My talk at Scala Bay Meetup at Netflix about Powering the Partner APIs with Scalatra and Netflix OSS. This talk was delivered on September 9th 2013, at 8 PM at Netflix, Los Gatos.
"Microservices" is one of the hottest buzzwords and, as usual, everyone wants them, but few know how to build them. In this talk we will offer our interpretation of microservice architecture, and show how we are implementing these ideas: using Scala, Akka, sbt and Docker, we modularized Akka applications, Spark jobs and Play servers.
In the talk we will discuss design trade-offs and challenges that we faced in the process, and how we have overcome them. The focus is not on particular features of Scala language or a library, but on building modern applications using the Typesafe stack and other open-source tools.
Big data event streaming is very common part of any big data Architecture. Of the available open source big data streaming technologies Apache Kafka stands out because of it realtime, distributed, and reliable characteristics. This is possible because of the Kafka Architecture. This talk highlights those features.
With Apache Kafka 0.9, the community has introduced a number of features to make data streams secure. In this talk, we’ll explain the motivation for making these changes, discuss the design of Kafka security, and explain how to secure a Kafka cluster. We will cover common pitfalls in securing Kafka, and talk about ongoing security work.
DevOps Days Tel Aviv - Serverless ArchitectureAntons Kranga
Slides from Serverless Architecture with AWS workshop that has been delivered in Tel Aviv at December 2016 and XP Days in Kyiv at November. We go in details about AWS Lambda and give few implementation blueprints targeted to web applications
"Microservices" is one of the hottest buzzwords and, as usual, everyone wants them, but few know how to build them. In this talk we will offer our interpretation of microservice architecture, and show how we are implementing these ideas: using Scala, Akka, sbt and Docker, we modularized Akka applications, Spark jobs and Play servers.
In the talk we will discuss design trade-offs and challenges that we faced in the process, and how we have overcome them. The focus is not on particular features of Scala language or a library, but on building modern applications using the Typesafe stack and other open-source tools.
Big data event streaming is very common part of any big data Architecture. Of the available open source big data streaming technologies Apache Kafka stands out because of it realtime, distributed, and reliable characteristics. This is possible because of the Kafka Architecture. This talk highlights those features.
With Apache Kafka 0.9, the community has introduced a number of features to make data streams secure. In this talk, we’ll explain the motivation for making these changes, discuss the design of Kafka security, and explain how to secure a Kafka cluster. We will cover common pitfalls in securing Kafka, and talk about ongoing security work.
DevOps Days Tel Aviv - Serverless ArchitectureAntons Kranga
Slides from Serverless Architecture with AWS workshop that has been delivered in Tel Aviv at December 2016 and XP Days in Kyiv at November. We go in details about AWS Lambda and give few implementation blueprints targeted to web applications
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostStreamNative
We examine real-world architectural patterns involving Apache Pulsar to automate the creation of function and pub/sub flows for improved operational scalability and ease of management. We’ll cover CI/CD automation patterns and reveal our innovative approach of leveraging streaming data to create a self-service platform that automates the provisioning of new users. We will also demonstrate the innovative approach of creating function flows through patterns and configuration, enabling non-developer users to create entire function flows simply by changing configurations. These patterns enable us to drive the automation of managing Pulsar to a whole new level. We also cover CI/CD for on-prem, GCP, and AWS users.
This is Part 2 of this presentation: https://www.youtube.com/watch?v=pmaCG...
In summary, we will cover:
CI/CD for on-prem, GCP, and AWS users
Automated creation of function flows by configuration
Automated provisioning of pub/sub users and topics
Architectural patterns and best practices that enable automation
Overstock has leveraged Pulsar as the backbone of a self-service data fabric, a unified data platform to enable users to publish and consume data across the company and integrate with other services. We utilized Pulsar to solve a data governance problem, and Pulsar has performed marvelously. To support our real-world production use cases, we have developed message flows, integrations, and architectural patterns to solve common use cases, maximize value, simplify ease-of-use, automate management, and unify company data and services around this new platform.
