DevOps teams struggle with complex automation pipelines that are difficult to maintain, duplicated pipeline code across services, and inability to scale SRE due to manual expert tasks required for resiliency testing and SLO analysis. Keptn addresses these problems by providing data-driven delivery and operations automation based on declarative configuration, separating concerns between the application plane defining processes and control plane executing tools, and event-driven automation that removes hard-coded dependencies.
What manufacturing teaches about DevOpsGordon Haff
Software development, like manufacturing, is a craft that requires the application of creative approaches to solve problems given a wide range of constraints. However, while engineering design may be craftwork, the production of most designed objects relies on a standardized and automated manufacturing process. By contrast, much of moving an application from prototype to production and, indeed, maintaining the application through its lifecycle has often remained craftwork. In this session, Gordon Haff discusses the many lessons and processes that DevOps can learn from manufacturing and the assembly line-like tools, such as Platform-as-a-Service, that provide the necessary abstraction and automation to make industrialized DevOps possible.
This slide deck Introduces Chef and its role in DevOps. The agenda of the deck is as follows:
- A Review of DevOps
- BMs Continuous Delivery solution
- Introduction to Chef
- Chef and Continuous Delivery
Read more on DevOps: http://sdarchitect.wordpress.com/understanding-devops/
Vous n'avez pas pu assister à la journée DevOps by Xebia ? Voici la présentation de Cyrille Le Clerc (Cloudbees) et Geoffroy Warrin (Xebia) : "De l'intégration continue au déploiement continu avec Jenkins"
Continuously serving the developer community with Continuous Integration and...Thoughtworks
Snap CI enables software teams to do Continuous Delivery (CD). When practicing CD, the goal is to automate the deployment process and build software in such a way that it can be deployed to production any time. As a deployment tool, Snap CI cannot have downtime. If it did, our users would not be able to deploy their own software. We had to change Snap CI’s architecture to ensure zero-downtime and we chose to do blue-green deployments to achieve it. In this approach, we had to maintain two instances of our system: one active instance, and one inactive instance. Based on our experiences, we will share some tricks of the trade from the numerous challenges we faced such as: making the application aware of whether it was active or inactive, handling data migrations, and babysitting long-running jobs.
These are the slides from Akshay Karle and Fernando Junior's presentation on Agile Brazil 2015.
The document discusses performance monitoring, which analyzes live data beyond initial performance testing. It outlines key parameters to monitor like uptime, page speed, and memory usage. Tools like Splunk can centralize monitoring across distributed systems. The document provides a case study of high page load times and explores potential root causes like slow API calls or custom UI code. Analyzing log messages and database queries can help identify specific problems.
PuppetConf 2016: Continuous Delivery and DevOps with Jenkins and Puppet Enter...Puppet
This document discusses continuous delivery and DevOps practices using Jenkins and Puppet. It defines DevOps as addressing security at every stage and having high-performing teams that spend less time fixing issues. It also discusses the DevOps trinity of people, processes, and tools. Jenkins Pipelines and infrastructure as code with Puppet are presented as key practices for continuous delivery. The integration of Jenkins and Puppet Enterprise is demonstrated for automating application deployments.
1. Traditional database development faces issues like lack of source control, tedious deployment scripts, and manual processes.
2. DevOps principles like continuous integration, static code analysis, and automation can help address these issues. Database changes can be tracked in source control and deployed automatically.
3. There are different approaches to database deployment like state-based using DACPAC files or migration-based using incremental scripts stored in source control. Tools like SSDT, ReadyRoll, and Flyway support these approaches.
JavaOne 2015 - Swimming upstream in the container revolutionBert Jan Schrijver
Bert Jan Schrijver discusses Malmberg's transition from traditional operations to a containerless continuous delivery model using DevOps principles. Some key challenges included cultural resistance to change, infrastructure limits with Amazon, and ensuring proper testing environments. The approach established expert teams, defined clear principles like infrastructure as code and no downtime, and benefited the business through increased agility, availability, and cost reductions. Areas of ongoing focus include monitoring, performance and security testing, and automated resilience testing.
