Moh Ahmed and Raymond Maika presented 'Using Rook to Manage Kubernetes Storage with Ceph' at Montreal's first Cloud Native Day, which took place on June 11 in Montreal.
Kubernetes has two simple but powerful network concepts: every Pod is connected to the same network, and Services let you talk to a Pod by name. Bryan will take you through how these concepts are implemented - Pod Networks via the Container Network Interface (CNI), Service Discovery via kube-dns and Service virtual IPs, then on to how Services are exposed to the rest of the world.
Kubernetes has two simple but powerful network concepts: every Pod is connected to the same network, and Services let you talk to a Pod by name. Bryan will take you through how these concepts are implemented - Pod Networks via the Container Network Interface (CNI), Service Discovery via kube-dns and Service virtual IPs, then on to how Services are exposed to the rest of the world.
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Mike Herbet, Principal Engineer, Cisco, Dave Cole, Consulting Systems Engineer, Cisco, Sean Comrie, Technical Solutions Architect, Cisco focused on the application centric infrastructure (ACI) at Cisco Connect Toronto.
Kubernetes have been widely adopted. The next challenge of scaling Kubernetes through the organization is multi-tenancy. This session will walk through how we can do multi-tenancy on Kubernetes with access control, fair sharing, and isolation.
Youtube Recorded: https://youtu.be/oCEL-nWhc-w
TechTalkThai Conference: Kubernetes Trends
September 16, 2021
Cloud Native Bern 05.2023 — Zero Trust VisibilityRaphaël PINSON
As the adoption of Kubernetes continues to grow, so does the need for securing containerized applications and their data. One effective security model that has gained popularity is Zero Trust Networking, which assumes that all resources, devices and users are untrusted, and access to resources is granted only after proper authentication and authorization. However, implementing Zero Trust Networking in Kubernetes can be challenging, given the dynamic nature of containerized workloads and the complexity of network policies.
In this presentation, we will explore how to implement Zero Trust Networking in Kubernetes using Cilium, Hubble & Grafana. We will start by setting up Cilium on a Kubernetes cluster, which provides network security by enforcing identity-based access control policies using eBPF. Next, we will export Network Policy Verdict metrics using Hubble, which allows us to visualize network policies and track security events in real-time. Finally, we will use a Grafana dashboard to visualize these metrics and demonstrate how to secure a Kubernetes namespace without affecting existing traffic in the namespace.
By the end of this presentation, attendees will have a good understanding of the importance of Zero Trust Networking in Kubernetes and how to implement it using Cilium, Hubble & Grafana. They will also learn how to secure a Kubernetes namespace and monitor network policies using a Grafana dashboard.
Cluster API によるKubernetes環境のライフサイクル管理とマルチクラウド環境での適用Motonori Shindo
Cluster API は Kubernetes の宣言的APIとリソースの管理機能を活かし、Kubernetes環境のライフサイクル管理を行うもので、Kubernetesコミュニティで仕様の策定と開発が進められています。
これまでもKubernetes環境の構築を支援するツールはいくつかありましたが、Cluster APIはコミュニティからの大きな支持を得ており、Cluster APIのエコシステムが広がりつつあります。
本セッションでは Cluster API の概要と最新の動向、また、Cluster APIを利用した大規模マルチクラウド環境への適用などをデモを交えながら解説を行います。
本資料はCloud Operator Days Tokyo 2020登壇時の資料です。
[Container 기반의 DevOps] Cloud Native
열린기술공방에서 처음으로 런칭한 교육 프로그램의 트렌드 세션 자료입니다. 급변하는 환경에 맞춘 SW를 개발하고 배포하기 위해, 빠른 의사결정을 할 수 있는 환경과 프로세스가 더욱 중요해지고 있는데요. 기업들에게 왜 클라우드 네이티브 전략이 필수적인지에 대해 소개한 자료입니다.
열린기술공방의 교육 과정을 통해 Kubernetes위에서 동작하는 Application의 빌드부터 배포까지의 과정을 한 눈에 확인하실 수 있습니다.
