Roman is a multi-disciplinary platform engineer, as a 5-year veteran of cloud operations, he
has worked on very large scale systems at both Kaltura and today at Appsflyer.
He enjoys building services that make infrastructure more reliable and accessible, and does this in his day to day at AppsFlyer as part of the infra-tools team.
AppsFlyer's mobile attribution and analysis platform is used by the biggest and most popular applications on Earth, generating a constant "storm" of 100B+ events (HTTP Requests) on our microservices, cloud based platform daily. And one of the technology backbones enabling this scale of operations is Artifactory.
With a diversity of artifacts being maintained in a Wild West of repositories - from Docker registry, NPM, to S3 with third-party dependencies for all, we realised we needed a better way to globally manage our many different platform engineering artifacts and pipelines.
Enter Artifactory. AppsFlyer selected Artifactory to help overcome the many challenges of managing these many dependencies in a large engineering organisation. This talk will be the story of how AppsFlyer migrated a live production system serving tens of thousands of production clients with iron-clad 24/7 uptime SLAs to Artifactory to improve deployment reliability, to create a single source of truth for all of our credentials, and return order to the Wild West of our artifact management at scale. Who should attend
Anyone who is pondering migrating to Artifactory
15 years in tech, marketing and leadership roles. All about software delivery optimization. 5 years in technical and executive training. Expert in DevOps, Lean, Systems Thinking, Continuous Delivery, Cloud Native and Decentralized Systems. Coder, speaker, writer. Fixated on improving the ways humans collaborate by telling mind-provoking stories.
Software delivery pipelines are getting more and more complex. New deployments formats and systems arise. The legacy ones are still here - for an indefinite period of time. Edge computing, blockchains, machine learning - all introduce new challenges and opportunities. Let's look at how to accomodate these changes, and provide true transparency and measurability all across our delivery chain. Who should attend
Engineers and managers
Melissa's background and experience as a software engineer spans a slew of technologies and tools used in the development and operation of enterprise products and services. She is a mom, software engineer, Java geek, huge fan of UNconferences, and is always on the lookout for ways to grow and learn. She has spoken at CodeOne, Java Dev Day Mexico and is part of the JCrete and JAlba UNconference teams. She is currently a Developer Advocate for JFrog, Inc.
Containers have become integral to every phase in the lifecycle of application development. Production grade orchestration tools such as Kubernetes have been built to manage them and container platforms like Docker are becoming commonplace in both testing and development. Web tutorials on how to build and manage simple Docker images abound! But what are containers exactly and why have they become so essential to the DevOps ecosystem?
This talk is for those curious minds who want to look below the surface and really understand the mechanics of a technique that has actually been around longer than you may think. Where did Docker come from? What about other projects in the container ecosystem - are there alternatives? What does a Docker image actually look like on the filesystem? How do Docker image layers work? What are cgroups? How are system resources allocated and managed and are there any gotchas that you should be aware of? What about security? How can JFrog Container Registry help me manage my Docker images? After this talk, you will have a solid understanding of the what, how & why of virtualized container technology. Who should attend
Anyone who manages, develops and/or deploys containers.
Brian has been studying, collecting, and cataloging vulnerabilities for twenty-five years both personally and professionally.
He has pushed for the evolution of Vulnerability Databases for years via blogs, presentations, and public dialogue on social
media, and has helped change them to improve their processes and coverage. He was previously a member of the CVE
Editorial Board for ten years and continues to rigorously follow the changing landscape of the vulnerability database
Vulnerabilities, those pesky things that you hate to hear about. Let’s hear about them in a different light! Starting recently, just 118 years ago, we’ll start with the first modern vulnerabilities and quickly move through the years to show how long they have been around. Collecting them is simple too, right?! Probably not; let me show you why it is a raging headache and nightmare you wouldn’t wish on that annoying co-worker. We’ll round it out with pretty charts and anecdotes and cupcakes. Well, two out of the three isn’t bad. Who should attend
Anyone that codes software or does that security thing!
