In this session we will start to see What is Serverless and what it means to you ? Knowing that we will continue our journey to quickly deploy a serverless platform Apache OpenWhisk on Kubernetes. Having platform ready we will then demystify what should be your Java Programming model in the serverless world???. Is this enough for me to build my serverless applications, the answer is !!!NO!!! , then what else is required, “TOOLS” , in the last part of this session we will stock check our inventory of tools that can make the serverless journey quick, easy and productive.
Java in 2019 was predicted to be business as usual by many. We have seen new Java releases coming out as planned, AdoptOpenJDK became the main trustful source of binaries and Oracle fighting for the trademark again by preventing the use of javax as namespace. Everything looks like it would be a silent year for Java. But one thing seems obvious. Java's popularity is not gaining any more traction. New language features keep it up to date but people are getting more selective when it comes to implementation choices. Especially in the age of containers and cloud infrastructures. This talk walks you through the why and how of Java in containers. We will talk about image size and development and deployment processes.
Docker for any type of workload and any IT InfrastructureDocker, Inc.
This presentation discusses the different types of workloads typical enterprises are required to run, which use cases exist for containerizing them and how leading-edge workload orchestration can be used to deploy, run and manage the containerized workloads or various types or scale-out infrastructures, such as on-premise clusters, public clouds or hybrid clouds.
Talking TUF: Securing Software DistributionDocker, Inc.
The Update Framework (TUF) secures new or existing software update systems by providing a specification and library that can be flexibly and universally integrated or natively implemented. The update procedure is notoriously susceptible to malicious attacks and TUF is designed to prevent these and other updater weaknesses.
Docker's Notary project integrates the Go implementation of TUF with Docker Content Trust to verify the publisher of Docker images.
https://github.com/theupdateframework/tuf
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
People typically think of Docker for microservices and try to make the smallest container they can. There are tremendous benefits to a microservices model but those are not the only apps that qualify for containers. Traditional, homegrown, monolithic apps are also great candidates for Docker - why? By containerizing these apps, many of the same agility, portability, security and cost savings benefits can be applied to the hundreds (if not thousands) of apps in your datacenters. But where to begin? Attend this session to learn how to approach modernizing traditional apps (MTA), considerations, the available tools and possibilities.
DCEU 18: App-in-a-Box with Docker Application PackagesDocker, Inc.
Michael Irwin - Application Architect, Virginia Tech
Docker Application Packages is an experimental tool that makes it easy to share multi-service applications. Create a Compose file, package it in an image, and voilà! You now have an "app-in-a-box"! Not convinced yet? No worries! It took a while for me to be convinced too! In this session, we'll start off by diving into how Docker Application Packages actually works, which will help us understand the use cases. We'll see how dev environments can hook in to this app-in-a-box by replacing the service being worked on with a dev container. Then we'll move on to see how end-to-end functional tests are much easier to run. And, finally, we'll see how to maintain an "app-in-a-box" with the latest versions of each component in a CI/CD pipeline, allowing for a unique app-in-a-box for each feature branch under development. Lots of good material! And lots of live demos!
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsAmbassador Labs
DevOps Days Boston 2017
Microservices is an increasingly popular approach to building cloud-native applications. Dozens of new technologies that streamline adopting microservices development such as Docker, Kubernetes, and Envoy have been released over the past few years. But how do you actually use these technologies together to develop, deploy, and run microservices?
In this presentation, we’ll cover the nuances of deploying containerized applications on Kubernetes, including creating a Kubernetes manifest, debugging and logging, and how to build an automated continuous deployment pipeline. Then, we’ll do a brief tour of some of the advanced concepts related to microservices, including service mesh, canary deployments, resilience, and security.
Secure your Quarkus applications | DevNation Tech TalkRed Hat Developers
So you have built - in no time - your Quarkus application and it's supersonic subatomic fast. Have you thought about security? Right, usually this is the thing we implement at the end. Even if it's a crucial part of our application, we often ignore it. The good news is that with Quarkus, adding security and identity management is a breeze. Join this 100% live coding session where we explore the different options that Quarkus offers you to secure your applications.
In this session we will start to see What is Serverless and what it means to you ? Knowing that we will continue our journey to quickly deploy a serverless platform Apache OpenWhisk on Kubernetes. Having platform ready we will then demystify what should be your Java Programming model in the serverless world???. Is this enough for me to build my serverless applications, the answer is !!!NO!!! , then what else is required, “TOOLS” , in the last part of this session we will stock check our inventory of tools that can make the serverless journey quick, easy and productive.
Java in 2019 was predicted to be business as usual by many. We have seen new Java releases coming out as planned, AdoptOpenJDK became the main trustful source of binaries and Oracle fighting for the trademark again by preventing the use of javax as namespace. Everything looks like it would be a silent year for Java. But one thing seems obvious. Java's popularity is not gaining any more traction. New language features keep it up to date but people are getting more selective when it comes to implementation choices. Especially in the age of containers and cloud infrastructures. This talk walks you through the why and how of Java in containers. We will talk about image size and development and deployment processes.
