Workshop Stage 2
Tuesday, September 14, 2021
Kubernetes is great, but complex — and the learning curve is steep. Some might even call it frustrating. After all, application developers should be making great applications, not struggling with the complexities of Kubernetes. And operations teams shouldn't be biting their nails over developers having direct Kubernetes cluster write access.
Lagoon solves this (and more). It reduces the initial Kubernetes knowledge required from developers by providing easy to use application templates that involve just a couple lines of code. It does this with fully automated deployment on every branch commit or pull request. This removes the need for developers to have write access to the Kubernetes cluster and makes your operation teams happier.
Lagoon is fully configurable and flexible, and supports your developers in learning (and loving!) Kubernetes.
Modern environments such as Kubernetes and serverless, have made it easy to manage and scale microservices but observability into these environments is still a challenge for DevOps. In this session, we will describe how to use user request flows to build intuition about your architecture and build resilient applications. We will also dive into correlating metrics, events, & logs using distributed tracing, and creating alerts for anomalies detected in your environments.
Kubernetes has become a popular platform among application developers for building cloud-native applications. They value the flexibility to deploy anywhere, automate tasks, and expedite production.
At the same time, PostgreSQL has increasingly become the database of choice among application developers.
For anyone who has deployed or looking to deploy Cloud Native PostgreSQL, a big question is how do I get connected and then how to leverage built-in features.
Join us during this session as we talk about what's next after you have deployed a PostgreSQL cluster using EDB's Kubernetes Operator. Topics on the agenda include an overview of Operator patterns with stateful workloads, what makes up Cloud Native PostgreSQL, tools to benchmark Cloud Native PostgreSQL, What makes PostgreSQL a fit for Kubernetes, PostgreSQL flexible data types, Document databases vs Relational databases, Imperative vs Declarative stateful infrastructure, databases in your CI/CD pipeline, and deploying your application anywhere.
Persistent storage is one of the most difficult challenges to solve for Kubernetes workloads especially when integrating with continuous deployment solutions. The session will provide the audience with an overview of how to address persistent storage for stateful workload the Kubernetes way and how to operationalize with a common CD practice like GitOps
Open GitOps is crystalizing as a standard so how do you actually do it? Codefresh open source engineers recently launched Argo CD Autopilot, an opinionated way to manage applications across environments using GitOps at scale. We’ll bootstrap two clusters, deploy our apps, and promote a change from staging to prod. Easy peazy.
OPEN TALK: Unlock Cassandra Data for Application Developers Using GraphQL and REST APIs with Stargate.IO
Cassandra is an incredibly powerful, scalable and distributed open source database system. Companies with extremely high traffic use it to provide their users with consistent uptime, blazing speed, and a solid framework. However, many developers find Cassandra to be challenging because the configuration can be complex and learning a new query language (CQL) is something they just don't have time to do. Stargate is an OSS multi-model API Data Layer for cloud native databases which sits on top of Cassandra and provides HTTP interfaces to your data - it provides a REST API, a GraphQL API, and a document-oriented Schemaless API. You can install it on top of your own Cassandra instance and participate in the community. During this presentation we will demonstrate and share the purpose, capabilities and internals of Stargate. We also give a working sample as a docker-ready configuration file.
As companies transition to hybrid cloud, they are faced with complex decisions about choosing a strategic cloud partner who can support their growth at an affordable cost. Now more than ever, buyers are highly educated about the technology they need to scale their business. That’s why many value a partner who will make decisions that are right for their customers; a partner who’s invested in supporting their growth.
We will discuss how Vultr, the largest privately-owned Global cloud provider outside of the Big 3 Clouds supporting over 1.3 million customers, believes developers and businesses should feel the freedom of the cloud, and be empowered to do what they do best: develop and build a company.
I enjoy hacker films as much as the next bloke. Who doesn’t love a flashy NSA login page and some exciting terminal colour schemes? They always forget one thing, however; successful attacks are more like a game of chess with small actions orchestrated together, each bug, CVE and misconfiguration allows another successful move towards checkmate! In this session, we’ll use examples from our own research, highlighting potential attacker kill chains combining minor IaC misconfigurations in dangerous but preventable combinations with known CVE’s. We will also take a look, from a defender’s perspective, providing actionable takeaways your DevOps teams can start doing *today* to turn your security posture up to eleven.
As cloud threats continue to rise, understanding an adversary's tactics, techniques and procedures (TTPs) is critical to strengthening cloud security. How can you pull together a unified and simple approach to speed up detection and response for your SOC team?