Kohsuke Kawaguchi is the creator of Jenkins and co-CEO of Launchable. He is a well-respected developer and popular speaker at industry and Jenkins community events. Kawaguchi’s sensibilities in creating Jenkins and his deep understanding of how to translate its capabilities into usable software have also had a major impact on CloudBees’ strategy as a company. Before joining CloudBees, Kawaguchi was with Sun Microsystems and Oracle, where he worked on a variety of projects and initiated the open source work that led to Jenkins.
As the creator of Jenkins and co-CEO of Launchable, I get to see lots of real-world software development, and teams and organizations trying to push better DevOps practice forward. In those conversations, I noticed that some are more successful than others. In this talk, I will explore where those differences seem to be made.
One is around data. Our automation in software development is sufficiently broad that it is producing lots of data, but by and large most of those are simply thrown away. Yet at the same time, the management is feeling like they are flying blind because they have little insight!
Another is around how they leverage “economy of scale.” Successful teams seem like they managed to drive great uniformity and consistency across software development, which allow organizations to move at great speed and make developers feel great.
Who should attend
Engineers and engineering leaders who care about developer productivity.
Sven Ruppert has been coding Java since 1996.
In his free time, he is regularly speaking at Conferences like JavaOne/Jfokus/Devoxx/JavaZone/JavaLand and many more and contributes to IT periodicals, as well as tech portals.
From DevOps to DevSecOps? Where are the differences, what do you need? How can I start, and how can JFrog Xray help me with that? We will address and examine all of these questions in this talk.
The term DevSecOps is on everyone's lips, but it is mostly only used as a synonym for DevOps. We will see that this is not the case, where and how the differences are shown. An essential point of view as to why and how it will directly benefit the business is shown, as well as the practical use of Xray when it comes to the most effective #ShiftLeft in the area of security within software development.
Wayne Chatelain is a Senior Manager, Software Engineer at Capital One that leads a small DevOps team responsible for delivering and operationally supporting Artifactory and the ecosystem surrounding the product.
JFrog's Enterprise+ Platform offers capabilities that provide an end-to-end flow for binaries from build to production. We will take a look at how Distribution can be enabled to ensure the security and quality of binaries is achieved and how Artifactory Edge is used to maintain a library of approved artifacts for an enterprise.
Ayrat is a CNCF Ambassador, GDG, GDE and Hybrid Cloud Specialist at Google Cloud, where he spends time creating and developing cloud-native architectures and help customers run workloads on-prem and in multi-cloud environments. As a CNCF Ambassador he has an opportunity to educate people and share knowledge about benefits of containers, microservices and Cloud Native landscape via CNCF and Kubernetes Meetups, workshops or by helping customers to build modern cloud native applications that can run seamlessly on-prem or any cloud provider. Ayrat is passionate about community, he is frequent speaker and lead organizer at Eastern Canada CNCF and Kubernetes Meetups and GDG Cloud Montreal and Ottawa. He is an organizer of Kubernetes Community Days, Cloud Native Days Canada 2019 and GDG Cloud & AI DevFest 2019 conferences.
Adopting a microservices architecture provides many benefits: scalability, faster releases, and polyglot application development. However, it also means more services to keep alive, more complex testing, monitoring, debugging, networking interactions an increased risk of cascading failures during outages. In this talk, we will explore how Anthos Service Mesh (ASM) and JFrog Artifactory can help you build reliability into your microservices applications. First, we'll cover how adopting a service mesh can help you decouple the network from your application code, giving you client-side load balancing, increased consistency, and fine-grained controls out of the box. Then with demos, we will demonstrate a CI/CD pipeline with Tekton, JFrog Artifactory and Spinnaker, backed by capabilities of Knative and Istio Service Mesh to demo an overall Anthos experience in hybrid and multi-cloud scenarios. Who should attend
Developers, DevOps, Architects, SREs, DevSecOps
John Willis is Vice President of DevOps and Digital Practices at SJ Technologies. Prior to SJ Technologies he was the Director of Ecosystem Development for Docker, which he joined after the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired by Docker in March 2015. Previous to founding SocketPlane in Fall 2014, John was the Chief DevOps Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Opscode/Chef and Canonical/Ubuntu. John is the author of 7 IBM Redbooks and is co-author of the “DevOps Handbook” and the upcoming Beyond the Phoenix Project. The best way to reach John is through his twitter handle @botchagalupe.