Docker for any type of workload and any IT InfrastructureDocker, Inc.
This presentation discusses the different types of workloads typical enterprises are required to run, which use cases exist for containerizing them and how leading-edge workload orchestration can be used to deploy, run and manage the containerized workloads or various types or scale-out infrastructures, such as on-premise clusters, public clouds or hybrid clouds.
Talking TUF: Securing Software DistributionDocker, Inc.
The Update Framework (TUF) secures new or existing software update systems by providing a specification and library that can be flexibly and universally integrated or natively implemented. The update procedure is notoriously susceptible to malicious attacks and TUF is designed to prevent these and other updater weaknesses.
Docker's Notary project integrates the Go implementation of TUF with Docker Content Trust to verify the publisher of Docker images.
https://github.com/theupdateframework/tuf
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
People typically think of Docker for microservices and try to make the smallest container they can. There are tremendous benefits to a microservices model but those are not the only apps that qualify for containers. Traditional, homegrown, monolithic apps are also great candidates for Docker - why? By containerizing these apps, many of the same agility, portability, security and cost savings benefits can be applied to the hundreds (if not thousands) of apps in your datacenters. But where to begin? Attend this session to learn how to approach modernizing traditional apps (MTA), considerations, the available tools and possibilities.
DCEU 18: App-in-a-Box with Docker Application PackagesDocker, Inc.
Michael Irwin - Application Architect, Virginia Tech
Docker Application Packages is an experimental tool that makes it easy to share multi-service applications. Create a Compose file, package it in an image, and voilà! You now have an "app-in-a-box"! Not convinced yet? No worries! It took a while for me to be convinced too! In this session, we'll start off by diving into how Docker Application Packages actually works, which will help us understand the use cases. We'll see how dev environments can hook in to this app-in-a-box by replacing the service being worked on with a dev container. Then we'll move on to see how end-to-end functional tests are much easier to run. And, finally, we'll see how to maintain an "app-in-a-box" with the latest versions of each component in a CI/CD pipeline, allowing for a unique app-in-a-box for each feature branch under development. Lots of good material! And lots of live demos!
DevOps Days Boston 2017: Real-world Kubernetes for DevOpsAmbassador Labs
DevOps Days Boston 2017
Microservices is an increasingly popular approach to building cloud-native applications. Dozens of new technologies that streamline adopting microservices development such as Docker, Kubernetes, and Envoy have been released over the past few years. But how do you actually use these technologies together to develop, deploy, and run microservices?
In this presentation, we’ll cover the nuances of deploying containerized applications on Kubernetes, including creating a Kubernetes manifest, debugging and logging, and how to build an automated continuous deployment pipeline. Then, we’ll do a brief tour of some of the advanced concepts related to microservices, including service mesh, canary deployments, resilience, and security.
Secure your Quarkus applications | DevNation Tech TalkRed Hat Developers
So you have built - in no time - your Quarkus application and it's supersonic subatomic fast. Have you thought about security? Right, usually this is the thing we implement at the end. Even if it's a crucial part of our application, we often ignore it. The good news is that with Quarkus, adding security and identity management is a breeze. Join this 100% live coding session where we explore the different options that Quarkus offers you to secure your applications.
DCEU 18: From Legacy Mainframe to the Cloud: The Finnish Railways Evolution w...Docker, Inc.
Niko Virtala - Cloud Architect, VR Group (Finnish Railways)
In 2016, Finnish Railways reservation system and many other systems were monolithic applications running on mainframe or local datacenters. They began a containerization project focused on modernizing the reservation system. The invest paid off. Today, they have containerized multiple applications, running both on-premises and on AWS today. That’s allowed Finland’s leading public transport agency to shut down a data center and become a technology innovator. In this session, Finnish Rail will explain the processes and tools they used to build a multi-cloud strategy that lets them take advantage of geo-location and cost advantages to run in AWS, Azure and soon Google Cloud. You’ll learn: - How to implement a successful multi-cloud deployment - What challenges you can expect to face along the way - The processes and tools that are critical part of a successful project.
Terms cloud-native & microservice architecture have been used interchangeably for years. Microservices have benefits, but also bring challenges, so are they really the go-to solution in all cases? Better understanding & some failed projects led to an evaluation of the suitability of microservices, and resulted in new interest in the various architecture styles in the cloud. We'll look at microservices and monoliths in the context of cloud-native.
OpenShift Virtualization - VM and OS Image LifecycleMihai Criveti
Building and packaging OS Images with KVM, qemu-img and podman and deploying them onto Kubernetes and KubeVirt with OpenShift Virtualization
Build and create images using Hashicorp Packer and Kickstart - create layered images for multiple cloud providers.
Building a secure image pipeline with Ansible. Generating secure OS images for OpenShift Virtualization. Creating a immutable image pipeline with Ansible, OpenSCAP, Packer, Molecule and Vagrant. Packaging OS images for consumption to OpenShift Virtualization.
