session will have a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Kong, Tyc, KrakenD, et.al. But which one of these is the right one to use in your next project? Let's find out. Leander will start off by briefly explaining the API gateway pattern and derive a simple criteria catalog. He will then continue by comparing and showcasing the most promising ones.
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
Running applications on Kubernetes can provide a lot of benefits: more dev speed, lower ops costs, and a higher elasticity & resiliency in production. Kubernetes is the place to be for cloud native apps. But what to do if you’ve no shiny new cloud native apps but a whole bunch of JEE legacy systems? No chance to leverage the advantages of Kubernetes? Yes you can!
We’re facing the challenge of migrating hundreds of JEE legacy applications of a major German insurance company onto a Kubernetes cluster within one year. We're now close to the finish line and it worked pretty well so far.
The talk will be about the lessons we've learned - the best practices and pitfalls we've discovered along our way. We'll provide our answers to life, the universe and a cloud native journey like:
- What technical constraints of Kubernetes can be obstacles for applications and how to tackle these?
- How to architect a landscape of hundreds of containerized applications with their surrounding infrastructure like DBs MQs and IAM and heavy requirements on security?
- How to industrialize and govern the migration process?
- How to leverage the possibilities of a cloud native platform like Kubernetes without challenging the tight timeline?
An overview for running an Istio service mesh on top of kubernetes. Deep dive on the routing policies injection to configure your application under various use cases. Best of all, the original application code remains unchanged!
betterCode Workshop: Effizientes DevOps-Tooling mit GoQAware GmbH
bettterCode, 24.06.2021, Online: Workshop of Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware) & Markus Zimmermann (@markus_zm, Senior Software Engineer at QAware)
== Please download slides in case they are blurred! ===
Use the right tool and language for the job! Especially in the DevOps tooling area, Go has established itself as a simple, reliable and efficient programming language. In this workshop, we learned about suitable application areas and implementing quite a few tools.
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Rob Szumski
Federation is typically thought of as the only way to do multi-cluster operations, but that's not the case. I explore more secure and scalable methods for connecting clusters together. This is key to hybrid scenarios where you want two or more clusters set up in a consistent way, and then deploy an application in all regions or on all clouds.
I will dive deep into sharing RBAC roles and resource limits, plus setting up the same namespaces with important default config like Pod Security Policies.
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Daniel Bryant
By Daniel Bryant, Ambassador Labs We all need to be able to get user traffic into our applications, and your requirements for services running on Kubernetes are no different. "But", I hear you say, "what about the K8s Ingress spec? And how do I observe what's happening under the hood? And who should be responsible for configuring the gateway: dev or ops?" These are all good questions! Join me for a whistle-stop tour of all things emissary-ingress, where we will explore how this new edition to the family of CNCF incubation projects can make your life easier when it comes to routing, observability, and integration into the bigger (people and technology) picture.
Continuous (Non)-Functional Testing of Microservices on k8s QAware GmbH
Continuous Lifecycle Online 2021, May 11th 2021, online: Vortrag von Mario-Leander Reimer (@LeanderReimer, Principal Software Architect bei QAware)
== Please download slides if blurred! ==
Abstract:
Continuous delivery is everywhere. Well, not quite! Many teams still fail to continuously deliver well tested and stable product increments to production, especially when it comes to its non-functional attributes. Usually with the same old excuse: these high-level tests are too laborious and expensive to implement. But the opposite could be the case! This slides will show how easy it is to implement continuous performance, security and acceptance tests based for microservices on Kubernetes using well-known open source tools.
Istio - A Service Mesh for Microservices as ScaleRam Vennam
Manage microservices on Kubernetes using the open source Istio service mesh from IBM, Google, and Lyft. In this presentation we explore the overall value and architecture of Istio and walk through key mechanisms for using Istio to drive highly secure microservices. We will also demonstrate the various features of Istio showing how to intelligently load balance traffic between services, conduct A/B tests, release canaries, and more.
Ich brauche einen Abstraktions-Layer für meine CloudQAware GmbH
Cloud Native Battle, 23.09.2021, online: Panel discussion of Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware) and Schlomo Schapiro (@schlomoschapiro, Chief Architect Cloud at DB Systel GmbH).
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Abstract:
Abstraction layers for the cloud or proprietary cloud services - this was the question of our last Cloud Native Battle.
In this slides you will get to know why Mario-Leander Reimer uses Abstraction layers for the cloud.
Kubernetes 1.16 and rancher 2.3 enhancementsSaiyam Pathak
This presentation talks about the recent kubernetes 1.16 enhancements and Rancher 2.3 new features. It also has the references section that was used as a motivation for this presentation.
In this WebHack talk I shared my experience about microservices, Docker, Kubernetes and Kong, an API gateway by Mashape. Since they are based on a real working system, this slides is majorly for how to build the whole thing up, not about detailed internal implementation. Although I included some details and reference in order to make it more comprehensive.
Kubernetes: від знайомства до використання у CI/CDStfalcon Meetups
Kubernetes: від знайомства до використання у CI/CD
Олександр Занічковський
Technical Lead у компанії SoftServe
14+ років досвіду розробки різноманітного програмного забезпечення, як для десктопа, так і для веб
Працював фріланс-програмістом та в команді
Цікавиться архітектурою ПЗ, автоматизацією процесів інтеграції та доставки нових версій продукту, хмарними технологіями
Віднедавна займається менторінгом майбутніх техлідів
У вільний від роботи час грає на гітарі і мріє про велику сцену
Олександр поділиться власним досвідом роботи з Kubernetes:
ознайомить з базовими поняттями та примітивами K8S
опише можливі сценарії використання Kubernetes для CI/CD на прикладі GitLab
покаже, як можна використовувати постійне сховище, збирати метрики контейнерів, використовувати Ingress для роутинга запитів за певними правилами
покаже, як можна самому встановити K8S для ознайомлення чи локальної роботи
Spring Boot is the defacto framework for building microservices with Java. These slides walk you though how to get started, deploy and debug, perform service discovery and do canary deployments with Spring Boot apps on OpenShift
Putting microservices on a diet with istioQAware GmbH
CodeDays 2019, Munich: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract:
Building microservice architectures is complex. Handling the involved complexities, like circuit breaking, rate limiting, observability or transport security, is usually left up to the development teams to implement. Using open source components to address these challenges is an option, but this quickly leads to excessive library bloat in our microservices. So let's put them on a diet: with Istio.