This presentation is intended to guide organizations on implementing an automated process for tracking governance throughout the deployment pipeline; by providing a reference architecture to help guide organizations on how to design and implement automated governance throughout the delivery pipeline. A sample use case is also provided to further enforce these best practices. Ultimately, a DevOps automated governance process can give organizations the assurance that the delivery of their software and services are trusted.
Valarie Regas is a DevOps fanatic, full-stack developer, a Georgia Tech coding bootcamp graduate, and a veteran mommy. She holds a BA in Psychology and currently works as a DevOps Engineer. After years being a stay-at-home mom, she decided to change her life by entering tech, and has learned a lot along the way. In addition to DevOps, she enjoys mixed martial arts fighting, table-top role playing games, public speaking, creating tiny humans, and activism of all sorts.
On your quest towards true CI/CD and DevOps culture, you've implemented processes and procedures designed to get you there. But instead? You're accidentally even farther from the goal than before!
In this session we'll go over how to determine if your team is wasting time on unnecessary procedures, and how to determine which form of Agile actually meets your team needs! Who should attend
Anyone trying to maximize team efficiency and shorten the development life cycle
Kat Cosgrove is a chronic early-adopter of new technologies and a real-life cyborg. Her professional engineering background is in web development, IoT, and programming education, but today she's a Developer Advocate for JFrog. She loves finding creative solutions for hard problems, especially if they're a little hacky.
When she's not building demos or at a conference, she spends her time gaming, watching e-sports, and working on useless but entertaining side-projects. She also volunteers with area non-profits geared towards getting more women and other underrepresented minorities into tech.
Devices on the edge are highly varied in hardware and capabilities, even within the same technology space. Knowing that, how do we design an efficient, scalable, and reliable solution for updating the software on these devices, all while minimizing downtime for the user?
There is no one-size-fits-all solution to this problem, but we have some tools and techniques at our disposal to make solving the problem easier. Learn exactly why this is an important and difficult problem to solve, and get exposed to tools and strategies you can implement to streamline deployments to your embedded linux devices on the edge.
Viktor Gamov is a Developer Advocate at Confluent, the company that makes an event streaming platform based on Apache Kafka.
Back in his consultancy days, Viktor developed comprehensive expertise in building enterprise application architectures using open source technologies.
He enjoys helping architects and developers to design and develop low latency, scalable and highly available distributed systems.
He is a professional conference speaker on distributed systems, streaming data, JVM and DevOps topics, and is regular on events including JavaOne, Devoxx, OSCON, QCon, and others.
He co-authored O’Reilly’s «Enterprise Web Development.»
He blogs at http://gamov.io and co-hosts DevRelRad.io.
Follow Viktor on Twitter @gamussa, where he posts there about gym life, food, open source, and, of course, Kafka and Confluent!
Today we are experiencing a profound shift in how we understand distributed systems. Organizations want interconnected reactionary systems that drive microservices, machine learning, system accounting, and observability. Also, throw in some IoT to keep things interesting. Today’s world operates under a new set of constraints and tries to solve problems that were never thought possible. Everything has changed. Underpinning this change is the need for event-driven applications. Not only to drive reactions and break down silos but more fundamentally change how we design, build, and architect the systems. The common element is the event. And more so, we need to think about our systems in terms of events. Hence, event-first thinking changes everything.