The document discusses the growth of Site Reliability Engineering (SRE) at Squarespace from a team of 2 people in New York to a global organization with teams in New York, Portland, and Dublin. It describes how the initial SRE team focused on three pillars: monitoring and alerting, configuration management, and builds and deploys. It then explains how the SRE organization expanded to include additional teams focused on areas like provisioning, release engineering, developer productivity, and observability while also embedding SREs within product teams.
Using Habitat to Unify Dev to CI to Production - Configmgmt Camp Feb/2018 GentSalim Afiune Maya
This talk is about the journey of a developer that starts working in a company (day one) and goes through the process from getting her computer setup all the way until she makes her first contribution to an application in production.
We will talk about Habitat, a tool to build, deploy, and manage applications. We will explain what is the Habitat Studio and the benefits of doing development in it and how we can leverage it to unity our application workflow.
Find here a recording of the demo: https://asciinema.org/a/160762
This document discusses DevOps concepts and best practices. It recommends breaking down barriers between development and operations, treating infrastructure as code, automating processes, implementing continuous integration and deployment, and monitoring systems. The key aspects are adopting a collaborative culture, implementing automation tools, and establishing practices like infrastructure as code, configuration management, and continuous integration, delivery and deployment.
Infrastructure and Compliance Delight with Chef AutomateMatt Ray
The document discusses Chef Automate, a platform for continuous automation, infrastructure automation, compliance automation, and application automation. It describes how Chef Automate can help increase development speed, improve efficiency, and decrease risk by defining infrastructure, applications, and compliance rules as code. It provides an example workflow of how Chef Automate can enable the continuous compliance process of scanning for compliance, building and testing locally and in CI/CD, remediating issues, and verifying compliance. Finally, it summarizes how Chef Automate supports the entire journey from detecting compliance issues to correcting them to automating continuous detection and correction.
At GOTO Amsterdam in 2019 I presented how to create an effective cloud native developer workflow. Two years later and many new developer technologies have come and gone, but I still hear daily from cloud developers about the pain and friction associated with building, debugging, and deploying to the cloud. In this talk I'll share my latest learning on how to bring the fun and productivity back into delivering Kubernetes-based software.
In this talk, you will:
- Learn why the core tenets of continuous delivery -- speed and safety -- must be considered in all parts of the cloud native SDLC
- Explore how cloud native coding benefits from thinking separately about the inner development loop, continuous integration, continuous deployment, observability, and analysis
- Understand how cloud native best practices and tooling fit together. Learn about artifact syncing (e.g. Skaffold), dev environment bridging (e.g. Telepresence), GitOps (e.g. Argo), and observability-focused monitoring (e.g. Prometheus, Jaeger)
- Explore the importance of cultivating an effective cloud platform and associated team of experts
- Walk away with an overview of tools that can help you develop and debug effectively when using Kubernetes
1. The document discusses metrics-driven continuous delivery and focuses on using metrics throughout the development and delivery process.
2. It emphasizes using architectural metrics in addition to functional metrics to help determine if a new version is likely to cause catastrophic failures before deploying to production.
3. It also argues that the concept of continuous delivery pipelines should extend beyond production deployments to help evaluate user experience and gain feedback on new features beyond just technical metrics.
DevOps Days Toronto: From 6 Months Waterfall to 1 hour Code DeploysAndreas Grabner
Slides used for https://www.devopsdays.org/events/2017-toronto/program/andreas-grabner/
In 2011 we delivered 2 major releases of our on premise enterprise software. Market, technology and customer requirements forced us to change that in order to remain competitive.
Now – in 2017 - we are deploying and providing feature releases every 2 weeks for both our on premise and SaaS-based offering. We deploy 170 SaaS production changes per day and have a DevOps pipeline that allows us to deploy a code change within 1h if necessary.