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014Amazon Web Services
If you have tried Docker but are unsure about how to run it at scale, you will benefit from this session. Like virtualization before, containerization (à; la Docker) is increasing the elastic nature of cloud infrastructure by an order of magnitude. But maybe you still have questions: How many containers can you run on a given Amazon EC2 instance type? Which metric should you look at to measure contention? How do you manage fleets of containers at scale?
Datadog is a monitoring service for IT, operations, and development teams who write and run applications at scale. In this session, the cofounder of Datadog presents the challenges and benefits of running containers at scale and how to use quantitative performance patterns to monitor your infrastructure at this magnitude and complexity. Sponsored by Datadog.
Building a serverless company on AWS lambda and Serverless frameworkLuciano Mammino
Planet9energy.com is a new electricity company building a sophisticated analytics and energy trading platform for the UK market. Since the earliest draft of the platform, we took the unconventional decision to go serverless and build the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk, I want to discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite self-scalability and the peace of mind of not having to manage hundreds of servers. Finally, we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Technologies:
Backend
Frontend
Application architecture
Javascript
cloud computing
Re:invent 2016 Container Scheduling, Execution and AWS Integrationaspyker
Members from over all over the world streamed over forty-two billion hours of Netflix content last year. Various Netflix batch jobs and an increasing number of service applications use containers for their processing. In this session, Netflix presents a deep dive on the motivations and the technology powering container deployment on top of Amazon Web Services. The session covers our approach to resource management and scheduling with the open source Fenzo library, along with details of how we integrate Docker and Netflix container scheduling running on AWS. We cover the approach we have taken to deliver AWS platform features to containers such as IAM roles, VPCs, security groups, metadata proxies, and user data. We want to take advantage of native AWS container resource management using Amazon ECS to reduce operational responsibilities. We are delivering these integrations in collaboration with the Amazon ECS engineering team. The session also shares some of the results so far, and lessons learned throughout our implementation and operations.
Overcoming the Perils of Kafka Secret Sprawl (Tejal Adsul, Confluent) Kafka S...confluent
Secrets are indisputably the biggest risk area in the authentication arena and Apache Kafka is no exception. Kafka services are typically configured using properties files which contain plain text secret configurations, upon startup these configurations are transmitted in clear text to different components, stored in filesystem, internal topics and logs thus creating a secret sprawl.
This talk will deep dive into how we can eliminate this secret sprawl by adding Config Providers to integrate with centralized management systems such as Vault, Keywhiz, or AWS Secrets Manager.
We’ll cover
Security implications of clear text secrets and secret sprawl
Insecure parsing of secrets configurations in Kafka
Know how about Kafka Config Providers
Centralized Management Systems
How to secure Kafka with CP and CMS
Trust but Verify ~ Demo
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsPeter Ss
I talk about deploying complex, multi-layer applications in Kuberentes.
I describe how Kubernetes AppController project (https://github.com/Mirantis/k8s-AppController) can be leveraged to enhance such deployments
Riga dev day: Lambda architecture at AWSAntons Kranga
My recent talk at Riga DevDay about Lambda architect at AWS. It illustrates few design simplifications that we can get when we implement Lambda Architecture in Cloud Native way
NATS: Simple, Secure and Scalable Messaging For the Cloud Native Erawallyqs
The majority of middleware and messaging systems in use were built in a time that did not have the concept of scale and real-time data that developers operate in today.
With the rise of Cloud Native and Microservices architectures as a design principle and the emphasis on simplicity, speed, and flexibility that come with it, developers need a messaging protocol to match.
Enter NATS. NATS is a remarkably lightweight messaging protocol, and extremely flexible and resilient. It is just a few MB in size, and can scale to publish tens of millions of message from a single server.
Lessons learned from writing over 300,000 lines of infrastructure codeYevgeniy Brikman
This talk is a concise masterclass on how to write infrastructure code. I share key lessons from the “Infrastructure Cookbook” we developed at Gruntwork while creating and maintaining a library of over 300,000 lines of infrastructure code that’s used in production by hundreds of companies. Come and hear our war stories, laugh about all the mistakes we’ve made along the way, and learn what Terraform, Packer, Docker, and Go look like in the wild.