The big question is – how to make this a reality? How do we support existing DevOps practices and continuous delivery commitments? In this talk, I discuss the merits of event-first system design and how systems architecture is evolving. The journey to event-driven architecture is not a free lunch, and we need to not only commit to operating them at scale but also support the full software development lifecycle. I will cover testing practices, from unit, integration pipelines, but also touch on data quality and then patterns of adoption. It’s the patterns where we begin to understand how continuous delivery is applied, how to make it synergistically fit with existing processes, and also allow running systems 24×7 while supporting evolution. Who should attend
Developers, Architects and technical C-level personnel
Liran is the Co-Founder and CTO of Rookout. He’s an advocate of modern software methodologies like agile, lean and devops. Liran’s passion is to understand how software actually works. When he's not thinking of code, he's usually diving or hiking.
Like many other companies in the DevOps sphere, we realized early on that compliance can be a serious obstacle to the progress of our sales cycle. Having long-standing experience with security but none at all with compliance we set out to become SOC 2 compliant in our software development process.
We quickly learned there was very little public documentation on how to become SOC 2 compliant. In this session, I will share the way we built the SOC 2 procedures around agile software development and DevOps patterns such as CI/CD and GitOps. Although it typically takes about a year to complete a SOC 2 compliance, we have managed to get certified in less than 6 months.
During this process, we have come to an important conclusion, one which I hope you will arrive at too by the end of this session. You will learn how agile processes and DevOps can address and outperform traditional methods for managing security and compliance. This talk will empower you to tailor your enterprise compliance needs to your desired software development process. In short, software-oriented organizations can have the cake and eat it too.
Who should attend
Engineering managers, tech leads, software architects, security and compliance officers, DevOps, engineers, and release managers.
DevOps Engineer at JFrog for the last 3 years.
Part of the development team that implements and maintains the Kubernetes based solution for JFrog Saas applications.
Before that, a C Real-Time developer and Configuration Management Engineer.
In the past two years, we moved to deploying and managing JFrog SaaS applications in Kubernetes on the three big public clouds - AWS, GCP and Azure. During this period, we gained a lot of useful and important lessons. Some - the hard way... In this session, I want to share with you some stories from our journey and the (sometimes hard) lessons learned. Who should attend
Anyone who is working with Kubernetes on production or thinking about doing it and would like to hear from others' experience and thoughts.
Jayne Groll is co-founder and CEO of the DevOps Institute (DOI). Her IT management career spans over 25 years of senior IT management roles across a wide range of industries. Her expertise spans multiple domains including DevOps, Agile, ITIL and Leadership.
Jayne is a recognized and respected IT thought leader and influencer. and is very active in the global DevOps, ITSM and Agile communities and is a frequent presenter at local, national and virtual events.
While many are searching for the elusive Full Stack Engineer, data from DevOps Institute’s "2020 Upskilling: Enterprise DevOps Skills Report" supports a different approach - a Hybrid DevOps Product Team whose members are multi-skilled in human, process, automation and functional competencies. Essentially, a full stack team. This session will explore the characteristics of the Hybrid DevOps Product Team and how encouraging individuals to evolve from T-shaped to “E-shaped” professionals leads to high productivity, happier employees and a better customer experience. The session will look at some of the data collected in the Upskilling report to help guide individuals and organizations on this journey.
Who should attend
Anyone interested in evolving into a cross-functional, multi-skilled "full stack" team.
More than 30 years of experience in the Software industry.
A DevOps Expert and Tech Leader.
An experienced team leader.
An expert in understanding the human aspects of software development and deployment toward translating it into a great work environment.
Specialties: Out-of-the-box challenges analysis toward a great solution
As a DevOps Tech Leader, I try to be the best in what I do, but still - I have a lot to improve in order to become a DevOps mentor.
In this lightning talk, I will focus on all the aspects that (in my humble opinion) will help me - and you - to become such an expert that can be considered a mentor.
Even that this seems trivial, I will surely surprise you with my point-of-view about it. Who should attend
Everyone trying to be better in what he does
As a developer, architect and product manager I have a passion for making the release process better. I am currently living the dream at JFrog helping the world release software faster. Working on Conan I get to return to my earlier roots as a developer and specifically work on tools to help out the C/C++ community. I also have a passion for making tools of all sorts interoperate better, which has been a theme throughout my career.