Putting Microservices on a Diet: with Istio!QAware GmbH
JavaLand 2019, Brühl: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract:
Building microservice architectures is complex. Modern platforms such as Kubernetes address a lot of the complexity, they handle resource isolation and utilization, networking and deployments nicely. But still, handling the remaining complexities, like circuit breaking, rate limiting, observability or transport security, is usually left up to the development teams to implement. Using open source components to address these challenges is an option, but this quickly leads to excessive library bloat and suddenly your microservices are not quite so micro anymore.
Now, all this might seem acceptable if you are on a single, consistent development stack like Java EE or Spring Boot. But tackling these complexities becomes even more challenging if you are dealing with multiple stacks and multiple frameworks. Or you might even deal with legacy applications that you can't modify to retrofit these requirements.
Istio to the rescue. It is a so called service mesh that addresses many of the cross-cutting communication concerns in a microservice architecture. Think of Istio as AOP (aspect oriented programming) for microservice communication. Instead of implementing everything directly within your services, Istio transparently injects and decorates the desired concerns into the individual communication channels.
This session provides an overview of the Istio system and how it addresses the inherent complexities in microservice architectures. We will briefly discuss the conceptual architecture and the main building blocks of Istio. Then we will dive right into several showcases that are deployed on a Kubernetes cluster to demonstrate the different traffic management features, as well as diagnosability and security.
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
Running applications on Kubernetes can provide a lot of benefits: more dev speed, lower ops costs, and a higher elasticity & resiliency in production. Kubernetes is the place to be for cloud native apps. But what to do if you’ve no shiny new cloud native apps but a whole bunch of JEE legacy systems? No chance to leverage the advantages of Kubernetes? Yes you can!
We’re facing the challenge of migrating hundreds of JEE legacy applications of a major German insurance company onto a Kubernetes cluster within one year. We're now close to the finish line and it worked pretty well so far.
The talk will be about the lessons we've learned - the best practices and pitfalls we've discovered along our way. We'll provide our answers to life, the universe and a cloud native journey like:
- What technical constraints of Kubernetes can be obstacles for applications and how to tackle these?
- How to architect a landscape of hundreds of containerized applications with their surrounding infrastructure like DBs MQs and IAM and heavy requirements on security?
- How to industrialize and govern the migration process?
- How to leverage the possibilities of a cloud native platform like Kubernetes without challenging the tight timeline?
An overview for running an Istio service mesh on top of kubernetes. Deep dive on the routing policies injection to configure your application under various use cases. Best of all, the original application code remains unchanged!
betterCode Workshop: Effizientes DevOps-Tooling mit GoQAware GmbH
bettterCode, 24.06.2021, Online: Workshop of Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware) & Markus Zimmermann (@markus_zm, Senior Software Engineer at QAware)
== Please download slides in case they are blurred! ===
Use the right tool and language for the job! Especially in the DevOps tooling area, Go has established itself as a simple, reliable and efficient programming language. In this workshop, we learned about suitable application areas and implementing quite a few tools.
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Rob Szumski
Federation is typically thought of as the only way to do multi-cluster operations, but that's not the case. I explore more secure and scalable methods for connecting clusters together. This is key to hybrid scenarios where you want two or more clusters set up in a consistent way, and then deploy an application in all regions or on all clouds.
I will dive deep into sharing RBAC roles and resource limits, plus setting up the same namespaces with important default config like Pod Security Policies.
Canadian CNCF: "Emissary-ingress 101: An introduction to the CNCF incubation-...Daniel Bryant
By Daniel Bryant, Ambassador Labs We all need to be able to get user traffic into our applications, and your requirements for services running on Kubernetes are no different. "But", I hear you say, "what about the K8s Ingress spec? And how do I observe what's happening under the hood? And who should be responsible for configuring the gateway: dev or ops?" These are all good questions! Join me for a whistle-stop tour of all things emissary-ingress, where we will explore how this new edition to the family of CNCF incubation projects can make your life easier when it comes to routing, observability, and integration into the bigger (people and technology) picture.
Continuous (Non)-Functional Testing of Microservices on k8s QAware GmbH
Continuous Lifecycle Online 2021, May 11th 2021, online: Vortrag von Mario-Leander Reimer (@LeanderReimer, Principal Software Architect bei QAware)
== Please download slides if blurred! ==
Abstract:
Continuous delivery is everywhere. Well, not quite! Many teams still fail to continuously deliver well tested and stable product increments to production, especially when it comes to its non-functional attributes. Usually with the same old excuse: these high-level tests are too laborious and expensive to implement. But the opposite could be the case! This slides will show how easy it is to implement continuous performance, security and acceptance tests based for microservices on Kubernetes using well-known open source tools.
Istio - A Service Mesh for Microservices as ScaleRam Vennam
Manage microservices on Kubernetes using the open source Istio service mesh from IBM, Google, and Lyft. In this presentation we explore the overall value and architecture of Istio and walk through key mechanisms for using Istio to drive highly secure microservices. We will also demonstrate the various features of Istio showing how to intelligently load balance traffic between services, conduct A/B tests, release canaries, and more.
Ich brauche einen Abstraktions-Layer für meine CloudQAware GmbH
Cloud Native Battle, 23.09.2021, online: Panel discussion of Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware) and Schlomo Schapiro (@schlomoschapiro, Chief Architect Cloud at DB Systel GmbH).
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Abstract:
Abstraction layers for the cloud or proprietary cloud services - this was the question of our last Cloud Native Battle.
In this slides you will get to know why Mario-Leander Reimer uses Abstraction layers for the cloud.
Kubernetes 1.16 and rancher 2.3 enhancementsSaiyam Pathak
This presentation talks about the recent kubernetes 1.16 enhancements and Rancher 2.3 new features. It also has the references section that was used as a motivation for this presentation.