To increase quality, we built and provide a DevOps pipeline that currently executes 31000 Unit & Integration Tests per Hour as well as 60h UI Tests per Build. Our application teams are responsible end-to-end for their features and use production monitoring to validate their deployments which allows them to find 93% of bugs in production before it impacts our end users.
In this session I explain how this transformation worked from both “Top Down” as well as “Bottom Up” in our organization. A key component was the 4 people strong DevOps Team who developed and “sell” their DevOps Pipeline to the globally distributed application teams. I will give insights into how our pipeline enables application teams to design, code, test and run a new feature for our user base.
I will also talk about the “dark moments” as change is never without friction. Both internally as well as with our customers who also had to get used to more rapid changes.
Jeffrey Snover - Empowering DevOps with Azure StackWinOps Conf
Azure Stack is the first product in a new category – the hybrid cloud platform. It is a radical new product that you can think of as delivering the cloud equivalent of a SAN. Delivering a set of IaaS/PaaS Services, APIs, PowerShell and tooling experiences that are consistent with Azure allows it to run solutions from the Azure Marketplace. This allows companies to focus their dev and ops teams on the things that move their business forward, building applications which drive customer value.
This session focuses on what Azure Stack is and is not. It articulates the key values it delivers and use cases it enables.
Release Readiness Validation with Keptn for Austrian Online Banking SoftwareAndreas Grabner
Marco and Andreas work at Raiffeisen Software who provides banking software for many Austrian financial institutions. In this session they show us how Keptn is used to automate the validation of key SLOs as part of their release process.
InSpec is an open source testing framework for infrastructure with a human-readable language for specifying compliance, security, and other policy requirements. Easily integrate automated tests that check for advherence to policy into any stage of your deployment pipeline.
This talk was given at the Online Kubernetes Meetup July 2020 as well as DevOps Fusion 2020. The talk discusses 3 major problems in current delivery and operations: too much time spent in delivery, hard to maintain monolithic delivery pipelines and a lack of auto-remediation of production problems
The talk focuses on new approaches to solve these problems inspired by SRE practices and event-driven architectures.
As an implementation for a new approach we use Keptn (www.keptn.sh) - a CNCF Open Source project.
Using SLOs for Continuous Performance Optimizations of Your k8s WorkloadsScyllaDB
The document discusses how SLOs (Service Level Objectives) can be used for continuous performance optimizations of Kubernetes workloads. It provides an overview of common performance issues like the N+1 query problem. It then describes how Keptn can be used to automate testing, analysis and remediation based on defined SLOs. Keptn establishes an event-driven workflow that orchestrates monitoring, deployments, testing and SLO evaluations to help optimize performance and ensure SLIs meet defined objectives. Real-world examples are provided of how Keptn has been used by companies to validate release readiness and environment stability.
Performance Engineering Masterclass: Efficient Automation with the Help of SR...ScyllaDB
Henrik Rexed from Dynatrace walks through how to measure, validate and visualize these SLOs using Prometheus, an open observability platform, to provide concrete examples. Next, you learn how to automate your deployment using Keptn, a cloud-native event-based life-cycle orchestration framework. Discover how it can be used for multi-stage delivery, remediation scenarios, and automating production tasks.
Jenkins Online Meetup - Automated SLI based Build Validation with KeptnAndreas Grabner
This document discusses automating SLI/SLO based build validation with Keptn and Jenkins. It begins by outlining the challenges of lengthy manual approval processes for promoting builds. It then provides inspiration from Google's SRE practices of using Service Level Indicators (SLIs), Service Level Objectives (SLOs), and Service Level Agreements (SLAs). The document demonstrates how Keptn can automate SLI/SLO-based evaluation to integrate with Jenkins pipelines. It includes demos of using Keptn for self-service SLI validation, automating existing Jenkins tests, and enabling performance as a self-service. The document promotes starting resources on GitHub and joining the Keptn community slack channel
The document discusses the need for autonomous cloud management to reduce mean time to innovation and remediation by automating operations, deployment, monitoring, and quality using tools like Keptn. Keptn is a control plane that uses a declarative GitOps-based approach with standardized CloudEvents to define delivery and operations processes to enable continuous delivery and operations. It integrates with various tools to automate testing, deployment, monitoring and remediation through event-driven workflows.