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red HatOpenStack
Multiple Sites and Disaster Recovery with Ceph
Audience: Intermediate
Topic: Storage
Abstract: Ceph is the leading storage solution for OpenStack. As OpenStack deployments become more mission critical and widely deployed, multiple site requirements are increasing as is the need to ensure disaster recovery and business continuity. Learn about the new capabilities in Ceph that assist customers with meeting these requirements for block and object uses.
Speaker Bio: Andrew Hatfield, Red Hat
Andrew has over 20 years experience in the IT industry across APAC, specialising in Databases, Directory Systems, Groupware, Virtualisation and Storage for Enterprise and Government organisations. When not helping customers slash costs and increase agility by moving to the software-defined storage future, he’s enjoying the subtle tones of Islay Whisky and shredding pow pow on the world’s best snowboard resorts.
OpenStack Australia Day Government - Canberra 2016
https://events.aptira.com/openstack-australia-day-canberra-2016/
VMware NSX provides a platform for deployment of software-defined network (SDN) and network function virtualization (NFV) services across physical network devices in a way that is analogous to server virtualization.
오픈스택이 가진 기술에 대하여 설명합니다.
1. 오픈소스기반 OpenStack 클라우드 시스템
2. OpenStack 기술 개요 및 동향
3. OpenStack 의 Community 개발 체계
4. OpenStack HA를 위한 방안
5. OpenStack SDN 개발 동향
6. Neutron OVS-DPDK 가속화와 구현방안
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...Edureka!
** Edureka DevOps Training : https://www.edureka.co/devops **
This Edureka Video on Docker vs VM (Virtual Machine) video compares the Major Differences between Docker and VM. Below are the topics covered in the video:
1. What is Virtual Machine?
2. Benefits of Virtual Machine
3. What are Docker Containers
4. Benefits of Docker Containers
5. Docker vs VM – Main Differences
6. Use Case
Check our complete DevOps playlist here (includes all the videos mentioned in the video): http://goo.gl/O2vo13
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Storage 101: Rook and Ceph - Open Infrastructure Denver 2019Sean Cohen
Starting from the basics, we explore the advantages of using Rook as a Storage operator to serve Ceph storage, the leading Software-Defined Storage platform in the Open Source world. Ceph automates the internal storage management, while Rook automates the user-facing operations and effectively turns a storage technology into a service transparent to the user. The combination delivers an impressive improvement in UX and provides the ideal storage platform for Kubernetes.
A comprehensive examination of use cases and open problems will complement our review of the Rook architecture. We will deep-dive into what Rook does well, what it does not do (yet), and what trade-offs using a storage operator involves operationally. With live access to a running cluster, we will showcase Rook in action as we discuss its capabilities.
https://www.openstack.org/summit/denver-2019/summit-schedule/events/23515/storage-101-rook-and-ceph
DevNetCreate - ACI and Kubernetes IntegrationHank Preston
These are slides from my hands on lab workshop at DevNet Create 2019 in April. https://developer.cisco.com/devnetcreate/2019/agenda
Description:
Enterprises all over are embracing Kubernetes as the foundation for their cloud native, micro service applications. As they are, network security is becoming a top of mind question. The ACI CNI Plugin for Kubernetes brings the power of Application Centric Infrastructure (granular segmentation, robust operational visibility, and unsurpassed network performance) to the Docker container driven infrastructure of Kubernetes. In this session, you'll have a chance to see all of this in action through a guided exploration of your very own Kubernetes cluster integrated with an ACI fabric. You'll start by diving into how a typical application looks after being deployed to Kubernetes within the ACI fabric. See each individual container and pod show up within the ACI operational dashboards. Look at how the load balancing and traffic routing is handled within the network by ACI, just like any other application environment. Then begin to enhance the policies applied to the application by segmenting applications by name spaces for better isolation between running applications. But we won't stop there, before you're done you'll build contracts to explicitly control the flow of traffic between the tiers of your application to ensure business and security policies are applied to containerized applications running within Kubernetes with the same contracts and filters you're using for traditional workloads.
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
Mike Herbet, Principal Engineer, Cisco, Dave Cole, Consulting Systems Engineer, Cisco, Sean Comrie, Technical Solutions Architect, Cisco focused on the application centric infrastructure (ACI) at Cisco Connect Toronto.
Kubernetes have been widely adopted. The next challenge of scaling Kubernetes through the organization is multi-tenancy. This session will walk through how we can do multi-tenancy on Kubernetes with access control, fair sharing, and isolation.