Presentation materials from the webinar I did on 29 April 2020 as part of the Azure Apps Webinar Series. Sharing from our own software development team’s experience, I talked about how to improve and optimize the developer’s experience working in Kubernetes/AKS.
Yuvraj Mehta - Group Product Manager, Docker
Steve Richards - Solutions Architect, Docker
Creating a Secure Supply Chain for your applications is vitally important for a compliant and smooth-running application development organization. Every organization needs to understand where their container images come from, who has access to them, understand the security risks to weigh ALL options available before deploying . In this session, we will take a closer look at how Docker Enterprise helps developers, DevOps and DevSecOps teams securely Build and Ship applications through the software pipeline. We’ll dive into security features of the platform’s private registry Image Signing which provides authenticity for image sources and Image Scanning which provides insight into any vulnerabilities. We’ll also look at how this can be automated by policy and seamlessly integrated with your software pipeline to provide a succinct audit trail.
DCEU 18: Developing with Docker ContainersDocker, Inc.
Laura Frank Tacho - Director of Engineering, CloudBees
Wouldn't it be great for a new developer on your team to have their dev environment totally set up on their first day? What about having the confidence that your dev environment mirrors testing and prod? Containers enable this to become reality, along with other great benefits like keeping dependencies nice and tidy and making packaged code easier to share. Come learn about the ways containers can help you build and ship software easily, and walk away with two actionable steps you can take to start using Docker containers for development.
DCEU 18: Docker Enterprise Platform and ArchitectureDocker, Inc.
Jean Rouge - Sr. Software Engineer, Docker
David Yu - Product Manager, Docker
Docker Enterprise is an enterprise container platform for developers and IT admins building and managing container applications. The platform includes integrated orchestration (Swarm and Kubernetes), advanced private image registry, and centralized admin console to secure, troubleshoot, and manage containerized applications. This talk will focus on the Docker Enterprise platform's technical architecture, key features and use cases it is designed to support. Key areas covered in this session: -Latest features and enhancements -Security and Compliance - how to ensure oversight and validate applications for different compliance regulations -Operational Insight - how to identify and troubleshoot issues in your container environment -Integrated Technology - the technologies are supported and can be run with Docker Enterprise -Policy-based Automation - how to scale container environments through automated policies.
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
This is part 1 of my Kubernetes architecture deep-dive slide series.
I have been working with Kubernetes for more than a year, from v1.3.6 to v1.6.7, and I am a CNCF certified Kubernetes administrator. Before I move on to something else, I would like to summarize and share my knowledges and take-aways about Kubernetes, from a software engineer perspective.
This set of slides is a humble dig into one level below your running application in production, revealing how different components of Kubernetes work together to orchestrate containers and present your applications to the rest of the world.
The slides contains 80+ external links to Kubernetes documentations, blog posts, Github issues, discussions, design proposals, pull requests, papers, source code files I went through when I was working with Kubernetes - which I think are valuable for people to understand how Kubernetes works, Kubernetes design philosophies and why these design came into places.
Developer joy for distributed teams with CodeReady Workspaces | DevNation Tec...Red Hat Developers
Enabling teams on projects has been often challenging due to hardware configurations, software dependencies, and lack of documentation. In this session, we'll show you how admins can easily provide CodeReady Workspaces, a multi-tenant in-browser IDE system on top of OpenShift. CodeReady Workspaces can get Developers comfortably started with coding and testing their changes in Kubernetes-containerized environments (workspaces), and deploying their apps to the Platform.
Docker provides PODA (Package Once Deploy Anywhere) and complements WORA (Write Once Run Anywhere) provided by Java. It also helps you reduce the impedance mismatch between dev, test, and production environment and simplifies Java application deployment.
This session will explain how to:
* Run your first Java application with Docker
* Package your Java application with Docker
* Share your Java application using Docker Hub
* Deploy your Java application using Maven
* Deploy your application using Docker for AWS
* Scale Java services with Docker Engine swarm mode
* Package your multi-container application and use service discovery
* Monitor your Docker + Java applications
* Build a deployment pipeline using common tools
This presentation is from the 2016 Enterprise Roadshow series in North America and Europe. This presentation explains the Docker enterprise solution including Containers as a Service workflows powered by Docker Datacenter and the integration with HPE to deliver a container platform on hybrid cloud infrastructure.
Learn more: www.docker.com/enterprise
DCEU 18: Continuous Delivery with Docker Containers and Java: The Good, the B...Docker, Inc.
Daniel Bryant - Product Architect, Datawire
Implementing a continuous delivery (CD) pipeline for Java applications is not trivial, and the introduction of container technology to the development stack can introduce additional challenges and requirements. In this talk we will look at the high-level steps that are essential for creating an effective pipeline for creating and deploying Docker container-based Java applications. Key takeaways include: - The impact of using Docker containers on Java and Continuous Delivery - The benefits and challenges of packaging containerised Java applications - Options for adding metadata to container images - Validating nonfunctional/operational requirement changes imposed by executing Java applications within a container - Lessons learned the hard way (in production, at 3am, with lots of coffee)
Docker Enterprise Edition (EE) is a secure, scalable, and supported container platform for building and orchestrating applications across multi-tenant Linux and Windows environments. Join Docker product managers as they dive into how Docker EE addresses challenges faced by enterprise customers, as well as the technical architecture of the solution. They will also walk through demos for the latest and upcoming features around application runtime and image management.