Metrics-Driven DevOps discusses how Dynatrace has shifted to continuous delivery of software using a DevOps approach. Some key points:
- Dynatrace has moved to releasing major updates 26 times per year with 170 production deployments daily, up from a previous model of major releases every 6 months.
- They implemented practices like continuous integration/delivery, performance testing pipelines, and monitoring of production metrics to optimize lead time and catch issues earlier.
- Dynatrace uses its own products to monitor pipelines and applications, enabling teams to get feedback and fail builds quickly when issues arise.
- Culture change and collaboration across teams was important to align engineers as the company transformed practices to support continuous delivery at
Don't Deploy Into the Dark: DORA Metrics for your K8s GitOps DeploymentsAndreas Grabner
This talk was given at Boston Cloud Native Meetup on Feb 9th 2023
DORA’s Four Key DevOps have gained much attention as they provide critical insights into an organization’s maturity in automating the delivery of high-quality software. Google provides a blueprint implementation which requires extending your existing delivery pipelines (Jenkins, Argo, Flux, GitHub, GitLab …) to push those metrics to an external database. While doable, many platform engineers we spoke to are seeking an alternative solution and more cloud-native approach.
The CNCF project Keptn saw this as an opportunity to provide a K8s- & Cloud-Native solution that provides 100% coverage, WITHOUT changing pipelines and using OpenTelemetry as standard collection framework.
Join this talk where Andi (Andreas) Grabner, DevRel at Keptn, will show you how you can use Keptn’s Lifecyle Toolkit to get your DORA metrics within 5 minutes. Andi also covers how the Lifecycle Toolkit brings application-awareness into your deployments and allows you to execute pre- and post-deployment checks as serverless functions – all declaratively as part of your existing K8s CRDs.
Overcoming (organizational) scalability issues in your Prometheus ecosystemQAware GmbH
Cloud Native Night, July 2020, online: Talk of Jürgen Etzlstorfer (@jetzlstorfer, Dynatrace)
== Please download slides if blurred! ==
Abstract:
Prometheus is considered a foundational building block when running applications on Kubernetes and has become the de-facto open-source standard for visibility and monitoring in Kubernetes environments.
Your first starting points when operating Prometheus are most probably configuring scraping to pull your metrics from your services, building dashboards on top of your data with Grafana, or defining alerts for important metrics breaching thresholds in your production environment. in your production environment.
As soon as you are comfortable with Prometheus as your weapon of choice, your next challenges will be scaling and managing Prometheus for your whole fleet of applications and environments. As the journey “From Zero to Prometheus Hero” is not trivial you will find obstacles on the way. In this talk we are highlighting the most common challenges we have seen and provide guidance on how to overcome them. Finally, we are discussing a solution to get you there more quickly to build automated, future-proof observability with Prometheus showing Keptn as one possible implementation.
About Jürgen:
Jürgen is a core contributor to the Keptn open-source project and responsible for the strategy and integration of self-healing techniques and tools into the Keptn framework. He also loves to share his experience, most recently at conferences on Kubernetes based technologies and automation.