Youtube Recorded: https://youtu.be/oCEL-nWhc-w
TechTalkThai Conference: Kubernetes Trends
September 16, 2021
Cloud Native Bern 05.2023 — Zero Trust VisibilityRaphaël PINSON
As the adoption of Kubernetes continues to grow, so does the need for securing containerized applications and their data. One effective security model that has gained popularity is Zero Trust Networking, which assumes that all resources, devices and users are untrusted, and access to resources is granted only after proper authentication and authorization. However, implementing Zero Trust Networking in Kubernetes can be challenging, given the dynamic nature of containerized workloads and the complexity of network policies.
In this presentation, we will explore how to implement Zero Trust Networking in Kubernetes using Cilium, Hubble & Grafana. We will start by setting up Cilium on a Kubernetes cluster, which provides network security by enforcing identity-based access control policies using eBPF. Next, we will export Network Policy Verdict metrics using Hubble, which allows us to visualize network policies and track security events in real-time. Finally, we will use a Grafana dashboard to visualize these metrics and demonstrate how to secure a Kubernetes namespace without affecting existing traffic in the namespace.
By the end of this presentation, attendees will have a good understanding of the importance of Zero Trust Networking in Kubernetes and how to implement it using Cilium, Hubble & Grafana. They will also learn how to secure a Kubernetes namespace and monitor network policies using a Grafana dashboard.
Cluster API によるKubernetes環境のライフサイクル管理とマルチクラウド環境での適用Motonori Shindo
Cluster API は Kubernetes の宣言的APIとリソースの管理機能を活かし、Kubernetes環境のライフサイクル管理を行うもので、Kubernetesコミュニティで仕様の策定と開発が進められています。
これまでもKubernetes環境の構築を支援するツールはいくつかありましたが、Cluster APIはコミュニティからの大きな支持を得ており、Cluster APIのエコシステムが広がりつつあります。
本セッションでは Cluster API の概要と最新の動向、また、Cluster APIを利用した大規模マルチクラウド環境への適用などをデモを交えながら解説を行います。
本資料はCloud Operator Days Tokyo 2020登壇時の資料です。
[Container 기반의 DevOps] Cloud Native
열린기술공방에서 처음으로 런칭한 교육 프로그램의 트렌드 세션 자료입니다. 급변하는 환경에 맞춘 SW를 개발하고 배포하기 위해, 빠른 의사결정을 할 수 있는 환경과 프로세스가 더욱 중요해지고 있는데요. 기업들에게 왜 클라우드 네이티브 전략이 필수적인지에 대해 소개한 자료입니다.
열린기술공방의 교육 과정을 통해 Kubernetes위에서 동작하는 Application의 빌드부터 배포까지의 과정을 한 눈에 확인하실 수 있습니다.
Multiple Sites and Disaster Recovery with Ceph: Andrew Hatfield, Red HatOpenStack
Multiple Sites and Disaster Recovery with Ceph
Audience: Intermediate
Topic: Storage
Abstract: Ceph is the leading storage solution for OpenStack. As OpenStack deployments become more mission critical and widely deployed, multiple site requirements are increasing as is the need to ensure disaster recovery and business continuity. Learn about the new capabilities in Ceph that assist customers with meeting these requirements for block and object uses.
Speaker Bio: Andrew Hatfield, Red Hat
Andrew has over 20 years experience in the IT industry across APAC, specialising in Databases, Directory Systems, Groupware, Virtualisation and Storage for Enterprise and Government organisations. When not helping customers slash costs and increase agility by moving to the software-defined storage future, he’s enjoying the subtle tones of Islay Whisky and shredding pow pow on the world’s best snowboard resorts.
OpenStack Australia Day Government - Canberra 2016
https://events.aptira.com/openstack-australia-day-canberra-2016/
VMware NSX provides a platform for deployment of software-defined network (SDN) and network function virtualization (NFV) services across physical network devices in a way that is analogous to server virtualization.
오픈스택이 가진 기술에 대하여 설명합니다.