Building Out Your Kafka Developer CDC Ecosystemconfluent
Building Out Your Kafka Developer CDC Ecosystem, Neil Buesing, VP of Streaming Technologies for Object Partners (OPI)
Meetup Link: https://www.meetup.com/TwinCities-Apache-Kafka/events/272944023/
My presentation about Serverless Architectures in JavaDay Lviv, June 2016. It covers AWS Lambda and related AWS Services. LiveDemo have got terraform and apex.
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)Amazon Web Services
Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as the ECS CLI and Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for building and workflow orchestration; Amazon EC2 Container Registry to store your container images; and Amazon EC2 Container Service to manage and scale containers. In this session, you will learn how to build containers into your development workflow and orchestrate container deployments using Amazon ECS. You will hear how Okta runs 30,000 tests per developer commit and releases 10,000 new lines of code each week to production with a CI system based on 100% AWS services. We'll also discuss how Okta uses ECS for parallelized testing in CI and for production microservices in a multi-region, always on cloud service.
Watch this talk here: https://www.confluent.io/online-talks/how-apache-kafka-works-on-demand
Pick up best practices for developing applications that use Apache Kafka, beginning with a high level code overview for a basic producer and consumer. From there we’ll cover strategies for building powerful stream processing applications, including high availability through replication, data retention policies, producer design and producer guarantees.
We’ll delve into the details of delivery guarantees, including exactly-once semantics, partition strategies and consumer group rebalances. The talk will finish with a discussion of compacted topics, troubleshooting strategies and a security overview.
This session is part 3 of 4 in our Fundamentals for Apache Kafka series.
KSQL and Security: The Current State of Affairs (Victoria Xia, Confluent) Kaf...confluent
As KSQL-users move from development to production, security becomes an important consideration. Because KSQL is built on top of Kafka Streams, which in turn is built on top of Kafka Consumers and Producers, KSQL can leverage existing security functionality, including SSL encryption and SASL authentication in communications with Kafka brokers. However, authentication and authorization between KSQL servers and KSQL clients is a different story. As of December 2018, SSL for communication between KSQL clients and servers is enabled for the REST API, but not yet for the CLI. By April 2019, SSL will be supported in the KSQL CLI, and additional security functionality including SASL authentication, ACLs, audit logs, and RBAC will be in the works as well. This talk will cover the security options available for KSQL, including any new options added by April 2019, and will also include a preview of features to come. Audience members will leave with an understanding of what security features are currently available, how to configure them, current limitations, and upcoming features. The talk may also include common pitfalls and tips for debugging a KSQL security setup.
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at NetflixManish Pandit
In this talk I’d like to introduce the Scala-based API stack at Partner Innovation Group at Netflix. After seeing a massive growth in the business model and the device ecosystem, we needed a system that could scale and be flexible at the same time. Scala provided the answer and we started with a basic set of APIs which, since then, has evolved towards complex but flexible business flows. Supporting metadata for over hundreds of brands and thousands of devices, the API development has followed a well thought-out, test-driven approach, git-flow, and what most API developers dread – documentation. I will talk about the architecture of the RESTful APIs, and the development + deployment process. We use Netflix-OSS components heavily in the architecture and cloud deployment, so I will cover them as well.
Swagger is what we used for type-safe documentation, which is really easy to use and integrate. I will briefly talk about customizations we’ve done to Swagger in order to make it far more usable at Netflix.
Throughout this effort there were lessons to be learnt, and plenty of best practices and recommendations for anyone starting out to build RESTful APIs, regardless of the platform or stack of choice. It’d be a great opportunity for me to walk through the architecture, and talk about the various components, technologies, and practices that are seeing increasing adoption in the modern, API driven landscape.
Scala.js is a compiler that compiles Scala source code to equivalent Javascript code. It can be seen as the start of a revolution in developing web application. In this talk, I'll present Scala.js project, common libraries for having a pleasure web development (such as scalatags, autowire and upickle) and integration with well known javascript libraries such as AngularJS and React.js.