In this session, we will:
-Dive into a comprehensive view of the MITRE ATT&CK for Cloud Matrix
-Explore real attack scenarios and best practices to detect them
-Advise on how to establish a unified threat detection strategy for cloud and containers
-Share how open source tools like Falco provide IDS capabilities for containers
In this session you will get to know how to deploy the Open Source Vault(which cannot be clustered) on top of NFS Backend(Vault doesn't support NFS natively) using Consul and couple of utility tools like Vault Initializer and Vault Load Balancer.
Wednesday, September 15, 2021
Many modern video games are constantly evolving post-release. New maps, game modes, and game balancing adjustments are rolled out, often on a weekly basis. This continuous iteration to improve player engagement and satisfaction requires data-driven decision making based on events and telemetry captured during gameplay, and from community forums and discussions.
In this session you will learn how OpenShift Streams for Apache Kafka and Kafka Streams can be used to analyze real-time events and telemetry reported by a game server, using a practical example that encourages audience participation. Specifically you’ll learn how to:
Provision Kafka clusters on OpenShift Streams for Apache Kafka.
Develop a Java application that uses Kafka Streams and Quarkus to process event data.
Deploy the application locally, or on OpenShift and connect it to your OpenShift Streams for Apache Kafka Cluster.
OPEN TALK: Synthetic Monitoring and Single Page Apps: How to Increase Control, Visibility, and Performance
For web developers or SREs leveraging Single Page Applications, client-side rendering can create challenges of control, visibility, and understanding user experience. Modern synthetic monitoring promises deeper understanding and visibility into user experience in pre-production, and after deployment. Join Developer and Technology Advocates Tetiana Kelly and Scott Mason, as they discuss how they leveraged synthetic monitoring to identify performance improvement opportunities for Splunk’s global SPA, The Quest for Observability. From measuring user experiences across geographies, to compression and image optimization opportunities, this talk provides best practices and lessons learned to help engineers deploy better SPAs.
Most organizations considering open source and open core cloud technologies understand they need to rigorously evaluate the software’s licensing terms and gauge the long-term health of its community and ecosystem. What still happens less frequently – but is just as crucial to these risk assessments – is developing a thorough understanding of the business models governing the commercial organizations attached to each solution being considered. You must discern the underlying motivations of the vendors or technology providers you depend on to deliver or support open source data-layer software (as well as those vendors with strong influence over its development and maintenance). By acutely understanding these incentives, you can identify if, where, and how they may map to possible risks to your enterprise’s adoption and ongoing open source implementation. Don’t limit the assessment to licenses and community health -- although both are still very key variables.
This session will discuss specifics on what you need to look for and consider when vetting open source technologies in the cloud as offered by:
-- Businesses using OSS as the foundation of their own intellectual property
-- Businesses that maintain total control offer the OSS they offer
-- Major cloud providers
Today's Kubernetes based applications need data services which can meet them where they are: in the cloud. But which ones? It is quickly becoming apparent that a presence in multiple, public clouds is necessary to maintain strategic data agility. However, keeping data highly-available and synchronized across multiple providers can be challenging. In this presentation we'll discuss Apache Cassandra's best-in-class approach to solve this problem, and how it can be leveraged to support multiple distributed use cases.
Transformer-based models have been dominant in the NLP landscape due to their state of the art performance on a wide variety of benchmarks and tasks. However, deploying such large models at scale can be quite difficult and costly. Learn about the techniques that we've utilized at Stream to overcome these challenges and moderate real-time chat messages efficiently on relatively inexpensive hardware. While this talk will focus on the BERT and its offshoots, many of these techniques can also be applied to other models.
OPEN TALK: Cybersecurity at a Global Scale: Addressing Next Generation Supply Chain Issues in Open Source Ecosystems
The landscape of cybersecurity is rapidly changing. Traditional, or “Legacy Attacks” used to target code downstream in open source code running in production, but the next generation of attacks is in manufacturing upstream Typo-squatting campaigns, Malicious Code Injection directly at source and Tool Tampering in development stream, all of which pose risks from the biggest corporations to the smallest hobbyist project as we all rely on the same open source ecosystems to do our work. The reality of the modern development landscape is that in a world of continuous integration and delivery, we have to start thinking about continuous security in open source security. This talk will describe the security taxonomy that offers the ability to detect, report and resolve vulnerability and malware attacks before they make their way into our applications, and to provide actionable recommendations when new vulnerabilities in distributions are surfaced in open source repositories.