In this WebHack talk I shared my experience about microservices, Docker, Kubernetes and Kong, an API gateway by Mashape. Since they are based on a real working system, this slides is majorly for how to build the whole thing up, not about detailed internal implementation. Although I included some details and reference in order to make it more comprehensive.
Kubernetes: від знайомства до використання у CI/CDStfalcon Meetups
Kubernetes: від знайомства до використання у CI/CD
Олександр Занічковський
Technical Lead у компанії SoftServe
14+ років досвіду розробки різноманітного програмного забезпечення, як для десктопа, так і для веб
Працював фріланс-програмістом та в команді
Цікавиться архітектурою ПЗ, автоматизацією процесів інтеграції та доставки нових версій продукту, хмарними технологіями
Віднедавна займається менторінгом майбутніх техлідів
У вільний від роботи час грає на гітарі і мріє про велику сцену
Олександр поділиться власним досвідом роботи з Kubernetes:
ознайомить з базовими поняттями та примітивами K8S
опише можливі сценарії використання Kubernetes для CI/CD на прикладі GitLab
покаже, як можна використовувати постійне сховище, збирати метрики контейнерів, використовувати Ingress для роутинга запитів за певними правилами
покаже, як можна самому встановити K8S для ознайомлення чи локальної роботи
Spring Boot is the defacto framework for building microservices with Java. These slides walk you though how to get started, deploy and debug, perform service discovery and do canary deployments with Spring Boot apps on OpenShift
Putting microservices on a diet with istioQAware GmbH
CodeDays 2019, Munich: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract:
Building microservice architectures is complex. Handling the involved complexities, like circuit breaking, rate limiting, observability or transport security, is usually left up to the development teams to implement. Using open source components to address these challenges is an option, but this quickly leads to excessive library bloat in our microservices. So let's put them on a diet: with Istio.
Putting Microservices on a Diet: with Istio!QAware GmbH
JavaLand 2019, Brühl: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract:
Building microservice architectures is complex. Modern platforms such as Kubernetes address a lot of the complexity, they handle resource isolation and utilization, networking and deployments nicely. But still, handling the remaining complexities, like circuit breaking, rate limiting, observability or transport security, is usually left up to the development teams to implement. Using open source components to address these challenges is an option, but this quickly leads to excessive library bloat and suddenly your microservices are not quite so micro anymore.
Now, all this might seem acceptable if you are on a single, consistent development stack like Java EE or Spring Boot. But tackling these complexities becomes even more challenging if you are dealing with multiple stacks and multiple frameworks. Or you might even deal with legacy applications that you can't modify to retrofit these requirements.
Istio to the rescue. It is a so called service mesh that addresses many of the cross-cutting communication concerns in a microservice architecture. Think of Istio as AOP (aspect oriented programming) for microservice communication. Instead of implementing everything directly within your services, Istio transparently injects and decorates the desired concerns into the individual communication channels.
This session provides an overview of the Istio system and how it addresses the inherent complexities in microservice architectures. We will briefly discuss the conceptual architecture and the main building blocks of Istio. Then we will dive right into several showcases that are deployed on a Kubernetes cluster to demonstrate the different traffic management features, as well as diagnosability and security.
Managing microservices with Istio Service MeshRafik HARABI
Developing and managing hundreds (or maybe thousands) of microservices at scale is a challenge for both development and operations teams.
We have seen over the last years the appearance of new frameworks dedicated to deliver ‘Cloud Native’ applications by providing a set of (out of box) building blocks. Most of these frameworks integrate microservices concerns at the code level.
Recently, we have seen the emerging of a new pattern known as sidecar or proxy promoting to push all these common concerns outside of the business code and provides them on the edge by integrate a new layer to the underlying platform called Service Mesh.
Istio is one of the leading Service Mesh implementing sidecar pattern.
We will go during the presentation throw the core concepts behind Istio, the capabilities that provides to manage, secure and observe microservices and how it gives a new breath for both developers and operations.
The presentation will be guided by a sequence of demo exposing Istio capabilities.
Istio: Using nginMesh as the service proxyLee Calcote
With microservices and containers becoming mainstream, container orchestrators provide much of what the cluster (nodes and containers) needs. With container orchestrators' core focus on scheduling, discovery, and health at an infrastructure level, microservices are left with unmet, service-level needs, such as:
- Traffic management, routing, and resilient and secure communication between services
- Policy enforcement, rate-limiting, circuit breaking
- Visibility and monitoring with metrics, logs, and traces
- Load balancing and rollout/canary deployment support
Service meshes provide for these needs. In this session, we will dive into Istio - its components, capabilities, and extensibility. Istio envelops and integrates with other open source projects to deliver a full-service mesh. We'll explore these integrations and Istio's extensibility in terms of choice of proxies and adapters, such as nginMesh.
Monitoring as an entry point for collaborationJulien Pivotto
In the last years, we have been building complex stacks, made from lots of components. All of this backed by multiple teams. This talk will present how you can use monitoring to look at the business side and have everyone looking at the same dashboards, making cooperation a reality.
The mainstreaming of containerization and microservices is raising a critical question by both developers and operators: how do we debug all this?
Debugging microservices applications is a difficult task. The state of the application is spread across multiple microservices, and it is hard to get a holistic view of the state of the application. Currently debugging of microservices is assisted by openTracing, which helps in tracing of a transaction or workflow for post-mortem analysis, and linkerd and itsio which monitor the network to identify latency problems. These tools however, do not allow to monitor and interfere with the application during run time.
In this talk, we will describe and demonstrate common debugging techniques and we will introduce Squash, a new tool and methodology.
The microservice architecture approach has been very popular in the recent years. There is a big hype around it and a large swarm of open source tools to facilitate each aspect of this architecture. The purpose of this talk is to identify the main components of a microservice architecture. After that we compare different open source tools that fits into each area. At the end we’ll have a good understanding what a microservice architecture based on OSS looks like.
This work is part of the open source testbed setup for Cloud interoperability & portability. Cloud Security Workgroup will further review and generate complete working set as we move along. This is part I of the effort.