Pulsar Architectural Patterns for CI/CD Automation and Self-Service_Devin BostStreamNative
We examine real-world architectural patterns involving Apache Pulsar to automate the creation of function and pub/sub flows for improved operational scalability and ease of management. We’ll cover CI/CD automation patterns and reveal our innovative approach of leveraging streaming data to create a self-service platform that automates the provisioning of new users. We will also demonstrate the innovative approach of creating function flows through patterns and configuration, enabling non-developer users to create entire function flows simply by changing configurations. These patterns enable us to drive the automation of managing Pulsar to a whole new level. We also cover CI/CD for on-prem, GCP, and AWS users.
This is Part 2 of this presentation: https://www.youtube.com/watch?v=pmaCG...
In summary, we will cover:
CI/CD for on-prem, GCP, and AWS users
Automated creation of function flows by configuration
Automated provisioning of pub/sub users and topics
Architectural patterns and best practices that enable automation
Overstock has leveraged Pulsar as the backbone of a self-service data fabric, a unified data platform to enable users to publish and consume data across the company and integrate with other services. We utilized Pulsar to solve a data governance problem, and Pulsar has performed marvelously. To support our real-world production use cases, we have developed message flows, integrations, and architectural patterns to solve common use cases, maximize value, simplify ease-of-use, automate management, and unify company data and services around this new platform.
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014Amazon Web Services
If you have tried Docker but are unsure about how to run it at scale, you will benefit from this session. Like virtualization before, containerization (à; la Docker) is increasing the elastic nature of cloud infrastructure by an order of magnitude. But maybe you still have questions: How many containers can you run on a given Amazon EC2 instance type? Which metric should you look at to measure contention? How do you manage fleets of containers at scale?
Datadog is a monitoring service for IT, operations, and development teams who write and run applications at scale. In this session, the cofounder of Datadog presents the challenges and benefits of running containers at scale and how to use quantitative performance patterns to monitor your infrastructure at this magnitude and complexity. Sponsored by Datadog.
Building a serverless company on AWS lambda and Serverless frameworkLuciano Mammino
Planet9energy.com is a new electricity company building a sophisticated analytics and energy trading platform for the UK market. Since the earliest draft of the platform, we took the unconventional decision to go serverless and build the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk, I want to discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite self-scalability and the peace of mind of not having to manage hundreds of servers. Finally, we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Technologies:
Backend
Frontend
Application architecture
Javascript
cloud computing
Re:invent 2016 Container Scheduling, Execution and AWS Integrationaspyker
Members from over all over the world streamed over forty-two billion hours of Netflix content last year. Various Netflix batch jobs and an increasing number of service applications use containers for their processing. In this session, Netflix presents a deep dive on the motivations and the technology powering container deployment on top of Amazon Web Services. The session covers our approach to resource management and scheduling with the open source Fenzo library, along with details of how we integrate Docker and Netflix container scheduling running on AWS. We cover the approach we have taken to deliver AWS platform features to containers such as IAM roles, VPCs, security groups, metadata proxies, and user data. We want to take advantage of native AWS container resource management using Amazon ECS to reduce operational responsibilities. We are delivering these integrations in collaboration with the Amazon ECS engineering team. The session also shares some of the results so far, and lessons learned throughout our implementation and operations.
Overcoming the Perils of Kafka Secret Sprawl (Tejal Adsul, Confluent) Kafka S...confluent
Secrets are indisputably the biggest risk area in the authentication arena and Apache Kafka is no exception. Kafka services are typically configured using properties files which contain plain text secret configurations, upon startup these configurations are transmitted in clear text to different components, stored in filesystem, internal topics and logs thus creating a secret sprawl.
This talk will deep dive into how we can eliminate this secret sprawl by adding Config Providers to integrate with centralized management systems such as Vault, Keywhiz, or AWS Secrets Manager.