More information:
Overview: https://github.com/keptn/community
Github: https://github.com/keptn/keptn
Website: https://keptn.sh
Google Group: https://groups.google.com/forum/#!forum/keptn
Twitter: https://twitter.com/keptnProject
________________________________________________
Follow us on:
https://twitter.com/qaware
https://www.linkedin.com/company/qaware-gmbh
https://github.com/qaware
www.qaware.de
Overcoming scalability issues in your prometheus ecosystemNebulaworks
The document discusses challenges with scaling Prometheus monitoring as applications and environments grow. Common issues include lack of centralized configuration management, significant manual configuration work, and configurations becoming out of sync. The presentation proposes using GitOps and code generators to address these challenges. It also introduces Keptn as a solution to automate Prometheus and Grafana configuration based on service level indicators and objectives defined in YAML files. Keptn provides an event-driven control plane for continuous delivery and automated operations.
Building Autonomous Operations for Kubernetes with keptnJohannes Bräuer
Keptn is a framework for automating continuous delivery and operations of Kubernetes applications. It uses a GitOps-based approach with event-driven automation to enable unbreakable delivery pipelines and self-healing deployments. Keptn provides autonomous control plane capabilities including automated testing, deployment, evaluation and operations through reusable services. The demo shows how keptn can onboard a service, deploy new versions through the stages, and enable automated remediation through integration with monitoring and runbook tools.
Adding Security to your SLO-based Release Validation with KeptnAndreas Grabner
This talk was given at DevSecOps Days Boston and DevOps & Security Meetup Vienna in 2021
Automatic Release Validation, aka Quality Gates, is not a new concept but often only covers functional or performance metrics. Keptn’s open SLO-based evaluation allows DevSecOps to have their favorite security tool report SLOs such as number of detected vulnerabilities as part of delivery automation
Continues Testing: We hear this quote frequently, in small and large companies around the world. My team and I have been a part of this evolution. I was asked to join an ambitious project at work. My task, was to build a team to be the first DevTest group in my organization.
The journey I will share with you is how to integrate the agile mindset into your non-agile team, focusing on methodologies, techniques, and technologies.
We hear this quote frequently, in small and large companies around the world. My team and I have been a part of this evolution. I was asked to join an ambitious project at work. My task, was to build a team to be the first DevTest group in my organization.
The journey I will share with you is how to integrate the agile mindset into your non-agile team, focusing on methodologies, techniques, and technologies.
Keptn: Unbreakable Continuous Delivery - Berlin CI/CD MeetupJürgen Etzlstorfer
Keptn is an open source framework that aims to solve the challenges of cloud native continuous delivery by automating multi-stage unbreakable delivery pipelines, self-healing blue/green deployments, and event-driven runbook automation. It uses GitOps principles and Kubernetes-native technologies to allow developers to focus on building code and operations to focus on automating tasks. Keptn handles tasks like creating development, staging, and production environments; onboarding and deploying services; running automated tests; evaluating deployments; and promoting changes between environments through a series of events and actions.
Did you know the average age of the top four banks is 175 years old? And those four banks are the end result of merging or acquiring 35 separate companies over the last 40 years? This means lots of different cultures, tech stacks, apps, processes, and controls – and SCRIPTS!!
Join Chris Nowak, Principal at FlowStates, and Avantika Mathur, ElectricFlow Product Manager, as they share hard-won lessons and emerging patterns in DevOps and release orchestration that can help any regulated organizations climb out of scripting hell. You’ll hear:
1) Why it’s important to prioritize delivery improvement across all your teams
2) How the theory of constraints is limiting your success
3) And how simple things like version control for artifacts can help improve success rates!
Continuous Delivery: How RightScale Releases WeeklyRightScale
Continuous delivery may be a natural for greenfield workloads, but how do you take an existing seven-year-old SaaS application and move from multi-month to weekly release cycles? Find out how our team — developers, QA, and ops — worked together to change our process and along the way changed their own ideas of what was possible.
The document discusses DevOps and how it relates to operationalizing application deployments through automation and orchestration. It notes that traditional operations processes were error-prone, difficult to debug, and time-consuming. DevOps addresses these issues by simplifying troubleshooting, making processes more consistent, predictable, and repeatable through scripting and APIs. It also discusses how to quantify the value of DevOps through sigma calculations and metrics like error rates, time to deploy, and frequency of deployments. The goal is to reduce variation and improve quality through more reliable and standardized processes.