Native Cloud-Native: Building Agile Microservices with the Micronaut FrameworkZachary Klein
This talk is a fast-paced introduction to the Micronaut framework, from creating the first app to orchestrating a microservice federation and deploying to the cloud. We will cover the basics of writing Micronaut apps, communication between services, building for resiliency, managing configuration, and deploying to a cloud provider. By the time we’re finished, you’ll have a good understanding of both the distinctives and features of the framework and be ready to start building and deploying your own apps with Micronaut. Buckle up!
Sample code: https://github.com/ZacharyKlein/hello-devnexus23
Cloud Native Night, April 2018, Mainz: Workshop led by Jörg Schad (@joerg_schad, Technical Community Lead / Developer at Mesosphere)
Join our Meetup: https://www.meetup.com/de-DE/Cloud-Native-Night/
PLEASE NOTE:
During this workshop, Jörg showed many demos and the audience could participate on their laptops. Unfortunately, we can't provide these demos. Nevertheless, Jörg's slides give a deep dive into the topic.
DETAILS ABOUT THE WORKSHOP:
Kubernetes has been one of the topics in 2017 and will probably remain so in 2018. In this hands-on technical workshop you will learn how best to deploy, operate and scale Kubernetes clusters from one to hundreds of nodes using DC/OS. You will learn how to integrate and run Kubernetes alongside traditional applications and fast data services of your choice (e.g. Apache Cassandra, Apache Kafka, Apache Spark, TensorFlow and more) on any infrastructure.
This workshop best suits operators focussed on keeping their apps and services up and running in production and developers focussed on quickly delivering internal and customer facing apps into production.
You will learn how to:
- Introduction to Kubernetes and DC/OS (including the differences between both)
- Deploy Kubernetes on DC/OS in a secure, highly available, and fault-tolerant manner
- Solve operational challenges of running a large/multiple Kubernetes cluster
- One-click deploy big data stateful and stateless services alongside a Kubernetes cluster
Istio Triangle Kubernetes Meetup Aug 2019Ram Vennam
It's been two years since we introduced the Istio project to the Triangle Kubernetes Meetup group. This presentation will be a brief re-introduction of the Istio project, and a summary of the updates to the Istio project since its 1.0 release.
Similar to Putting microservices on a diet with Istio (20)
Mit ChatGPT Dinosaurier besiegen - Möglichkeiten und Grenzen von LLM für die ...QAware GmbH
Generative AI for Developers, 27.05.2024, Bonn (Martin Binder, Lead IT Consultant bei QAware)
Die kritische Infrastruktur wird nach wie vor von Dinosauriersystemen aus dem letzten Jahrtausend getragen. Die Ablösung dieser Altsysteme ist ein drängendes Problem der Digitalisierung in Deutschland. In meinem Projekt musste ich in wenigen Wochen ein 30 Jahre altes System auf Basis von IBM iSeries (AS/400) mit RPG-Code analysieren. Überraschenderweise kannte ChatGPT die RGP-Referenz von IBM. Mithilfe von ChatGPT konnte ich mich schnell einarbeiten und so ein brauchbares Arbeitsverständnis des Systems erreichen. Aber wo Licht ist, ist auch Schatten: ChatGPT hat kein Kontextverständnis, ist unvollständig und neigt zu Fehlschlüssen. Als Vorgeschmack hier der Powermove: ChatGPT nach jeder Antwort grundsätzlich danach fragen, was es falsch gemacht hat. Du wirst überrascht sein!
50 Shades of K8s Autoscaling #JavaLand24.pdfQAware GmbH
JavaLand 2024, April 2024, Mario-Leander Reimer
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Abstract:
Elasticity and unlimited scalability are the holy grail for any cloud-native application. Now you might think: “That’s easy!!! I just run my containers on a Kubernetes cluster and I am done.” But is it really that simple?
Turns out it’s not! Your application as well as your cloud infrastructure and K8s cluster need to address and support these non-functional requirements.
This session will have a detailed and also practical look at the different ways of autoscaling in Kubernetes. We will give an overview of the technical foundations and prerequisites, and then showcase several frameworks and technologies that can be used to flexibly autoscale your cluster and your cloud-native workloads.
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...QAware GmbH
GPM Regionalgruppe Chemnitz (Patrick Albert)
Wegen ihres Umfangs und Komplexität sind größere SAFe-Programme bereits in Präsenz hinsichtlich ihres Managements und ihrer Steuerung anspruchsvoll. Aufgrund von COVID19 jedoch war eine Verlegung in den virtuellen Raum im beschriebenen Praxisfall unausweichlich. Das Management hatte hierbei sicherzustellen, dass die Programmziele trotz des verminderten Kontaktes allen beteiligten Teams dauerhaft klar und präsent sind und dass die in den Teams umgesetzten Funktionen außerdem den genannten Programmzielen dienen.
Besonders wichtig ist dieses Alignment im Rahmen der regelmäßigen PI-Plannings, in welchen alle Teams gleichzeitig die jeweils kommenden Iterationen planen und dabei auch teamübergreifende Abhängigkeiten zuverlässig berücksichtigen müssen.
Es werden Erfolgsfaktoren für den virtuellen Einsatz von SAFe herausgearbeitet und beleuchtet.
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzQAware GmbH
When it comes to the question: "Where do we actually store our application data?", we are spoilt for choice, especially when it comes to the major cloud providers.
The simple and often completely valid answer is still the classic relational database! It is very suitable for many areas of application, as the technology is tried and tested and can cover a very broad spectrum. It is therefore not surprising that all major cloud providers offer this as a "managed service".
For some years now, however, there have also been so-called cloud-native databases that have been specially developed for the requirements of the cloud. The big promise: "Infinite scalability"
In a large customer project, we have been using such a database productively for over 4 years with Azure CosmosDB. The presentation will deal with the following questions, among others
What does "upscalability" mean in practice ?
What do you have to pay attention to when designing?
What are the actual limits?
What other special features do I get?
When do I need a cloud-native database?