1. 오픈소스기반 OpenStack 클라우드 시스템
2. OpenStack 기술 개요 및 동향
3. OpenStack 의 Community 개발 체계
4. OpenStack HA를 위한 방안
5. OpenStack SDN 개발 동향
6. Neutron OVS-DPDK 가속화와 구현방안
Docker vs VM | | Containerization or Virtualization - The Differences | DevOp...Edureka!
** Edureka DevOps Training : https://www.edureka.co/devops **
This Edureka Video on Docker vs VM (Virtual Machine) video compares the Major Differences between Docker and VM. Below are the topics covered in the video:
1. What is Virtual Machine?
2. Benefits of Virtual Machine
3. What are Docker Containers
4. Benefits of Docker Containers
5. Docker vs VM – Main Differences
6. Use Case
Check our complete DevOps playlist here (includes all the videos mentioned in the video): http://goo.gl/O2vo13
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Storage 101: Rook and Ceph - Open Infrastructure Denver 2019Sean Cohen
Starting from the basics, we explore the advantages of using Rook as a Storage operator to serve Ceph storage, the leading Software-Defined Storage platform in the Open Source world. Ceph automates the internal storage management, while Rook automates the user-facing operations and effectively turns a storage technology into a service transparent to the user. The combination delivers an impressive improvement in UX and provides the ideal storage platform for Kubernetes.
A comprehensive examination of use cases and open problems will complement our review of the Rook architecture. We will deep-dive into what Rook does well, what it does not do (yet), and what trade-offs using a storage operator involves operationally. With live access to a running cluster, we will showcase Rook in action as we discuss its capabilities.
https://www.openstack.org/summit/denver-2019/summit-schedule/events/23515/storage-101-rook-and-ceph
DevNetCreate - ACI and Kubernetes IntegrationHank Preston
These are slides from my hands on lab workshop at DevNet Create 2019 in April. https://developer.cisco.com/devnetcreate/2019/agenda
Description:
Enterprises all over are embracing Kubernetes as the foundation for their cloud native, micro service applications. As they are, network security is becoming a top of mind question. The ACI CNI Plugin for Kubernetes brings the power of Application Centric Infrastructure (granular segmentation, robust operational visibility, and unsurpassed network performance) to the Docker container driven infrastructure of Kubernetes. In this session, you'll have a chance to see all of this in action through a guided exploration of your very own Kubernetes cluster integrated with an ACI fabric. You'll start by diving into how a typical application looks after being deployed to Kubernetes within the ACI fabric. See each individual container and pod show up within the ACI operational dashboards. Look at how the load balancing and traffic routing is handled within the network by ACI, just like any other application environment. Then begin to enhance the policies applied to the application by segmenting applications by name spaces for better isolation between running applications. But we won't stop there, before you're done you'll build contracts to explicitly control the flow of traffic between the tiers of your application to ensure business and security policies are applied to containerized applications running within Kubernetes with the same contracts and filters you're using for traditional workloads.
Tell the history of Container/Docker/Kubernetes, and show the key elements of them.
After view this document, you could know the main feature of Container Docker and Kubernetes.
Very basic infomation about how these technique work together.
Kubernetes vs dockers swarm supporting onap oom on multi-cloud multi-stack en...Arthur Berezin
Kubernetes vs Dockers Swarm supporting ONAP-OOM on multi-cloud multi-stack environment
Description: ONAP was set originally to support multiple container platform and cloud through TOSCA. In R1 ONAP and OOM is dependent completely on Kubernetes. As there are other container platforms such as Docker Swarm that are gaining more wider adoption as a simple alternative to Kubernetes. In addition operator may need the flexibility to choose their own container platform and be open for future platform. We need to weight the alternatives and avoid using package managers as Helm that makes K8s mandatory.
The use of TOSCA in conjunction with Kubernetes provides that "happy medium" where on one hand we can leverage Kubernetes to a full extent while at the same time be open to other alternative. In this workshop, we will compare Kubernetes with Docker Swarm and walk through an example of how ONAP can be set to support both platforms using TOSCA.
CEPH DAY BERLIN - DEPLOYING CEPH IN KUBERNETES WITH ROOKCeph Community
Rook is a cloud native orchestrator for deploying storage systems within Kubernetes. This presentation will highlight the benefits and goes into the details of using Rook to set up a Ceph cluster. In addition, I will also show how to set up Prometheus and Grafana to monitor Ceph in this environment.