We’ll cover
Security implications of clear text secrets and secret sprawl
Insecure parsing of secrets configurations in Kafka
Know how about Kafka Config Providers
Centralized Management Systems
How to secure Kafka with CP and CMS
Trust but Verify ~ Demo
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsPeter Ss
I talk about deploying complex, multi-layer applications in Kuberentes.
I describe how Kubernetes AppController project (https://github.com/Mirantis/k8s-AppController) can be leveraged to enhance such deployments
Riga dev day: Lambda architecture at AWSAntons Kranga
My recent talk at Riga DevDay about Lambda architect at AWS. It illustrates few design simplifications that we can get when we implement Lambda Architecture in Cloud Native way
NATS: Simple, Secure and Scalable Messaging For the Cloud Native Erawallyqs
The majority of middleware and messaging systems in use were built in a time that did not have the concept of scale and real-time data that developers operate in today.
With the rise of Cloud Native and Microservices architectures as a design principle and the emphasis on simplicity, speed, and flexibility that come with it, developers need a messaging protocol to match.
Enter NATS. NATS is a remarkably lightweight messaging protocol, and extremely flexible and resilient. It is just a few MB in size, and can scale to publish tens of millions of message from a single server.
Lessons learned from writing over 300,000 lines of infrastructure codeYevgeniy Brikman
This talk is a concise masterclass on how to write infrastructure code. I share key lessons from the “Infrastructure Cookbook” we developed at Gruntwork while creating and maintaining a library of over 300,000 lines of infrastructure code that’s used in production by hundreds of companies. Come and hear our war stories, laugh about all the mistakes we’ve made along the way, and learn what Terraform, Packer, Docker, and Go look like in the wild.
Building Out Your Kafka Developer CDC Ecosystemconfluent
Building Out Your Kafka Developer CDC Ecosystem, Neil Buesing, VP of Streaming Technologies for Object Partners (OPI)
Meetup Link: https://www.meetup.com/TwinCities-Apache-Kafka/events/272944023/
My presentation about Serverless Architectures in JavaDay Lviv, June 2016. It covers AWS Lambda and related AWS Services. LiveDemo have got terraform and apex.
AWS re:Invent 2016: Development Workflow with Docker and Amazon ECS (CON302)Amazon Web Services
Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as the ECS CLI and Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for building and workflow orchestration; Amazon EC2 Container Registry to store your container images; and Amazon EC2 Container Service to manage and scale containers. In this session, you will learn how to build containers into your development workflow and orchestrate container deployments using Amazon ECS. You will hear how Okta runs 30,000 tests per developer commit and releases 10,000 new lines of code each week to production with a CI system based on 100% AWS services. We'll also discuss how Okta uses ECS for parallelized testing in CI and for production microservices in a multi-region, always on cloud service.
Watch this talk here: https://www.confluent.io/online-talks/how-apache-kafka-works-on-demand
Pick up best practices for developing applications that use Apache Kafka, beginning with a high level code overview for a basic producer and consumer. From there we’ll cover strategies for building powerful stream processing applications, including high availability through replication, data retention policies, producer design and producer guarantees.
We’ll delve into the details of delivery guarantees, including exactly-once semantics, partition strategies and consumer group rebalances. The talk will finish with a discussion of compacted topics, troubleshooting strategies and a security overview.
This session is part 3 of 4 in our Fundamentals for Apache Kafka series.
KSQL and Security: The Current State of Affairs (Victoria Xia, Confluent) Kaf...confluent
As KSQL-users move from development to production, security becomes an important consideration. Because KSQL is built on top of Kafka Streams, which in turn is built on top of Kafka Consumers and Producers, KSQL can leverage existing security functionality, including SSL encryption and SASL authentication in communications with Kafka brokers. However, authentication and authorization between KSQL servers and KSQL clients is a different story. As of December 2018, SSL for communication between KSQL clients and servers is enabled for the REST API, but not yet for the CLI. By April 2019, SSL will be supported in the KSQL CLI, and additional security functionality including SASL authentication, ACLs, audit logs, and RBAC will be in the works as well. This talk will cover the security options available for KSQL, including any new options added by April 2019, and will also include a preview of features to come. Audience members will leave with an understanding of what security features are currently available, how to configure them, current limitations, and upcoming features. The talk may also include common pitfalls and tips for debugging a KSQL security setup.