Practical Design Patterns in Docker NetworkingDocker, Inc.
Migrating an application to Docker creates an opportunity to utilize new networking topologies and features, which can provide new functionality to an existing application. This talk will provide an overview of Docker networking with a focus on the architectural choices when migrating applications. Taking sample applications we will look at the existing networking topology and cover the options available to create a simple migration and provide additional functionality.
Overview of Docker 1.11 features(Covers Docker release summary till 1.11, runc/containerd, dns load balancing ipv6 service discovery, labels, macvlan/ipvlan)
This talk will focus on a brief history, including a demo and overview of how we at Superbalist use Kubernetes, and how Kubernetes uses Docker, does load balancing, deployments, and data migrations.
Talk from Cape Town DevOps meetup on Jun 21, 2016:
https://www.meetup.com/Cape-Town-DevOps/events/231530172/
Code: https://github.com/zoidbergwill/kubernetes-examples
Slides as markdown: http://www.zoidbergwill.com/presentations/2016/kubernetes-1.2-and-spread/index.md
DCEU 18: From Legacy Mainframe to the Cloud: The Finnish Railways Evolution w...Docker, Inc.
Niko Virtala - Cloud Architect, VR Group (Finnish Railways)
In 2016, Finnish Railways reservation system and many other systems were monolithic applications running on mainframe or local datacenters. They began a containerization project focused on modernizing the reservation system. The invest paid off. Today, they have containerized multiple applications, running both on-premises and on AWS today. That’s allowed Finland’s leading public transport agency to shut down a data center and become a technology innovator. In this session, Finnish Rail will explain the processes and tools they used to build a multi-cloud strategy that lets them take advantage of geo-location and cost advantages to run in AWS, Azure and soon Google Cloud. You’ll learn: - How to implement a successful multi-cloud deployment - What challenges you can expect to face along the way - The processes and tools that are critical part of a successful project.
Terms cloud-native & microservice architecture have been used interchangeably for years. Microservices have benefits, but also bring challenges, so are they really the go-to solution in all cases? Better understanding & some failed projects led to an evaluation of the suitability of microservices, and resulted in new interest in the various architecture styles in the cloud. We'll look at microservices and monoliths in the context of cloud-native.
OpenShift Virtualization - VM and OS Image LifecycleMihai Criveti
Building and packaging OS Images with KVM, qemu-img and podman and deploying them onto Kubernetes and KubeVirt with OpenShift Virtualization
Build and create images using Hashicorp Packer and Kickstart - create layered images for multiple cloud providers.
Building a secure image pipeline with Ansible. Generating secure OS images for OpenShift Virtualization. Creating a immutable image pipeline with Ansible, OpenSCAP, Packer, Molecule and Vagrant. Packaging OS images for consumption to OpenShift Virtualization.
Presentation materials from the webinar I did on 29 April 2020 as part of the Azure Apps Webinar Series. Sharing from our own software development team’s experience, I talked about how to improve and optimize the developer’s experience working in Kubernetes/AKS.
Yuvraj Mehta - Group Product Manager, Docker
Steve Richards - Solutions Architect, Docker
Creating a Secure Supply Chain for your applications is vitally important for a compliant and smooth-running application development organization. Every organization needs to understand where their container images come from, who has access to them, understand the security risks to weigh ALL options available before deploying . In this session, we will take a closer look at how Docker Enterprise helps developers, DevOps and DevSecOps teams securely Build and Ship applications through the software pipeline. We’ll dive into security features of the platform’s private registry Image Signing which provides authenticity for image sources and Image Scanning which provides insight into any vulnerabilities. We’ll also look at how this can be automated by policy and seamlessly integrated with your software pipeline to provide a succinct audit trail.
DCEU 18: Developing with Docker ContainersDocker, Inc.
Laura Frank Tacho - Director of Engineering, CloudBees
Wouldn't it be great for a new developer on your team to have their dev environment totally set up on their first day? What about having the confidence that your dev environment mirrors testing and prod? Containers enable this to become reality, along with other great benefits like keeping dependencies nice and tidy and making packaged code easier to share. Come learn about the ways containers can help you build and ship software easily, and walk away with two actionable steps you can take to start using Docker containers for development.
DCEU 18: Docker Enterprise Platform and ArchitectureDocker, Inc.