Kubernetes based Cloud-region support in ONAP to bring up VM and container ba...Victor Morales
This material was used during the ONAP DDF + OPNFV Plugfest 2019 in Paris to share the progress made on this project and the plans for next coming releases
The Information Technology have led us into an era where the production, sharing and use of information are now part of everyday life and of which we are often unaware actors almost: it is now almost inevitable not leave a digital trail of many of the actions we do every day; for example, by digital content such as photos, videos, blog posts and everything that revolves around the social networks (Facebook and Twitter in particular). Added to this is that with the "internet of things", we see an increase in devices such as watches, bracelets, thermostats and many other items that are able to connect to the network and therefore generate large data streams. This explosion of data justifies the birth, in the world of the term Big Data: it indicates the data produced in large quantities, with remarkable speed and in different formats, which requires processing technologies and resources that go far beyond the conventional systems management and storage of data. It is immediately clear that, 1) models of data storage based on the relational model, and 2) processing systems based on stored procedures and computations on grids are not applicable in these contexts. As regards the point 1, the RDBMS, widely used for a great variety of applications, have some problems when the amount of data grows beyond certain limits. The scalability and cost of implementation are only a part of the disadvantages: very often, in fact, when there is opposite to the management of big data, also the variability, or the lack of a fixed structure, represents a significant problem. This has given a boost to the development of the NoSQL database. The website NoSQL Databases defines NoSQL databases such as "Next Generation Databases mostly addressing some of the points: being non-relational, distributed, open source and horizontally scalable." These databases are: distributed, open source, scalable horizontally, without a predetermined pattern (key-value, column-oriented, document-based and graph-based), easily replicable, devoid of the ACID and can handle large amounts of data. These databases are integrated or integrated with processing tools based on the MapReduce paradigm proposed by Google in 2009. MapReduce with the open source Hadoop framework represent the new model for distributed processing of large amounts of data that goes to supplant techniques based on stored procedures and computational grids (step 2). The relational model taught courses in basic database design, has many limitations compared to the demands posed by new applications based on Big Data and NoSQL databases that use to store data and MapReduce to process large amounts of data.
Course Website http://pbdmng.datatoknowledge.it/
Contact me to download the slides
WebSphere Application Server Liberty Profile and DockerDavid Currie
Presentation from IBM InterConnect 2015 covering a brief introduction to Docker, the relationship between IBM and Docker, and then using WebSphere Application Server Liberty Profile under Docker.
Dockerizing OpenStack for High AvailabilityDaniel Krook
Presentation at the OpenStack Summit in Paris, France on November 4, 2014.
High availability in OpenStack can be achieved in many ways. In this session we will describe how Docker can be used to provide an active-active highly available OpenStack environment. We will focus the real world work that we have done to "Dockerize" OpenStack services, detail the advantages to this type of deployment (rapid deployment, rapid scale out, versioning, etc.), and walk through our design - from requirements, limitations, obstacles, and especially our decisions. We will use our experiences as examples to provide real world best practices, as well as showing a demonstration of the environment in action.
Manuel Silveyra - Senior Cloud Solutions Architect
Daniel Krook - Senior Certified IT Specialist
Shaun Murakami - Senior Cloud Solution Architect
Kalonji Bankole - Cloud Architect
Building stateful applications on Kubernetes with RookRoberto Hashioka
Deploying stateful applications such a Wordpress and Jenkins on top of Kubernetes or any other container orchestrator can be a challenging task. In this context, Rook will be used to showcase how to automatically manage the volume's lifecycle through the its Kubernetes operators (operator pattern approach) by leveraging the recently added CSI GA support.
For the past 5 years, Canonical has engaged with dozens of communications service providers to design, build and operate virtualization infrastructure for network functions -- for the acronym lovers, delivering NFVI for VNFs. This presentation goes over the approach, challenges and learnings from multiple NFVI projects supporting multiple telco use cases.
Carbon 5 (C5) is the base of the next generation of WSO2 middlewere platform. 10 years back WSO2 re-achitected the middleware platform, which allowed us to develop comprehensive middleware functionality. Though the 10-year old Carbon kernel enabled WSO2 to build enterprise-grade middleware products, it’s now almost outdated. Generic server concepts, APIs and implementations from Apache Axis2 are now obsolete. Also In-JVM multitenancy is not the optimal solution in today’s container focused world.