As a speaker I typically talk about CI/CD; DevOps processes and adoption; issues around developing, maintaining and storing docker containers; and C/C++ package management and DevOps.
This is basically a "What's new" update. I can't give a detailed abstract until WAAAAY closer to SwampUp, but I expect to be discussing cloud deployment options, logging, and new IDE integrations and CLI capabilities. Probably also mention the centers, depending on available time and what to talk about. If the centers get their own talk this is important. Who should attend
Customers of JFrog who care about integrating artifactory with other tools.
Alek is a developer at Capital One and has been working with Artifactory ever since he joined in mid 2019. His team assiduously manages Artifactory as the enterprise solution for binary storage and provides support for end users. Alek has spend most of his time on the Artifactory team providing automation pipeline solutions.
JFrog Artifactory User Plugins allow administrators to personalize the functionality of Artifactory to cater to their end users. In this session, we will discuss these main topics:
1.) How Capital One tests plugin functionality in a miniature containerized version of Artifactory before deployment.
2.) How we deploy plugins to our HA implementation of Artifactory in AWS
3.) How we assess plugin performance after QA deployment.
4.) And how we assess plugin functionality after QA and PROD deployments.
We will also discuss how we automate every single one of these topics for a large scale enterprise in our release pipeline for our resilient HA implementation. Who should attend
Developers and users of JFrog Artifactory who want to understand how Capital One manages testing, deployment, behavior, and performance of User Plugins for a large scale enterprise all through one automated release pipeline.
Tim is an all around pretty fun guy. DJ, certified Culinary Arts Chef & Beer Specialist, world traveler and Enterprise DevOps leader with 10+ years of Enterprise Release Management and DevOps experience. In his current role of Senior Manager, Enterprise DevOps, Tim has used his passion for technology to transform the IT organization to improve the end to end development and delivery experience.
Come listen in on how Rogers Communications went from having no artifact/docker image/binary repository strategy to hosting over 2 million artifacts in less than a year! Visit this session to see how we use JFrog with other tools like Jenkins and UrbanCode Build / UrbanCode Deploy, and how we upgraded our licence model from Pro-X to Enterprise Pro-X due to the growth and adoption of JFrog Artifactory and X-Ray. We'll also tell you about an upgrade emergency we had and the great support we received! Who should attend
For those who are looking for some new strategies on how to use JFrog Artifactory and X-Ray, or for those who are looking at upgrading their current JFrog offering to a higher version.
Ankur is the engineering manager for Backend Infrastructure at Flexport. His teams are responsible for Cloud Infrastructure and Developer Experience - their mission is to make other engineers more productive and allow them to focus solely on feature development! He started as an engineer and built some of the foundational Infra at Flexport - CI/CD, Staging and Containerization.
Prior to joining Flexport, he worked at Twitter and Facebook. He holds a Bachelors in Computer Science from IIT Delhi, India.
It's hard to build a scalable staging system. They're often described as hard to use, slow, flakey and/or expensive. At Flexport, we've come up with a new approach to staging that aims to solve some of these problems. Our system is called Sandbox.
Sandbox allows you to create an isolated clone of our production system - complete with all the data. Every engineer/PM/ops can create their own and share it around for people to test changes and simulate actions. Your changes will never clobber someone else's so it's super stable. These days, every PR includes a link to a unique sandbox. It's even used for training new hires and doing accepting testing with our customers.
We're able to achieve this because we have containerized everything - all our services and even our databases. For every sandbox, the whole package gets deployed to ECS and gets put behind a unique URL. The databases are generated from a trimmed snapshot of production every few hours - so you always get fresh data. We have AWS lambdas to pull the images on every host - therefore startup times are <5min.
My talk will dig deeper into how this system works and how we solve for all the problems described above. I'll also highlight the great impact this has had on Flexport engineering and how we plan to improve this in the future. Who should attend
Software Engineers, Infrastructure Engineers, Devops, SRE, Leaders of fast-growing companies
Cloud developer in AWS, Azure, Salesforce, GCP & more.