Jean Rouge - Sr. Software Engineer, Docker
David Yu - Product Manager, Docker
Docker Enterprise is an enterprise container platform for developers and IT admins building and managing container applications. The platform includes integrated orchestration (Swarm and Kubernetes), advanced private image registry, and centralized admin console to secure, troubleshoot, and manage containerized applications. This talk will focus on the Docker Enterprise platform's technical architecture, key features and use cases it is designed to support. Key areas covered in this session: -Latest features and enhancements -Security and Compliance - how to ensure oversight and validate applications for different compliance regulations -Operational Insight - how to identify and troubleshoot issues in your container environment -Integrated Technology - the technologies are supported and can be run with Docker Enterprise -Policy-based Automation - how to scale container environments through automated policies.
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
This is part 1 of my Kubernetes architecture deep-dive slide series.
I have been working with Kubernetes for more than a year, from v1.3.6 to v1.6.7, and I am a CNCF certified Kubernetes administrator. Before I move on to something else, I would like to summarize and share my knowledges and take-aways about Kubernetes, from a software engineer perspective.
This set of slides is a humble dig into one level below your running application in production, revealing how different components of Kubernetes work together to orchestrate containers and present your applications to the rest of the world.
The slides contains 80+ external links to Kubernetes documentations, blog posts, Github issues, discussions, design proposals, pull requests, papers, source code files I went through when I was working with Kubernetes - which I think are valuable for people to understand how Kubernetes works, Kubernetes design philosophies and why these design came into places.
Developer joy for distributed teams with CodeReady Workspaces | DevNation Tec...Red Hat Developers
Enabling teams on projects has been often challenging due to hardware configurations, software dependencies, and lack of documentation. In this session, we'll show you how admins can easily provide CodeReady Workspaces, a multi-tenant in-browser IDE system on top of OpenShift. CodeReady Workspaces can get Developers comfortably started with coding and testing their changes in Kubernetes-containerized environments (workspaces), and deploying their apps to the Platform.
Docker provides PODA (Package Once Deploy Anywhere) and complements WORA (Write Once Run Anywhere) provided by Java. It also helps you reduce the impedance mismatch between dev, test, and production environment and simplifies Java application deployment.
This session will explain how to:
* Run your first Java application with Docker
* Package your Java application with Docker
* Share your Java application using Docker Hub
* Deploy your Java application using Maven
* Deploy your application using Docker for AWS
* Scale Java services with Docker Engine swarm mode
* Package your multi-container application and use service discovery
* Monitor your Docker + Java applications
* Build a deployment pipeline using common tools
This presentation is from the 2016 Enterprise Roadshow series in North America and Europe. This presentation explains the Docker enterprise solution including Containers as a Service workflows powered by Docker Datacenter and the integration with HPE to deliver a container platform on hybrid cloud infrastructure.
Learn more: www.docker.com/enterprise
DCEU 18: Continuous Delivery with Docker Containers and Java: The Good, the B...Docker, Inc.
Daniel Bryant - Product Architect, Datawire
Implementing a continuous delivery (CD) pipeline for Java applications is not trivial, and the introduction of container technology to the development stack can introduce additional challenges and requirements. In this talk we will look at the high-level steps that are essential for creating an effective pipeline for creating and deploying Docker container-based Java applications. Key takeaways include: - The impact of using Docker containers on Java and Continuous Delivery - The benefits and challenges of packaging containerised Java applications - Options for adding metadata to container images - Validating nonfunctional/operational requirement changes imposed by executing Java applications within a container - Lessons learned the hard way (in production, at 3am, with lots of coffee)
Docker Enterprise Edition (EE) is a secure, scalable, and supported container platform for building and orchestrating applications across multi-tenant Linux and Windows environments. Join Docker product managers as they dive into how Docker EE addresses challenges faced by enterprise customers, as well as the technical architecture of the solution. They will also walk through demos for the latest and upcoming features around application runtime and image management.
Practical Design Patterns in Docker NetworkingDocker, Inc.
Migrating an application to Docker creates an opportunity to utilize new networking topologies and features, which can provide new functionality to an existing application. This talk will provide an overview of Docker networking with a focus on the architectural choices when migrating applications. Taking sample applications we will look at the existing networking topology and cover the options available to create a simple migration and provide additional functionality.
Overview of Docker 1.11 features(Covers Docker release summary till 1.11, runc/containerd, dns load balancing ipv6 service discovery, labels, macvlan/ipvlan)
This talk will focus on a brief history, including a demo and overview of how we at Superbalist use Kubernetes, and how Kubernetes uses Docker, does load balancing, deployments, and data migrations.
Talk from Cape Town DevOps meetup on Jun 21, 2016:
https://www.meetup.com/Cape-Town-DevOps/events/231530172/
Code: https://github.com/zoidbergwill/kubernetes-examples
Slides as markdown: http://www.zoidbergwill.com/presentations/2016/kubernetes-1.2-and-spread/index.md
Do any VM's contain a particular indicator of compromise? E.g. Run a YARA signature over all executables on my virtual machines and tell me which ones match.
CERN OpenStack Cloud Control Plane - From VMs to K8sBelmiro Moreira
CERN is the home of the Large Hadron Collider (LHC), a 27km circular proton accelerator that generates petabytes of physics data every year. To process all this data, CERN runs an OpenStack Cloud (>300K cores) that helps scientists all around the world to unveil the mysteries of the Universe. The Infrastructure is also used to run all the IT services of the Organization.