But that's not all! We also look beyond Azure to the other two major cloud providers: AWS and Google Cloud. With DynamoDB and Datastore/Firestore, they have similar products on offer.
Down the Ivory Tower towards Agile ArchitectureQAware GmbH
iSAQB Software Architecture Gathering – Digital 2023, November 2023
Architecture for agile projects must be defined and described differently, as well as continuously developed and evolved. Not all decisions are made at once, nor are they all known right from the start of the project. This sessions presents various useful and lightweight methods, tools and team topologies that can be applied in (large) agile projects to avoid uncontrolled growth and architectural erosion but without acting from the ivory tower and thus suffocating team autonomy.
"Mixed" Scrum-Teams – Die richtige Mischung macht's!QAware GmbH
IT-Tage 2023, Frankfurt am Main (Patrick Albert)
Die Rollen und insbesondere deren Zuständigkeiten sind in Scrum recht klar geregelt: Der Product Owner sorgt für das "Was", der Scrum Master für das "Wie" und die Developer für die eigentliche Umsetzung. Solange es sich dabei um ein internes Projekt mit einem komplett internen Team handelt, sind damit bereits die zentralen Fragen beantwortet. Ein wenig differenzierter zu betrachten sind allerdings Teams mit mehreren Parteien wie etwa beim Einsatz von Dienstleistern. Muss etwa zwingend der Kunde den Product Owner stellen oder kann dieser auch auf der Seite des Dienstleisters stehen? Falls alle Developer vom gleichen Dienstleister bereitgestellt werden, würde diese Konstellation sicherlich einige Kommunikationswege verkürzen. Allerdings hat ein Product Owner auf der Seite eines Dienstleisters sicher nicht die gleichen Verbindungen zu den Stakeholdern (Nutzer, Geldgeber, ...) des Produkts wie ein interner Product Owner – wie also könnte er ihre Anforderungen dann gut vor dem Team vertreten? Ähnliche Fragen stellen sich auch für den Scrum Master und das Development-Team. In den meisten Fällen gibt es für verschiedene Konstellationen jeweils Vor- und Nachteile – und zwar sowohl für den Kunden als auch für den Dienstleister. Wichtig bei der Entscheidung für eine dieser Konstellationen ist außerdem die Art des Projekts, der Kreis der Stakeholder, das zur Verfügung stehende Budget, der Zeitrahmen und noch einiges mehr.
Dieser Vortrag beleuchtet verschiedene dieser Varianten und zeigt Vorteile, Nachteile und Risiken auf.
Make Developers Fly: Principles for Platform EngineeringQAware GmbH
Make Developers Fly – Helping developers to build better applications
Cloud Native Night, Mainz, November 2023, Alex Krause
Platform Engineering is the next stage of DevOps and accelerates software developers even more to build applications faster and bring products rapidly to the customers. In this meetup, we show you the key principles of platform engineering, as we experienced them in our projects, and additionally show you a better way to manage your internal software platforms.
PRINCIPLES FOR PLATFORM ENGINEERING, Alex Krause
How do we help our developers to fly instead of crashing miserablely? The answer is Platform Engineering, a discipline for building internal developer platforms (IDPs) to simplify software delivery for product teams. In this talk, you'll learn how Platform Engineering evolved from the DevOps movement and what principles and best practices make for a good implementation. Finally, we'll take a look at reference architectures that can support your platform.
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightQAware GmbH
Codineers Rosenheim Meetup, 2. November 2023 (Dominik Haas, QAware)
Wer kennt es nicht: Langsame, instabile und wartungsintensive Tests von Frontends und die Schmerzen damit.
Aber in den letzten Jahren und Monaten hat sich hier viel getan und Playwright ist der vielversprechende neue Stern der Web-Automatisierung.
Ich werde in meinem Talk über das Testen von Frontends sprechen und speziell auf Playwright als spannendes Werkzeug eingehen.
Neben der praktischen Einführung möchte ich auch mit Euch über Best Practices sprechen und einen Versuch wagen die Testpyramide zu töten (oder sie zumindest etwas zu beschädigen).
Sie kennen doch bestimmt das "Gesetz des Instruments": Wer als Werkzeug nur ein modernes Frontend-Framework hat, löst jedes Problem mit einer Single Page-Applikation. So oder so ähnlich, nur halt mit Hammer und Nagel lautet es, beschreibt jedoch ganz gut die aktuelle Situation der JavaScript-Welt. Auf nahezu jede Anforderung wird mit einer aufgeblähten, clientseitig gerenderten SPA geantwortet. Doch ist es schön langsam an der Zeit, dass wir uns fragen sollten: Ist das wirklich alles? Und die Antwort lautet ziemlich sicher "Nein". Doch genau diesem Thema widmen wir uns und werfen einen Blick auf die Alternativen und da gibt es viele.
Im React-Ökosystem findet aktuell ein kleiner Umbruch statt. Mit Server Side Rendering, Static Site Generation, Server Components und Frameworks wie Next verschiebt sich ein Teil der Arbeit in Richtung Server. Dieser Trend ist auch bei Vue, Svelte und Angular zu beobachten. Und genau das ist es, was die sogenannten Meta-Frameworks ausmacht. Uns als EntwicklerInnen gibt das mehr Flexibilität, um auf Anforderungen reagieren zu können. Sie müssen nicht mehr den kompletten Quellcode zum Client übertragen, haben bessere Caching-Möglichkeiten und auch die Suchmaschinen sind Ihnen dankbar.
Dieser Vortrag gibt Ihnen einen Überblick über die wichtigsten Features von Meta-Frameworks und wo und vor allem wie sie gewinnbringend eingesetzt werden können.
Digital Future Congress (DFC) 2023, September 2023, München, Andreas Zitzelsberger (Business Unit Director bei QAware)
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Alt-Systeme in die Cloud migrieren – mit sechs Leitplanken geht das effizient und sicher. Neu: Künstliche Intelligenz kann jetzt zum Turbo werden! Wir nutzen KI bei der Cloud-Migration und zeigen in diesem Vortrag, was geht und was nicht.