In this session, Sameera will talk about Carbon 5 – a complete redesign of the existing Carbon kernel. Carbon 5 provides a composable server architecture for you to build enterprise-grade servers. Based on OSGi, Carbon 5 allows you to develop componentized/modular servers. Pluggable runtimes, Artifact Deployment engine, Transport framework, light-weight repository and clustering framework are some of the features of Carbon 5.
Similar to Using Rook to Manage Kubernetes Storage with Ceph (20)
Human No, Machine Yes: Welcome to the CDF with Incremental ConfidenceCloudOps2005
Ravi Lachhman presented 'Welcome to the CDF' at Eastern Canada's Kubernetes and Cloud Native Meetups in 2019.
To see upcoming Kubernetes and Cloud Native meetups in Eastern Canada, please visit https://www.cloudops.com/workshop-calendar/#meetups
The Salmon Algorithm Spawning with KubernetesCloudOps2005
Lindsey Tulloch, Software Engineer Intern at Red Hat, presented 'The Salmon Algorithm Spawning with Kubernetes' at Eastern Canada's Kubernetes and Cloud Native Meetups in 2019.
To see upcoming Kubernetes and Cloud Native meetups in Eastern Canada, please visit https://www.cloudops.com/workshop-calendar/#meetups
Own your Destiny in the Cloud - Ian Rae - Cloud Native Day Montreal 2019CloudOps2005
Ian Rae discussed how companies can own their destinies in the cloud with open source, cloud native technologies, DevOps methodologies, and community at Montreal's first Cloud Native Day in 2019.
Plateformes et infrastructure infonuagique natif de ville de MontréallCloudOps2005
Morgan Martinet et Marc Khouzam avons discuter la plateforme et infrastructure infonuagique natif de ville de Montréal au Cloud Native Day Montreal 2019.
Victor Gamov from Confluent presented 'Streams must fFlow: Developing fault tolerant stream processing application with Kafka Streams and Kubernetes’ at Montreal's very first Cloud Native Day, which took place on June 11, 2019.
Kubernetes was first announced by Google in mid-2014 and has since grown from a fledgling project to the mainstream. Ian spoke about what it takes for a project to cross that chasm of critical adoption and what that means for the future of cloud native applications.
Gregory Eric Sanderson, software developer at Jive, spoke about the architecture solution for distributed logging with Kubernetes leveraged by Jive/LogMeIn at the Spring 2019 Kubernetes and Cloud Native meetup in Quebec City.
Kubernetes Security with Calico and Open Policy AgentCloudOps2005
Ray Kao and Kevin Harris from Microsoft presenting ‘Kubernetes Security with Calico and Open Policy Agent’ at the spring 2019 Kubernetes and Cloud Native meetup in Toronto.
Advanced Deployment Strategies with Kubernetes and IstioCloudOps2005
Jonathan Gold from Container Solutions gave a workshop on advanced deployment strategies with Kubernetes and Istio at the spring 2019 Kubernetes and Cloud Native meetup in Ottawa.
Kubernetes Services are sooo Yesterday!CloudOps2005
At the Kubernetes + CloudNative meetup in Toronto of March, 2019, Christopher Liljenstolpe, co-founder and CTO at Tigera, presented ‘Kubernetes Services are sooo yesterday!’ He also provided a demo of Tigera Secure. As Istio, MetalLB, and CoreDNS continue to be adopted en masse, Christopher’s review of the service landscape was most relevant.
Amazon EKS: the good, the bad, and the uglyCloudOps2005
Geoff Flarity, Software Engineer at CashApp (Square), gave a talk covering everything you need to know about EKS, AWS' managed Kubernetes offering at the Kubernetes + Cloud Native meetups in Toronto and Kitchener-Waterloo.
Kubernetes, Terraform, Vault, and ConsulCloudOps2005
Bart Dziekan, Kubernetes Architect and Hashistack expert at DigitalOnUs, explored the 3 essential elements of dynamic infrastructure with the Kubernetes and Cloud Native community of Ottawa at the March, 2019 meetup. His talk showed how you can create all your resources in the cloud with code that uses Terraform.