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at NetflixManish Pandit
In this talk I’d like to introduce the Scala-based API stack at Partner Innovation Group at Netflix. After seeing a massive growth in the business model and the device ecosystem, we needed a system that could scale and be flexible at the same time. Scala provided the answer and we started with a basic set of APIs which, since then, has evolved towards complex but flexible business flows. Supporting metadata for over hundreds of brands and thousands of devices, the API development has followed a well thought-out, test-driven approach, git-flow, and what most API developers dread – documentation. I will talk about the architecture of the RESTful APIs, and the development + deployment process. We use Netflix-OSS components heavily in the architecture and cloud deployment, so I will cover them as well.
Swagger is what we used for type-safe documentation, which is really easy to use and integrate. I will briefly talk about customizations we’ve done to Swagger in order to make it far more usable at Netflix.
Throughout this effort there were lessons to be learnt, and plenty of best practices and recommendations for anyone starting out to build RESTful APIs, regardless of the platform or stack of choice. It’d be a great opportunity for me to walk through the architecture, and talk about the various components, technologies, and practices that are seeing increasing adoption in the modern, API driven landscape.
Scala.js is a compiler that compiles Scala source code to equivalent Javascript code. It can be seen as the start of a revolution in developing web application. In this talk, I'll present Scala.js project, common libraries for having a pleasure web development (such as scalatags, autowire and upickle) and integration with well known javascript libraries such as AngularJS and React.js.
Alberto Maria Angelo Paro - Isomorphic programming in Scala and WebDevelopmen...Codemotion
Scala is the only language that can be used to produce code that can be "trans/compiled" for the JVM, in Javascript and in native binary. This allows to write libraries that are usable in JVM and JS using the power of functional programming (i.e. cats, scalaz), generic programming (i.e. shapeless) and macro/scalameta available in Scala. In this talk, we will see how to write a Scala application backend and a SPA (scala.js/scala-js-react) that share the same code as a business logic, datamodels and transparent API call (JVM/JS) in Scala (via autowire/akka-http/circe).
Building and shipping iOS app could be a real challenge many developers have to solve. While there are plenty of solutions of continuous integration/delivery out there I will give an introduce to our build process and infrastructure based on Jenkins Pipelines and Fastlane running on Macstadium cloud services.
(ARC401) Cloud First: New Architecture for New InfrastructureAmazon Web Services
What do companies with internal platforms have to change to succeed in the cloud? The five pillars at the heart of IT solutions in the cloud are automation, fault tolerance, horizontal scalability, security, and cost-effectiveness. This talk discusses tools that facilitate the development and automate the deployment of secure, highly available microservices. The tools were developed using AWS CloudFormation, AWS SDKs, AWS CLI, Amazon RDS, and various open-source software such as Docker. The talk provides concrete examples of how these tools can help developers and architects move from beginning/intermediate AWS practitioners to cloud deployment experts.
Node.js and microservices go hand in hand. This comes mainly from the design of Node.js. It is a specialised small platform with an enormous package environment. The NPM ecosystem provides a lot of packages you can use to build your microservice. The two most popular frameworks for this job are Express and Seneca. In this talk I will show you how you can communicate synchronously and asynchronously with your microservices and how easy it is to put your Node.js application into a docker container.
Managed services such as AWS Lambda and API Gateway allow developers to focus on value adding development instead of IT heavy lifting. This workshop introduces how to build a simple REST blog backend using AWS technologies and the serverless framework.
Node.js vs Play Framework (with Japanese subtitles)Yevgeniy Brikman
Video: http://www.nicovideo.jp/watch/1410857293
Here's the showdown you've been waiting for: Node.js vs Play Framework. Both are popular open source web frameworks that are built for developer productivity, asynchronous I/O, and the real time web. But which one is easier to learn, test, deploy, debug, and scale? Should you pick Javascript or Scala? The Google v8 engine or the JVM? NPM or Ivy? Grunt or SBT? Two frameworks enter, one framework leaves.