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...QAware GmbH
MedTech Stars, Webkonferenz, September 2023, Josef Adersberger (CEO bei QAware)
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Der Vortrag „Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die Seele verkaufen oder Himmel auf Erden?“ erkundet das wachsende Bedürfnis und die Herausforderungen, medizinische Anwendungen in die Cloud zu migrieren.
Bei den entsprechenden Anwendungen stellt laut einer Umfrage der Datenschutz für 82% der Anwendungen die größte Herausforderung dar, um den Schritt in die Cloud zu machen. Trotzdem wächst der Druck, diesen Schritt zu vollziehen, aufgrund des Innovations- und Digitalisierungsbedarfs, der durch gesetzliche Initiativen wie das Krankenhaus-Zukunftsgesetz, gestiegene Patientenerwartungen und den immer klareren medizinischen Impact der Digitalisierung angetrieben wird.
Die zentrale Frage, die in diesem Vortrag erörtert wird, ist, wie man hochregulierte Anwendungen schrittweise in die Cloud migrieren kann. Hierzu werden wir einen Ansatz vorstellen und anhand von exemplarischen Anwendungen demonstrieren, wie eine solche Migration erfolgreich durchgeführt werden kann. Abschließend fassen wir den Vortrag mit fünf leitenden Prinzipien zusammen, die bei der Migration von stark regulierten Anwendungen in die Cloud beachtet werden sollten. Diese Prinzipien bieten einen nützlichen Leitfaden für Unternehmen und Institutionen, die den Umzug ihrer Anwendungen in die Cloud erwägen, und sollen dazu beitragen, die Herausforderungen der Cloud-Migration in diesem hochregulierten Bereich erfolgreich zu bewältigen.
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster QAware GmbH
SAA 2023 | Software Architecture Alliance, September 2023, München, Mario-Leander Reimer (@LeanderReimer, CTO bei QAware)
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Die Cloud hat bereits heute einen größeren CO2-Fußabdruck als die Luftfahrtindustrie, mit steigender Digitalisierung und Cloudifizierung wird sich dieser Trend fortsetzen, wenn wir nichts dagegen unternehmen. Viele Kubernetes-basierte Installationen sind gemessen am eigentlich benötigten Ressourcen Bedarf stark überdimensioniert und tragen so unnötig zur globalen Erwärmung bei. Wie sieht die Energiebilanz Ihres Clusters und Workloads aus?
In diesem Vortrag zeigen wir Ansätze und Technologien, die dabei helfen K8s-Cluster grün(er) zu machen. Zunächst braucht es Transparenz: Wie sieht die Energiebilanz des Clusters und seiner Workloads aus? Erst danach lassen sich diese gezielt auf ihre Energiesparsamkeit hin optimieren. Und das ist gar nicht so schwer, also packen wir es an!
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.QAware GmbH
SAA 2023 | Software Architecture Alliance, September 2023, München, Ildikó Tárkányi (Senior Software Engineer bei QAware)
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Der Traum von den unendlichen Weiten der Daten ist schnell ausgeträumt, wenn wir unsere APIs nicht im Griff haben. Dabei ist es egal, ob wir uns APIs zwischen unseren Services, zwischen Frontend und Backend oder zu Fremdsystemen anschauen - APIs sind ein fundamentaler Bestandteil unserer Softwarearchitektur und ohne Testautomatisierung geht gar nichts.
Schlecht geschriebene Integrationstests mit selbst erfundenen Testfällen für unsere APIs können richtig nerven: Wir rufen die APIs auf und hoffen, dass genau das zurückkommt, was wir erwarten.
Das geht auch anders: Wir werfen einen Blick auf andere Testansätze, bewerten, welche Aspekte diese jeweils testen und schauen zum Beispiel auf:
• Contract Based Testing
• Black Box Testing der OpenAPI Specs
• Trace-basiertes Testing
Kubernetes with Cilium in AWS - Experience Report!QAware GmbH
Cloud Native Night, Munich, September 2023, Bernhard Schaidhammer
=== Please download slides if blurred! ===
Cilium is a powerful tool for network policies and also encryption between the Kubernetes nodes. Cilium hooks deep into Kubernetes in the network stack as an plugin and can even replace the AWS CNI Plugin. This talk will share our project experiences.
Topics involve:
- Network Policies
- Encryption
- Hubble (Observability)
- Installation
- CLI Usage (Hubble / Cilium)
Container Days 2023, September 2023, Hamburg, Mario-Leander Reimer (@LeanderReimer, CTO @QAware).
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Elasticity and unlimited scalability are the holy grail for any cloud-native application. Now you might think: “That’s easy!!! I just run my containers on a Kubernetes cluster and I am done.” But is it really that simple?
Turns out it’s not! Your application as well as your cloud infrastructure and K8s cluster need to address and support these non-functional requirements.
This session will have a detailed and also practical look at the different ways of autoscaling in Kubernetes. We will give an overview of the technical foundations and prerequisites, and then showcase several frameworks and technologies that can be used to flexibly autoscale your cluster and your cloud-native workloads.
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPQAware GmbH
Heise DevSec 2023, September 2023, Karlsruhe, Mario-Leander Reimer (@LeanderReimer, CTO @QAware).
== Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! ==
Continuous Delivery ist allgegenwärtig. Wirklich? Viele Teams straucheln immer noch dabei, regelmäßig gut getestete und vor allem sichere Software auszuliefern. Immer mit der gleichen, guten alten Ausrede: die nicht-funktionalen Tests seien zu aufwändig und zu teuer umzusetzen. Doch genau das Gegenteil ist der Fall!
In diesem Vortrag gehen wir kurz auf die aktuellen Bedrohungen und die Bedeutung früher und regelmäßiger Sicherheitstests von APIs ein. Anschließend zeigen wir, wie einfach es ist, diese Tests kontinuierlich und asynchron mit OWASP ZAP und Testkube gegen REST- und GraphQL-APIs direkt auf einem Kubernetes-Cluster auszuführen; immer dann wenn sich die API und der Service ändern.