In this lightning talk you will learn the basics of k8s operators and how they work in the Openshift environment. We will also go over the Openshift Operator Lifecycle and explain the stages and steps that take place to get the operator from the OperatorHub and deploy it into your Openshift environment. A demonstration will be done showing Artifactory being deployed into a new Openshift cluster to provide a learning experience on how Artifactory can quickly and easily be deployed into Openshift. Finally we will have a Q&A session to help answer any questions you may have about the integration and how you can use it. Who should attend
People who are interested in using Artifactory in Openshift via the OperatorHub and want to learn more about k8s operators.
Engineers should develop against the production database! Scary, I know! But hear me out.
Firstly, developing against production data has obvious advantages - Your code is tested against what it will face in production. You end up writing code that's performant against real-world data and not just test data. There's no messy seed data file that needs to be kept in sync. And you can live debug against real data!
The naive way to achieve this is to dump your db and let each dev download this dump and apply it to their local db. We did this for a while and it used to take ~1hr every time! It was the textbook “my build is compiling” excuse ([https://xkcd.com/303/](https://xkcd.com/303/)).
To solve this problem, we ended up building a system that brings down db-provision-time to 30s! That's the subject of this talk - a system we call Devdb. Devdb creates a docker image with the database and all the data. These images then get run on an (AWS) ECS cluster. The talk will go through details of this implementation, all the issues we faced and how we solved them - Making ECS work with huge images, pruning unnecessary tables, pre-pulling for faster startup, db warmup, monitoring and cleanup. I think people will also find it interesting how we use aws lamdbas for most of these!
Towards the end, I'd like to discuss some other cool stuff we've built using this system - primarily a staging system that lets you spawn near identical copies of production for PR testing, sales demos and external integration testing! Who should attend
Software Engineers, Infrastructure Engineers, Devops, Leaders of fast growing companies
DevOps with strong experience in system and network administration (> 5 years). Former C developer.
In our company we faced with the necessity of creating a lot of proxy repos. I'd like to explain in details what is our path to automate this process and how one can use Terraform for this task.
Robert Wen is a lead build and release engineer at Salesforce. His team is responsible for CI/CD and developer productivity for Einstein Platform. Prior to Salesforce, Robert has contributed to build automation and release management for Oracle, Google, Sony and Splunk.
Tableau offers powerful and user friendly visualization capabilities for data. This talk will demo how to use drag-and-drop to create stories that convey information about CI/CD systems covering Github, TeamCity, Artifactory and AWS. Who should attend
software engineers, build and release engineers, devops engineers.
Muktesh is currently working as a Senior Software Engineer for Adobe's Sensei and Architecture Reliability Engineering Team. He is an architect at heart, open source contributor to 20+ projects and enjoys programming in polyglot. Primarily he is more interested and contributes in Microservices, Cloud, Containerization, Architectures and distributed systems, however lately his focus shifted on a lot of automation and machine learning as well. In his free time he likes photography, solving coding challenges, learning from online resources and cooking. He is a conference junkie and presented in various conferences as well (Java One, GDG Conf, InMemory Summit, API Strategy Conference, Docker Con, Open Source Summit, OSCon to name a few). He is heavily involved in development and teaching people in various communities (Apache Groups, OpenSource Forums, Docker Mentoring and Java User groups). He has started Sunnyvale Java User group and NorCal Java User group. In his own words,” I am a distinguished engineer, with :::willingness to learn and curious to know::: attitude. I can code, cook, cheer and care. In short, “nothing special but passionately curious” is my jam”.
You invest your time and effort breaking up that monolithic Frankenstein into a suite of elegant composable micro-services, you containerize them and you deploy them somewhere in the cloud. Then you proudly watch it all come together reaping the benefits of the most scalable architectures. It is all fine and dandy from this point on. Too good to be true? Of course! This session is about what to do when you wake up to find yourself in the weeds diagnosing that first bug and tracing calls through the convoluted web of micro-services of your own doing. Through a series of demos and code snippets, we will introduce the most important open-source projects tools to strike the right balance of monitoring at the infrastructure, container, and services. Who should attend
Developer, Architects, CDevOps engineers
Gal Marder, VP DevOps Acceleration at JFrog in charge of providing solution engineering to JFrog’s users and customers in the process of liquifying software.