This version of the presentation has Japanese subtitles. For the English only version, see http://www.slideshare.net/brikis98/nodejs-vs-play-framework
Serverless Architectures on AWS in practice - OSCON 2018Manish Pandit
From functions to containers to databases, serverless is a huge paradigm shift. The ability to only pay for what we use and not worry about underlying infrastructure is very tempting to developers and DevOps engineers, and the rate of innovation in this area has been very rapid across all major public cloud providers. Serverless architectures are the natural evolution of microservices design. While Lambda has become synonymous with serverless in AWS, there are several new and upcoming patterns that take serverless architectures to the next level.
Manish Pandit explains how to identify these patterns and put them to use. Using Marqeta’s efforts to move its payments infrastructure to the public cloud as an example, Manish explores the services that Marqeta considered, customized, hacked around, and successfully implemented as a part of this move.
Immutable AWS Deployments with Packer and JenkinsManish Pandit
In this session I will talk about Immutable Deployments - which have become almost essential in the world of Microservices. As the frequency of deployments across multiple services increases with increasing granularity, it is critical to have repeatable, predictable and immutable deployments serving our customers. In practice, this is achieved via several DevOps tools. We will use Hashicorp Packer (packer.io) and Jenkins to build a simple, immutable AWS deployment of a hello-world microservice. Familiarity with AWS is recommended but not required for this talk.
AWS Lambda with Serverless Framework and JavaManish Pandit
Serverless is a node.js based framework that makes creating, deploying, and managing serverless functions a breeze. We will use AWS Lambda as our FaaS (Function-as-a-Service) provider, although Serverless supports IBM OpenWhisk and Microsoft Azure as well.
In this session, we will talk about Serverless Applications, and Create and deploy a java-maven based AWS Lambda API. We will also explore the command line interface to manage lambda, which is provided out of the box by serverless framework.
Securing your APIs with OAuth, OpenID, and OpenID ConnectManish Pandit
As products and companies move towards IoT model, users and machines alike need to interact with various APIs. Securing these APIs in a connected world can be a challenge faced by many. Fortunately, there are open standards addressing even the most complex of use cases - OAuth, OpenID and OpenID Connect happen to be widely adopted and have a growing support across many API and Identity Providers. In this session I'll talk about these standards, and walk through common use cases/flows from an API Provider as well as consumer's side. We will explore how these standards come together to not only secure the APIs, but also manage identity.
APIs have become a part of the product ecosystem - and help the businesses by extending their developer base, and offering seamless integration with other services or products. Sometimes, the APIs themselves are the product. However, with so many APIs around, patterns emerge. Patterns are repeatable, reusable solutions to commonly occurring problems. Where there are patterns, there are also antipatterns. While APIs are not a new paradigm - there are no set standards or specifications formed by a committees or governing bodies for APIs. On top of this, the APIs are often built at various stages of the product, and have a good chance of being disjoint as more are added. In this talk Netflix engineers will discuss various antipatterns that creep into the API design and implementation, and how to identify and avoid them. They will also share their experiences with building APIs. While the antipatterns do not pose as big a functional challenge, they can and do impact integration efforts, scalability and performance among other things. After this session, you should be able to get familiar with the best practices around solving the most common patterns, and make your engineers and API consumers happy!
Building Apis in Scala with Playframework2Manish Pandit
My talk at Silicon Valley Code Camp 2013.
Two years ago I gave a talk on PlayFramework with Java at SVCC. As with everything, PlayFramework has evolved into a far mature ecosystem with native Scala support, and Typesafe backing. PlayFramework 2 is a simple, MVC-based, convention over configuration web application framework for Java and Scala. It is rapidly gaining popularity as more and more companies are adopting it for building scalable, performant, share-nothing architectures. In this talk I'll cover the fundamentals of Play! Framework2, a brief overview of Scala, and demonstrate building a simple, RESTful API. This will be a very interactive, and hands-on session. It'd be awesome if you have played around with Scala, but if you have not, the scope of this talk does not require you to be a Scala expert. It will however be very useful if you've worked with other Web Application Frameworks like Jersey, CXF, etc. so you can cross-relate the concepts.