Service Mesh Pain & Gain. Experiences from a client project.QAware GmbH
Cloud Native Night, Mainz, September 2023, Markus Zimmermann
=== Please download slides if blurred! ===
The topic of service mesh is still present at every major DevOps conference and is the subject of controversial discussions.
A service mesh comes with the promise of implementing cross-functional requirements of microservices such as observability or secure communication without changes within the services. The operational effort and the integration of the services within the service mesh should also be problem-free.
But do the common service mesh implementations keep these promises? In a client project we have gained experience with Linkerd and can say: we did not achieve the benefits without pain. We want to share these experiences and what you can take away for your next project!
WeAreDevelopers World Congress 2023, July 2023, Mario-Leander Reimer
=== Please download slides if blurred! ===
Elasticity and unlimited scalability are the holy grail for any cloud-native application. Now you might think: “That’s easy!!! I just run my containers on a Kubernetes cluster and I am done.” But is it really that simple?
Turns out it’s not! Your application as well as your cloud infrastructure and K8s cluster need to address and support these non-functional requirements.
This session will have a detailed and also practical look at the different ways of autoscaling in Kubernetes.
We will give an overview of the technical foundations and prerequisites, and then showcase several frameworks and technologies that can be used to flexibly autoscale your cluster and your cloud-native workloads.
Blue turns green! Approaches and technologies for sustainable K8s clusters.QAware GmbH
Kubernetes Community Days Munich 2023, Juli 2023, Mario-Leander Reimer
The cloud already has a larger CO2 footprint than the worldwide aviation industry. With increasing digitalization and cloudification this trend will continue if we don't do anything about it. Many Kubernetes installations are greatly oversized in terms of the resources actually required and thus contribute unnecessarily to global warming. What is the energy balance of your cluster and its workloads?
In this session we will discuss approaches and technologies that help to make K8s clusters green(er). First of all, transparency is needed: what is the energy balance of the cluster and its workloads? Only then we can start to optimize for better energy efficiency. And it's not that difficult, so let's get started!
Per Anhalter zu Cloud Nativen API GatewaysQAware GmbH
Mastering Kubernetes 2023, Juli 2023, Sonja Wegner
Gute APIs sind das Herzstück erfolgreicher digitaler Produkte und Cloud-nativer Anwendungen. Doch schlecht verwaltete APIs werden schnell zum Albtraum. Damit es kein böses Erwachen gibt, setzen wir auf API Gateways: Diese sind etabliert und bekannt und helfen uns bei der Verwaltung der APIs. Sie regeln unter anderem Traffic Management, Rollout-Szenarien, Versionierung, Zugriffskontrolle und Diagnostizierbarkeit.
In diesem Vortrag werden wir das Cloud-native API-Gateway-Ökosystem näher betrachten: Gloo, KrakenD, Kong, Envoy et al. Aber welches davon ist das Richtige für den Einsatz im nächsten Projekt? Lasst es uns herausfinden!
Opendatabay - Open Data Marketplace.pptxOpendatabay
Opendatabay.com unlocks the power of data for everyone. Open Data Marketplace fosters a collaborative hub for data enthusiasts to explore, share, and contribute to a vast collection of datasets.
First ever open hub for data enthusiasts to collaborate and innovate. A platform to explore, share, and contribute to a vast collection of datasets. Through robust quality control and innovative technologies like blockchain verification, opendatabay ensures the authenticity and reliability of datasets, empowering users to make data-driven decisions with confidence. Leverage cutting-edge AI technologies to enhance the data exploration, analysis, and discovery experience.
From intelligent search and recommendations to automated data productisation and quotation, Opendatabay AI-driven features streamline the data workflow. Finding the data you need shouldn't be a complex. Opendatabay simplifies the data acquisition process with an intuitive interface and robust search tools. Effortlessly explore, discover, and access the data you need, allowing you to focus on extracting valuable insights. Opendatabay breaks new ground with a dedicated, AI-generated, synthetic datasets.
Leverage these privacy-preserving datasets for training and testing AI models without compromising sensitive information. Opendatabay prioritizes transparency by providing detailed metadata, provenance information, and usage guidelines for each dataset, ensuring users have a comprehensive understanding of the data they're working with. By leveraging a powerful combination of distributed ledger technology and rigorous third-party audits Opendatabay ensures the authenticity and reliability of every dataset. Security is at the core of Opendatabay. Marketplace implements stringent security measures, including encryption, access controls, and regular vulnerability assessments, to safeguard your data and protect your privacy.
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...Subhajit Sahu
Abstract — Levelwise PageRank is an alternative method of PageRank computation which decomposes the input graph into a directed acyclic block-graph of strongly connected components, and processes them in topological order, one level at a time. This enables calculation for ranks in a distributed fashion without per-iteration communication, unlike the standard method where all vertices are processed in each iteration. It however comes with a precondition of the absence of dead ends in the input graph. Here, the native non-distributed performance of Levelwise PageRank was compared against Monolithic PageRank on a CPU as well as a GPU. To ensure a fair comparison, Monolithic PageRank was also performed on a graph where vertices were split by components. Results indicate that Levelwise PageRank is about as fast as Monolithic PageRank on the CPU, but quite a bit slower on the GPU. Slowdown on the GPU is likely caused by a large submission of small workloads, and expected to be non-issue when the computation is performed on massive graphs.
Show drafts
volume_up
Empowering the Data Analytics Ecosystem: A Laser Focus on Value
The data analytics ecosystem thrives when every component functions at its peak, unlocking the true potential of data. Here's a laser focus on key areas for an empowered ecosystem:
1. Democratize Access, Not Data:
Granular Access Controls: Provide users with self-service tools tailored to their specific needs, preventing data overload and misuse.
Data Catalogs: Implement robust data catalogs for easy discovery and understanding of available data sources.
2. Foster Collaboration with Clear Roles:
Data Mesh Architecture: Break down data silos by creating a distributed data ownership model with clear ownership and responsibilities.
Collaborative Workspaces: Utilize interactive platforms where data scientists, analysts, and domain experts can work seamlessly together.
3. Leverage Advanced Analytics Strategically:
AI-powered Automation: Automate repetitive tasks like data cleaning and feature engineering, freeing up data talent for higher-level analysis.