Marder joined JFrog in 2018 following an M&A of Trainologic in which he played the role of co-founder and CEO. Gal started his career as a software developer for the Israel Defence Forces. He is enthusiastic about making software development more efficient to help organizations in their digital transformation journey.
The rise of CD using Docker and K8S changed the game in many ways and created tons of value. But, like everything good, it also creates new challenges, especially for large organizations. One of these challenges is the need to deal with bursts of downloads from different environments whenever a new release is being published. The limitations of physics are met when you have to download heavy Docker images to a large number of environments. In this session, we will break the law of physics by using a brand new p2p technology to handle this new challenge. Who should attend
Developers, Architects, and DevOps engineers who are interested in accelerating their CD to a record-breaking time.
Ravi Lachhman is an evangelist at Harness. Prior to Harness, Ravi was an evangelist at AppDynamics. Ravi has held various sales and engineering roles at Mesosphere, Red Hat, and IBM helping commercial and federal clients build the next generation of distributed systems. Ravi enjoys traveling the world with his stomach and is obsessed with Korean BBQ.
Nobody likes getting told "no" from a person or, ironically today, a system. As software engineers, our bread and butter depend on getting our ideas into the world, i.e. off our laptop and into some sort of environment where more than us can access -- into production. Deploying and delivering software is one large confidence-building exercise; did the features match the expectations?
There is a lot of room for human and systemic "no" there. One of the first books I read out of school as a young consultant was Roger Fisher’s and William Ury’s "Getting to Yes: Negotiating Agreement Without Giving In." Continuous Delivery is as much as automating a "yes" as setting forth what would be a "no." There are multiple Continuous Delivery methodologies that parallel the book such as “separating people from the problem” aka CD Automation.
In the CNCF world, there are over 1200 cards in the CNCF landscape today. Each change in each if we leverage can result in a "no." There are tools out there and practices we can use: Argo, Tekton, WeaveCloud, CodeFresh, and Harness are a few. Learn what these platforms and processes try to achieve with getting us a "yes!"
Who should attend
Anyone who is curious to start to automate the yes in their software delivery. This is the world of Continuous Delivery.
1. A lot of challenges are the human element. No one person knows the entire system.
2. Continuous Delivery means something else for everyone depending on who you ask due to Cognitive Load / Conway’s Law.
3. Our responsibility to start somewhere on the Continuous Delivery journey.
Jessica is a Cloud Developer Advocate for Microsoft focusing on Azure, infrastructure, containers, Linux and open source. Prior to joining Microsoft, she spent over a decade as an IT Consultant / Systems Administrator for various corporate and enterprise environments, catering to end users and IT professionals in the San Francisco Bay Area. Jessica holds three Microsoft Certifications (MCP, MSTS, Azure Infrastructure), 3 CompTIA certifications (A+, Network+, and Security+), 4 Apple Certifications, and is a former 4-year Microsoft Most Valuable Professional for Windows and Devices for IT. In 2013, she also achieved her FEMA certification from the U.S Department of Homeland Security, which recognizes her leadership and influence abilities during times of crisis and emergency.
When she’s not doing something geeky, you can find her doing something active, most likely running out of breath at her local CrossFit gym or hiking. She also enjoys biking (motorcycles and/or bicycles), shooting, eating, reading, and hanging with her 5-year-old rescue pup.
Kubernetes is the de facto open source container orchestration system that supercharges applications. We know this to be true after nearly 6 years, but what comes after the 101 course?
This demo fueled session will take you on a journey demonstrating how you can not only deploy a production ready Kubernetes cluster with best practices easily, but also how leveraging open source and industry standard DevOps based tooling can streamline and enhance the process.
This session will cover everything from scaling and pod security, to debugging a live application, testing those changes, and gaining confidence during the review process. Who should attend
Anyone with prior Kubernetes experience looking to further their knowledge specifically in the area of DevOps and cloud native, container based, tooling.