To Russia with Love: Deploying Kubernetes in Exotic Locations On PremCloudOps2005
Michael Wojcikiewicz, Container Solutions Architect at CloudOps, showed the communities in Montreal and Kitchener-Waterloo how to deploy Kubernetes on prem at the Kubernetes + Cloud Native meetups for March, 2019.
Sebastien Thomas, System Architect at Coyote Amerique, gave a presentation on operator frameworks. His talk covered how Operator SDK can be used to create Kubernetes Operators with Go.
How to Handle your Kubernetes UpgradesCloudOps2005
Suvrojeet Ghosh, Software Engineer at Ribbon, presented 'How to Handle your Kubernetes Upgrades' at the Kubernetes + Cloud Native meetup in Ottawa in March, 2019. He shared his experiences upgrading HA clusters from v1.0 to v1.13 via kubeadm in multiple hops. He pointed out certain problems and errors to be aware of as well as resources that can help.
Kubernetes and Cloud Native Meetup - March, 2019CloudOps2005
This year's first round of Kubernetes and Cloud Native meetups in Eastern Canada began with an update of the CNCF by Ayrat Khayretdinov, CNCF Ambassador and Solutions Architect at CloudOps. He explained the status of various projects and highlights from KubeCon + CloudNativeCon. To learn the basics of cloud native application modernization, sign up for one of our hands-on, three-day workshops on Docker and Kubernetes at https://www.cloudops.com/workshops/#DockerK8s
This workshop presentation by Ticketmaster discussed Prometheus and Thanos. it focused on where they fit in in the Cloud Native lanscape and how they're being used.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Monitoring Java Application Security with JDK Tools and JFR Events
Using Rook to Manage Kubernetes Storage with Ceph
1. USING ROOK TO MANAGE K8S
STORAGE WITH CEPH
MOH AHMED, RAYMOND MAIKA
JUNE 11TH, 2019
2. Agenda
• What is Rook?
• Rook Timeline
• Operator Pattern
• Rook Design
• Rook Architecture with Ceph
• Container Storage Interface
• Monitoring Ceph on Kubernetes
• Demo of a Ceph Cluster Upgrade
• Upcoming Rook Features
3. What is Rook?
• Reliance on external storage
– Not portable
– Requires these services to be accessible
– Deployment burden
• Reliance on cloud provider managed services
– Vendor lock-in
• Day 2 operations - who is managing the storage?
8. Operator Pattern
• A method of packaging, deploying, and managing an application
• Extends Kubernetes API through Custom Resource Definitions (CRDs)
• Reconciliation loops to enforce state of the CRDs
• The Operator will:
– Observe the objects
– Analyze current vs. desired state
– Act on changes
Observe
AnalyzeAct
9. etcdetcd
Rook Design
Kubernetes
API
kubectl
etcd
Rook Operator
Rook
Agent
Kubelet
Rook Flex Driver
Management &
Health API
New Objects:
Volume
Attachments
New Objects:
Storage
Clusters
Storage Pools
Object Store
File Store
Objects:
Deployments
DaemonSets
Pods
Services
StorageClass / PV / PVC
ClusterRole
Namespace
Config Maps
Daemons
CSI
Driver
11. Container Storage Interface
• A specification to establish a standard for block and file storage system
• Allows the freedom to develop volume plug-ins externally from the orchestrator
• Similar to how Container Network Interface (CNI) became a standard
• Orchestrator agnostic ensuring compatibility across different platforms
12. Ceph CSI Driver
• Implements an interface between a CSI Orchestrator (e.g. Kubernetes) and the
Ceph cluster
Ceph CSI Driver
Version
CSI Spec Version
v0.3.0 v0.3
v1.0.0 v1.0.0
Kubernetes CSI Spec
Compatibility
Status
v1.9 v0.1.0 Alpha
v1.10 v0.2.0 Beta
v1.11 v0.3.0 Beta
v1.13 v0.3.0, v1.0.0 GA
14. Monitoring Ceph on K8s
• Ceph Manager Daemon (ceph-mgr)
– Became required since 12.x
(luminous) release
– Used to provide monitoring
interfaces
– Has a Prometheus plugin
– Built in dashboard exposed with
Rook 0.8 release
15. Upgrade Workflow
• Since Rook v0.9:
– The operator and its storage can be upgraded independently
– Two separate images for the Rook operator and the Ceph cluster
• Rook 1.0 supports:
– Ceph Luminous (v12)
– Ceph Mimic (v13)
– Ceph Nautilus (v14)
• Upgrading the Ceph cluster is as simple as editing the image in the CephCluster
object
16. Demo