Right-Tool Selection: Strategically choose the most effective advanced analytics techniques (e.g., AI, ML) based on specific business problems.
4. Prioritize Data Quality with Automation:
Automated Data Validation: Implement automated data quality checks to identify and rectify errors at the source, minimizing downstream issues.
Data Lineage Tracking: Track the flow of data throughout the ecosystem, ensuring transparency and facilitating root cause analysis for errors.
5. Cultivate a Data-Driven Mindset:
Metrics-Driven Performance Management: Align KPIs and performance metrics with data-driven insights to ensure actionable decision making.
Data Storytelling Workshops: Equip stakeholders with the skills to translate complex data findings into compelling narratives that drive action.
Benefits of a Precise Ecosystem:
Sharpened Focus: Precise access and clear roles ensure everyone works with the most relevant data, maximizing efficiency.
Actionable Insights: Strategic analytics and automated quality checks lead to more reliable and actionable data insights.
Continuous Improvement: Data-driven performance management fosters a culture of learning and continuous improvement.
Sustainable Growth: Empowered by data, organizations can make informed decisions to drive sustainable growth and innovation.
By focusing on these precise actions, organizations can create an empowered data analytics ecosystem that delivers real value by driving data-driven decisions and maximizing the return on their data investment.
Explore our comprehensive data analysis project presentation on predicting product ad campaign performance. Learn how data-driven insights can optimize your marketing strategies and enhance campaign effectiveness. Perfect for professionals and students looking to understand the power of data analysis in advertising. for more details visit: https://bostoninstituteofanalytics.org/data-science-and-artificial-intelligence/
StarCompliance is a leading firm specializing in the recovery of stolen cryptocurrency. Our comprehensive services are designed to assist individuals and organizations in navigating the complex process of fraud reporting, investigation, and fund recovery. We combine cutting-edge technology with expert legal support to provide a robust solution for victims of crypto theft.
Our Services Include:
Reporting to Tracking Authorities:
We immediately notify all relevant centralized exchanges (CEX), decentralized exchanges (DEX), and wallet providers about the stolen cryptocurrency. This ensures that the stolen assets are flagged as scam transactions, making it impossible for the thief to use them.
Assistance with Filing Police Reports:
We guide you through the process of filing a valid police report. Our support team provides detailed instructions on which police department to contact and helps you complete the necessary paperwork within the critical 72-hour window.
Launching the Refund Process:
Our team of experienced lawyers can initiate lawsuits on your behalf and represent you in various jurisdictions around the world. They work diligently to recover your stolen funds and ensure that justice is served.
At StarCompliance, we understand the urgency and stress involved in dealing with cryptocurrency theft. Our dedicated team works quickly and efficiently to provide you with the support and expertise needed to recover your assets. Trust us to be your partner in navigating the complexities of the crypto world and safeguarding your investments.
6. Essential Cloud-native Design Principles.
6
Design for Distribution: Containers; microservices; API driven development.
Design for Configuration: One image, multiple environments.
Design for Resiliency: Fault-tolerant and self-healing.
Design for Elasticity: Scales dynamically and reacts to stimuli.
Design for Delivery: Short roundtrips and automated provisioning.
Design for Performance: Responsive; concurrent; resource efficient.
Design for Automation: Automated Dev & Ops tasks.
Design for Diagnosability: Cluster-wide logs, metrics and traces.
Design for Security: Secure Endpoints, API-Gateways, E2E-Encryption
15. Pods are the smallest unit of compute in
Kubernetes
Labels are key/value pairs used to identify
Kubernetes resources
Replica Sets ensure that the desired
number of pod replicas are running
Deployments are an abstraction used to
declare and update pods, RCs, …
Services are an abstraction for a logical
collection of pods providing DNS name
Ingress routes traffic from outside the
cluster to services and ports based on URL
patterns and host
Kubernetes Glossary.
15
18. 18
Envoy: Sidecar proxy per microservice that handles inbound/outbound traffic within each Pod. Extended
version of Envoy project.
Gateway: Inbound gateway / ingress. Nothing more than a managed Envoy.
Mixer: Policy / precondition checks and telemetry. Highly scalable.
Envoy caches policy checks within the sidecar (level 1) and within envoy instances (level 2), buffers
telemetry data locally and centrally, and can be run in multiple instances.
Mixer includes a flexible plugin model.
https://istio.io/blog/2017/mixer-spof-myth.html
Pilot: Pilot converts high level routing rules that control traffic behavior into Envoy-specific configurations, and
propagates them to the sidecars at runtime.
Watches services and transforms this information in a canonical platform-agnostic model (abstracting away
from k8s, Nomad, Consul etc).
The envoy configuration is then derived from this canonical model. Exposes the Rules API to add traffic
management rules.
Citadel: CA for service-to-service authx and encryption.
Certs are delivered as a secret volume mount. Workload identity is provided in SPIFFE format.
https://istio.io/docs/concepts/security/mutual-tls.html
20. Gateway configures a load balancer for
HTTP/TCP traffic, enables ingress traffic into the
service mesh
Virtual Service defines the rules that control
how requests for a service are routed within
the service mesh
Destination Rule configures the set of policies
to be applied to a request after VirtualService
routing has occurred
Service Version aka Subset allows to select a
subset of pods based on labels
Service Entry enables requests to services
outside of the service mesh
Istio Glossary.
20
28. Istio has built-in support for service mesh diagnosability.
28
Diagnosability
Triangle
Metrics
LogsTraces
29. Not all Istio features are marked Stable yet, but Beta can
already be used in Production.
29
Istio v1.0.3 is deemed production ready.
Core: 4 Stable, 3 Beta, 6 Alpha
Traffic Management: 1 Stable, 5 Beta, 1 Alpha
Security and Policy Enforcement: 5 Stable, 2 Beta, 4 Alpha
Telemetry: 4 Stable, 2 Beta, 7 Alpha
Other Service Mesh technologies are emerging.
Linkerd and Conduit
Consul Connect
See https://istio.io/about/feature-stages/