Software Developer/Architect (MS SQL Database) till 2017 by Siemens AG
Service Manager by Siemens AG
What are adventages and challenges setting Artifactory as IT Service in a company Who should attend
Companies interessted to set JFrog Artifactory as IT service.
As Chief Technology Officer, Robert Reeves advocates for Datical’s customers and provides technical architecture leadership. Prior to co-founding Datical, Robert was a Director at the Austin Technology Incubator. At ATI, he provided real world entrepreneurial expertise to ATI member companies to aid in market validation, product development and fundraising efforts. Robert cofounded Phurnace Software in 2005. He invented and created the flagship product, Phurnace Deliver, which provides middleware infrastructure management to multiple Fortune 500 companies. As Chief Technology Officer for Phurnace, he led technical evangelism efforts, product vision and large account technical sales efforts. After BMC Software acquired Phurnace in 2009, Robert served as Chief Architect and lead worldwide technology evangelism.
Let’s remember why we use Artifactory in the first place! We need a single source of truth. Of course, we have that with our source code control but that’s not the best place to put our applications that are ready for release. Artifactory provides a mechanism for anyone in the organization to request the latest released version of an application and also include any dependencies required by the new application version.
However, most of you are not including the database schema changes. If you’re including your database as part of your architecture, why aren’t you including it as an artifact? This oversight is causing serious problems.
Cramming SQL scripts into Artifactory isn’t the answer. It’s time to automate your database schema change process.
Anyone can do this. I’ll demonstrate how you can use an open source tool called Liquibase to make database schema available for test environments. If you have a lot of database migrations to develop, your integration test environments should automatically be in sync with the defined migrations. The most efficient way to handle this is to let Jenkins push the Liquibase defined ChangeLog (whether XML, YAML, JSON, or annotated SQL) to your internal Artifactory. Thus, your application and dependent database changes will be part of a distinct, atomic release.
Chris Short has been a proponent of open source solutions throughout his over two decades in various IT disciplines including systems, security, networks, and DevOps engineering and advocacy across the public and private sectors. He currently works on the Ansible team at Red Hat. Chris is a partially disabled US Air Force veteran living with his wife and son in Greater Metro Detroit. Chris writes about DevOps and other topics at chrisshort.net. He also runs the DevOps, Cloud Native, and open source focused newsletter DevOps’ish.
“Migrating to the cloud saves money!” “Not running your own infrastructure reduces your bottom line!” “Lift and shift is a legitimate first step towards moving to the cloud!” These are all potential pitfalls if you’re not careful. Proper planning prevents piss poor performance. Using a real chaotic cloud migration as a guide, we’ll walk through the pitfalls of cloud migrations and how to avoid them and the terrifying vendor lock-in (when it makes sense). Who should attend
Anyone looking to move workloads to the cloud or has and wants to see if their bumpy ride was just as rough as mine.
Dan Lorenc is a Software Engineer at Google focused on open source Cloud technologies. He leads an engineering team focused on making easier to build and deliver secure, reliable systems for Kubernetes. He created the Minikube, Skaffold, and Tekton open-source projects, and is a member of the Technical Oversight Committee for the Continuous Delivery Foundation.
In this talk, I will explain what software supply chain attacks are, what you need to know about them, and how you can start to protect yourself.
Supply Chain attacks are nothing new to containers and cloud native computing. In fact, they predate software! But they are on the rise, and several aspects of containerized software make them easier to carry out and more lucrative. In fact, supply chain attacks increased by 78 percent in 2019, according to Symantec.
Container images are much larger and more opaque than traditional software artifacts, making it easier to hide malicious code inside them. And container build tools are powerful enough to package code in any language, making it easier to accidentally include some compromised code. Finally, the ecosystem is still young, and best practices around artifact signing and distribution are still under development.
Not all hope is lost, though! In this talk, you'll also learn how to protect yourself against the most common attacks today, what work is going on across the industry to help solve the problem at its roots, and how you can get involved.