Introducing Scala to your Ruby/Java Shop : My experiences at IGNManish Pandit
With the move to SOA, IGN's API engineering became a traditional Java/Ruby shop. We introduced Scala to the team in August '11. As of April '12 we have our major services running on Scala, and we could not be happier. I'll talk about the strategic & tactical rationale, gradual introduction to the new language, cultivating experts and mentoring junior developers. We will also cover the common roadblocks the leaders may run into, addressing the concerns of engineers and stakeholders, and building an engineering culture that facilitates innovation and talent growth. Please note that this talk is not a Ruby/Java/Scala religious debate - we believe in using the best tool for the job; and what works for us may not work for every org (which is where the culture comes in). My team's journey from "Holy crap! This looks academic and scary!" to "Let me whip out a service by EOD today" in a matter of months is something I am very proud of, and would love to share it with fellow developer community.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
19. /**
Lets try to build a login endpoint. It should support a method called
login(user:String,pass:String) that returns an Option[String].
*/
class LoginManagerSpec extends FlatSpec with ShouldMatchers {
}
20. /**
Lets try to build a login endpoint. It should support a method called
login(user:String,pass:String) that returns an Option[String].
*/
class LoginManagerSpec extends FlatSpec with ShouldMatchers {
it should " Be able to login a valid user and get a token " in {
fail()
}
}
21. /**
Lets try to build a login endpoint. It should support a method called
login(user:String,pass:String) that returns an Option[String].
*/
class LoginManagerSpec extends FlatSpec with ShouldMatchers {
it should " Be able to login a valid user and get a token " in {
val token = LoginManager.login("someuser", "somepassword")
token should not be None
}
}
22. /**
Lets try to build a login endpoint. It should support a method called
login(user:String,pass:String) that returns an Option[String].
*/
class LoginManagerSpec extends FlatSpec with ShouldMatchers {
it should " Be able to login a valid user and get a token " in {
val token = LoginManager.login("someuser", "somepassword")
token should not be None
}
it should " Fail to login an invalid user " in {
fail
}
}
23. /**
Lets try to build a login endpoint. It should support a method called
login(user:String,pass:String) that returns an Option[String].
*/
class LoginManagerSpec extends FlatSpec with ShouldMatchers {
it should " Be able to login a valid user and get a token " in {
val token = LoginManager.login("someuser", "somepassword")
token should not be None
}
it should " Fail to login an invalid user " in {
val token = LoginManager.login("fail", "fail")
token should be (None)
}
}
34. class LoginServiceSpec extends ScalatraFlatSpec {
addServlet(classOf[LoginService], "/*")
it should "log in valid users" in {
post("/", body = """user=gooduser&password=goodpassword""") {
status should equal(200)
body should include "token"
}
}
}
35. class LoginServiceSpec extends ScalatraFlatSpec {
addServlet(classOf[LoginService], "/*")
it should "log in valid users" in {
post("/", body = """user=gooduser&password=goodpassword""") {
status should equal(200)
body should include "token"
}
}
it should "not allow invalid users to log in" in {
post("/", body = """user=baduser&password=badpassword""") {
status should equal(401)
body should include "message"
}
}
}
36. APIs Best Practices
Use Proper HTTP Response Codes
Set Proper HTTP Headers
Break up your data into groups
42. Git Workflow
$ git status
# On branch dev
# Changes not staged for commit:
# (use "git add <file>..." to update what will be committed)
# (use "git checkout -- <file>..." to discard changes in working directory)
#
# modified: src/main/scala/com/netflix/nrdportal/http/DpiService.scala
# modified: src/test/scala/com/netflix/nrdportal/http/DpiServiceSpec.scala
43. Automated Code Pushes
Push to dev
Jenkins runs
dev build,
tests, merges
to master
Jenkins runs
master build,
makes an
RPM
Aminator
bakes an AMI
from the RPM
asgard
deploys the
AMI in staging
cloud