Delivering these services, with high performance and reliable service levels has been one of the major challenges for the CERN Cloud engineering team. We have been constantly iterating the architecture and deployment model of the Cloud control plane.
In this presentation we will describe the different control plane architecture models that we relied over the years. Finally, we will describe all the work done to move the OpenStack Cloud control plane from VMs into a kubernetes cluster. We will report about our experience running this architecture at scale, its advantages and challenges.
Are you a Java developer wondering what it means to have your application running in the cloud. This session will provide a peek into how the JVM is adapting to running in the cloud and what Java developers need to be aware to ensure they get the most of running in the cloud.
The session will pick an example spring application and tune it stage by stage at the end of which we have an application that is fully optimized and takes advantage of every aspect of the running in a cloud
This talk (delivered at QConLondon 2016) covers the evolution of Coursera's nearline architecture, delves into our latest generation system, and then covers the flagship application of the architecture (evaluating programming assignments).
Monitoring Docker at Scale - Docker San Francisco Meetup - August 11, 2015Datadog
In this session I showed building a multi-container app from beginning to end, using Docker, Docker-Machine, Docker-Compose and everything in between. You can even try it out yourself using the link in the deck to a repo on GitHub.
Get you Java application ready for Kubernetes !Anthony Dahanne
In this demos loaded talk we’ll explore the best practices to create a Docker image for a Java app (it’s 2019 and new comers such as Jib, CNCF buildpacks are interesting alternatives to Docker builds !) - and how to integrate best with the Kubernetes ecosystem : after explaining main Kubernetes objects and notions, we’ll discuss Helm charts and productivity tools such as Skaffold, Draft and Telepresence.
Presentation at March 2019 Dutch Postgres User Group Meetup on lessons learnt while migrating from Oracle to Postgres, demo'ed via vagrant test environments and using generic pgbench datasets.
OSDC 2015: Martin Gerhard Loschwitz - Kristian Köhntopp | 45 Minutes of OpenS...NETWAYS
OpenStack has been dominating the news on Open Source cloud computing for more than two years now - and there is no end in sight for the hype. If you have been looking into cloud computing, you will most likely have considered OpenStack as a possible solution. You will also have heard success stories of large organizations such as Rackspace or CERN. And of course people told you about all the glittering parties held during the semi-annual OpenStack summits.
What you probably haven't heard that often are stories about all the occasions where OpenStack will blow up right in your face. At SysEleven, we've been working on an OpenStack platform for more than a year now - and we would like to share our experiences with you in this presentation. We'll explain why we have decided to go with OpenStack in the first place, what problems we have ran into and how we solved them. We'll demonstrate what our platform looks like at the moment and what challenges we are currently working on. At the end, you will have a better understanding of what OpenStack means for ISPs and what kind of trouble you are signing up for when becoming an OpenStacker.
OSDC 2015: Martin Gerhard Loschwitz - Kristian Köhntopp | 45 Minutes of OpenS...NETWAYS
OpenStack has been dominating the news on Open Source cloud computing for more than two years now - and there is no end in sight for the hype. If you have been looking into cloud computing, you will most likely have considered OpenStack as a possible solution. You will also have heard success stories of large organizations such as Rackspace or CERN. And of course people told you about all the glittering parties held during the semi-annual OpenStack summits.
What you probably haven't heard that often are stories about all the occasions where OpenStack will blow up right in your face. At SysEleven, we've been working on an OpenStack platform for more than a year now - and we would like to share our experiences with you in this presentation. We'll explain why we have decided to go with OpenStack in the first place, what problems we have ran into and how we solved them. We'll demonstrate what our platform looks like at the moment and what challenges we are currently working on. At the end, you will have a better understanding of what OpenStack means for ISPs and what kind of trouble you are signing up for when becoming an OpenStacker.
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey GordeychikCODE BLUE
The boom of AI brought to the market a set of impressive solutions both on the hardware and software side. On the other hand, massive implementation of AI in various areas brings about problems, and security is one of the greatest concerns.
In this talk we will present results of hands-on vulnerability research of different components of AI infrastructure including NVIDIA DGX GPU servers, ML frameworks such as Pytorch, Keras and Tensorflow, data processing pipelines and specific applications, including Medical Imaging and face recognition powered CCTV. Updated Internet Census toolkit based on the Grinder framework will be introduced.
Using Kubernetes for Continuous Integration and Continuous DeliveryCarlos Sanchez
Learn how to scale your Continuous Integration and Continuous Delivery environment using containers. The Kubernetes project provides a container orchestration solution that greatly simplifies app deployments in large clusters and you can use Jenkins and Kubernetes together to run jobs on-demand.
Building and testing is a great use case for containers, both due to the dynamic and isolation aspects, but it increases complexity when scaling to multiple nodes and clusters.