• Show the CRDs and the pod deployment
• Show monitoring tools
• Upgrade the Ceph cluster to a new version
17. Future Plans
• Rook v1.1
– Increased stability for other storage backends
– Stable release for Ceph-CSI plugin
– Improved upgrade workflows
18. Get Involved
• Contribute to Rook
– https://github.com/rook/rook
– https://rook.io/
• Slack - https://rook-io.slack.com/
• Twitter - @rook_io
• Forums - https://groups.google.com/forum/#!forum/rook-dev
• Community Meetings
19. References
• Thanks to Jared Watts, founder of Upbound and Senior maintainer of the Rook project for his
help and usage of some of his slides materials
• https://rook.io/docs/rook/v1.0/
• https://coreos.com/operators/
• https://www.slideshare.net/Jakobkaralus/the-kubernetes-operator-pattern-containerconf-nov-
2017
• https://kubernetes-csi.github.io/docs/
• https://github.com/kubernetes/community/blob/master/contributors/design-
proposals/storage/container-storage-interface.md
• https://github.com/kubernetes/community/blob/master/contributors/devel/sig-
storage/flexvolume.md
• https://kubernetes.io/blog/2019/01/15/container-storage-interface-ga/
Editor's Notes
Get in touch: moh.ahmed@cengn.ca
Slide referenced from Jared Watts, Rook Project Intro
Rook was a project hosted under the Cloud Native Computing Foundation (CNCF) early in 2018
Much like how Kubernetes is an orchestrator for containers, Rook is an orchestrator for storage
Automate
Deployment
Bootstrapping
Configuration
Upgrading
Provision
Mount storage with PVCs
More than just an operator:
Operator patterns/plumbing
Storage resource normalization
normalization: enables a user to easily specify whether to converge both storage and compute, or to keep those resources separated.
Common policies, specs, logic
Around backups and snapshots
Quality of service guarantees
Placement of system components across nodes in the cluster
Memory and CPU resource utilization
Networking configuration and topology
And more!
Testing effort
Our adoption started early in 0.6/0.7 – the focus then was Ceph
As the releases continued into 0.8 and 0.9, more storage backends were added
Some fundamental changes were needed to be made to accommodate the different backends – separate namespaces, new CRDs
In September of 2018, Rook reached incubation phase within CNCF further solidifying its role within the landscape
With 0.9, the independence between Rook and its backend was solidified: one can be updated without the need to update the other
1.0 introduced more maturity in the Ceph storage and an experimental implementation of the CSI-Ceph driver was released
What we don’t see here are the interim releases that have been pushed throughout the release cycle with a dot 1 release every 5 months or so
The Kubelet process connects to the Kubernetes API Server
The normal Kubernetes objects are leveraged: Deployments, Daemonsets, StorageClass/PV/PVC
Along with those objects, Custom Resource Definitions are also deployed: storage, clusters, storage pools
Once those objects are deployed, the Rook operator is deployed which begins running the reconciliation loops discussed previously
Various other daemons will run specific to the storage backend chosen. Rook begins querying the management and health APIs of those daemons to ensure a healthy cluster
Rook Agent - Daemonset running on all nodes to manage attachment of storage to the hosts
Previous to 1.0, the Rook Flex volume driver was the only way to manage the volume attachments
As mentioned before, the CSI driver is also another way to manage the the storage on the hosts but it interacts with the Kubelet directly through the CSI and cuts out the requirement to use the Flex volume driver
Traditionally, volume plugins were in-tree (code existing in the core Kubernetes repo)
New plugins would require going through the code repo – tight coupling and dependency on Kubernetes releases
The Flex Volume plugin tried to address this by exposing APIs but didn’t solve all the problems (e.g. dependencies)
CSI is a standard for exposing block and file storage system
Third-party storage providers can write and deploy plugins without needing to touch the Kubernetes code