Jenkins is an example of an application that can take advantage of Kubernetes technology to run Continuous Integration and Continuous Delivery workloads. Jenkins and Kubernetes can be integrated to transparently use on demand containers to run build agents and jobs, and isolate job execution. It also supports CI/CD-as-code using Jenkins Pipelines and automated deployments to Kubernetes clusters. The presentation will allow a better understanding of how to use Jenkins on Kubernetes for container based, totally dynamic, large scale CI and CD.
Using Kubernetes for Continuous Integration and Continuous Delivery. Java2daysCarlos Sanchez
Learn how to scale your Continuous Integration and Continuous Delivery environment using containers. The Kubernetes project provides a container orchestration solution that greatly simplifies app deployments in large clusters and you can use Jenkins and Kubernetes together to run jobs on-demand.
Building and testing is a great use case for containers, both due to the dynamic and isolation aspects, but it increases complexity when scaling to multiple nodes and clusters.
Jenkins is an example of an application that can take advantage of Kubernetes technology to run Continuous Integration and Continuous Delivery workloads. Jenkins and Kubernetes can be integrated to transparently use on demand containers to run build agents and jobs, and isolate job execution. It also supports CI/CD-as-code using Jenkins Pipelines and automated deployments to Kubernetes clusters. The presentation will allow a better understanding of how to use Jenkins on Kubernetes for container based, totally dynamic, large scale CI and CD.
Cloud Native ClickHouse at Scale--Using the Altinity Kubernetes Operator-2022...Altinity Ltd
Over the last few years Kubernetes has transitioned from an object of curiosity and fear to a robust platform for big data. Watch this webinar and you will learn how the Altinity Kubernetes Operator for ClickHouse enables users to run high performance analytics on ClickHouse. You will see a simple installation and teach you how to scale it into a cluster that can analyze 100s of terabytes of data. Along the way we’ll share our lessons for ClickHouse on Kubernetes in Altinity.Cloud. We built it on Kubernetes using the Altinity Operator and now run hundreds of clusters in the cloud. You can too!
Similar to Replatforming Legacy Packaged Applications: Block-by-Block with Minecraft (20)
The Tanzu Developer Connect is a hands-on workshop that dives deep into TAP. Attendees receive a hands on experience. This is a great program to leverage accounts with current TAP opportunities.
The Tanzu Developer Connect is a hands-on workshop that dives deep into TAP. Attendees receive a hands on experience. This is a great program to leverage accounts with current TAP opportunities.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Modern design is crucial in today's digital environment, and this is especially true for SharePoint intranets. The design of these digital hubs is critical to user engagement and productivity enhancement. They are the cornerstone of internal collaboration and interaction within enterprises.
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Hivelance Technology
Cryptocurrency trading bots are computer programs designed to automate buying, selling, and managing cryptocurrency transactions. These bots utilize advanced algorithms and machine learning techniques to analyze market data, identify trading opportunities, and execute trades on behalf of their users. By automating the decision-making process, crypto trading bots can react to market changes faster than human traders
Hivelance, a leading provider of cryptocurrency trading bot development services, stands out as the premier choice for crypto traders and developers. Hivelance boasts a team of seasoned cryptocurrency experts and software engineers who deeply understand the crypto market and the latest trends in automated trading, Hivelance leverages the latest technologies and tools in the industry, including advanced AI and machine learning algorithms, to create highly efficient and adaptable crypto trading bots
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
2. Agenda
• Why Minecraftas an example?
• Earlystepstowardsmodernization:
• Minecraftona VM
• MinecraftonDocker
• Assessingcurrentstate
• Migrating to Tanzu KubernetesGrid(TKG)
• Initialperformancegoals
• SolvingforI/O
• vSphere CPI / CSI
• StorageClasses, PersistentVolumes, and PVCs, OH MY
• AccessingMinecraftonK8sfromthe outsideworld
• K8srequests/ limits
• Final thoughts
3. WhyMinecraft as anexample?
• Java based, but closed source
• Effectivelysingle-threaded
• Mostactionsinworldtake placewithina single“tick”
• Breaking blocks
• Placing blocks
• What the various blocks aredoing (SIGNIFICANT in modded Minecraft)
• What monsters and creatures aredoing
• Ticksaredesignedtorunwithin50ms
• If actions in a tick run longer than 50ms, ticks will be skipped!
• Skipped ticks perceived as lag
• Brokenblocksre-appear,placedblocksdisappear,playerslocationcan shiftbackwards
• Significantpersistentdiskrequirements
• The world itself
• The all-important backups!
5. Minecraft on aVM(KVM)
• Initialsteps at isolating Minecraft workload:
• QEMU+KVMon Ubuntu
• QCOW on ZFS +Spinning Rust
• This worked for a couple of years… But too slow ona Xeon E5-2620v2:
[minecraft/MinecraftServer]: Can't keep up! Did the system time change, or is the server overloaded? Running 23690ms behind, skipping 473 tick(s)
6. Minecraft on Docker
• Isolated(ish) from underlyingOS
• Allowed nearbare-metal performance
• Allowed easier access to both fast (SSD) and slow (ZFS) storage
• Fast storage for the world
• Slow storage forbackups
• Still using bindmounts because this predates volumes in Docker…
# dockerfile
FROM openjdk:8-jdk-slim
ENV MOTD="Minecraft Server: Enigmatica2"
ENV MAP=world
ENV DIFFICULTY=2
ENV GAMEMODE=0
ENV MAXPLAYERS=20
ENV PVP=true
ENV VIEWDISTANCE=10
ENV HARDCORE=false
RUN apt-get update && apt-get install -y wget unzip gosu
RUN addgroup --gid 1234 minecraft
RUN adduser --disabled-password --home=/home/minecraft/enigmatica2 --uid 1234
--gid 1234 --gecos "minecraft user" minecraft
RUN mkdir /tmp/enigmatica2 && cd /tmp/enigmatica2 &&
wget -q -c <snipped>
unzip Enigmatica2Server.zip &&
rm Enigmatica2Server.zip &&
echo "eula=true" > eula.txt
ADD entrypoint.sh /entrypoint.sh
RUN chown minecraft:minecraft /entrypoint.sh
COPY mc-monitor /usr/local/bin/mc-monitor
COPY . /tmp/enigmatica2
RUN chown -R minecraft:minecraft /tmp/enigmatica2 &&
chmod +x /tmp/enigmatica2/ServerStartLinux.sh &&
chmod +x /entrypoint.sh &&
chmod +x /usr/local/bin/mc-monitor
WORKDIR /home/minecraft/enigmatica2
EXPOSE 25565
ENTRYPOINT ["/entrypoint.sh"]
docker run -d -it --name minecraft-enig-06
--mount type=bind,source=/var/minecraft/data/enigmatica2_pregen_bop_world/world,target=/home/minecraft/enigmatica2/world
--mount type=bind,source=/tank/isos/minecraft/worlds/enigmatica2_pregen_bop_world/backups,target=/home/minecraft/enigmatica2/backups
-p 0.0.0.0:25569:25565 -e DEFAULT_OP=Akirasoft -e MINECRAFT_EULA=true mvilliger/enigmatica2:1.77
7. Assessing current state
• Host and all containers on it automatically
monitored by Dynatrace
• CPU mostly ~6-8%(pegging a bit morethan a core
24/7)
• Modded Minecraft is a memoryhog
8. Assessing current state
• Need to tracktransaction response time and
throughput(tick time):
• CPUanalysis shows significant CPUin func_71217p
• Normally,we’d just decompile the class, but Minecraft
is obfuscated. Luckilythe Mod Coder Pack (MCP)*
exists, and can tell us about this method:
• Name: tick
• Description: Mainfunction called by run() every loop.
• So wecreate a custom service:
*http://export.mcpbot.bspk.rs/
17. AccessingMinecraft onK8s from theoutside world
• Ideallywe’d use NSX-Tbut I don’t havethat deployed yet, so MetalLB to the rescue!
• MetalLB requires configuration before it does anything,hereI just give it a pool of unusedIPs on myLAN
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 192.168.18.10-192.168.18.250
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/namespace.yaml
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/metallb.yaml
kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
18. AccessingMinecraft onK8s from theoutside world
• Now that we havea load balanceravailable, wecan create a service of type LoadBalancer:
• This provides access to LANclients, for myuse-case Iuse NAT/port-forwardingto provide access to the outside world
---
apiVersion: v1
kind: Service
metadata:
name: mc-enigmatica-server-service
labels:
app: mc-enigmatica-server
namespace: minecraft
spec:
type: LoadBalancer
ports:
- port: 25565
protocol: TCP
targetPort: 25565
selector:
app: mc-enigmatica-server
19. K8srequests andlimits
• Requests:
• Used by scheduler toplace pods on nodes
• If set to higher than node size, pods will never get scheduled (we need
XL worker nodes here!)
• We know Minecraft will use over acore, andquite a bit ofmemory
• Limits
• Exceeding memory limit will result in podbeing killed
• Exceeding CPUlimit willresult in pod being throttled
• butwecanmonitorforthatoccurring!
• Setting these tosane limits just over what our requests are
resources:
limits:
memory: 12Gi
cpu: 2000m
requests:
memory: 11Gi
cpu: 2000m
22. Final thoughts
• Thereare more complicated Minecraft Docker images out there,the most advanced is probably itzg/minecraft-server
(https://hub.docker.com/r/itzg/minecraft-server/)
• Sourcing hardware during a pandemic is hard. Some thoughts:
• From placedorder toworking environment took over 3months
• Hardware failures abounded:
• OneDOACPU thattook6weekstoreplaceduetonone existingin theUS
• Onefailed (melted)CPU socket,takinganotherCPU withit
• Bad CAT6cables causing sporadic vSANoutages
• If anyone wants tohop on the server, reach out tome on Twitter: @mikevilliger
• The new server is really fast!