The document discusses some of the challenges of developing and deploying web services at scale, including:
- Meeting service level agreements for high availability and performance.
- Choosing appropriate technologies and architectures that can scale to support large volumes of traffic and data.
- Ensuring services are robust, reliable and secure through practices like rigorous testing, monitoring, and automated deployment.
- Fostering collaboration between development and operations teams to address deployment issues as they arise.
Neotys organized its first Performance Advisory Council in Scotland, the 14th & 15th of November.
With 15 Load Testing experts from several countries (UK, France, New-Zeland, Germany, USA, Australia, India…) we explored several theme around Load Testing such as DevOps, Shift Right, AI etc.
By discussing around their experience, the methods they used, their data analysis and their interpretation, we created a lot of high-value added content that you can use to discover what will be the future of Load Testing.
You want to know more about this event ? https://www.neotys.com/performance-advisory-council
The document discusses how to deliver software fast while maintaining high quality through modern QA practices. It describes setting up a DevTest team that combines agile methodologies, automated testing, and testing software-as-a-service products on tight 1.5 month release cycles. The DevTest team builds reliable automation frameworks, performs continuous testing on every code push, and has the goal of deploying fixes within one day through a continuous deployment pipeline.
k6 is an open source load testing tool that was acquired by Grafana in 2021. It allows teams to test reliability before problems impact users by simulating user traffic to applications and services. The k6-operator allows running distributed k6 tests on Kubernetes and integrates k6 into developer workflows. It provides many options for configuring and scaling tests through JavaScript scripts.
This document discusses extending kubectl functionality through plugins. It introduces kubectl plugins and Krew, a plugin manager for kubectl. It covers developing and publishing plugins, including writing plugins in any language, creating a krew manifest, and automating plugin updates through GitHub actions.
Enhancing Data Protection Workflows with Kanister And Argo WorkflowsLibbySchulze
This document discusses enhancing data protection workflows with Kanister and Argo Workflows. It begins with discussing the need for data protection of stateful workloads on Kubernetes and challenges with current approaches. It then provides an overview of Kanister, an open source tool for application-level data protection on Kubernetes. Kanister uses custom resources and functions to abstract away complex data protection workflows. It also works with Argo Workflows to scale parallel data operations. The document concludes with a demo of using Kanister's CSI functions to create and restore snapshots and scaling snapshots with Argo Workflows.
This document discusses 10 common fallacies in platform engineering. It begins by introducing the speaker and topic, which are 10 fallacies seen in platform engineering and how to mitigate them. Some of the fallacies discussed include prioritizing the wrong procedures, relying only on visualizations, trying to replace all tools at once, providing too much freedom without constraints, and trying to compete directly with large cloud providers. The goal of platform engineering is to standardize processes and reduce cognitive load on developers and operations teams.
This document introduces Fluvio, an open-source data streaming platform founded by the creators of Nginx's open-source service mesh. It provides a programmable platform for data in motion that can be used to build analytics pipelines, track user behavior and sensor data, and enable fraud detection. Fluvio offers better performance and lower costs compared to Kafka. The roadmap details ongoing development of Fluvio and its cloud offering from InfinyOn, including adding smart modules, connectors, and pipelines.
The document summarizes a CNCF webinar about Project Updates with LitmusChaos. The webinar agenda covers what's new in LitmusChaos 2.0, use cases from iFood and HaloDoc, and a demo of making an e-commerce application resilient. For iFood, the challenges of a growing online food delivery platform moving to microservices are described. For HaloDoc, the service reliability challenges of a hybrid cloud-native healthcare application are covered. LitmusChaos helps both companies by providing experiments, observability, and automation to test reliability.
This document discusses Sigstore, a new standard for signing, verifying, and protecting software. It provides three key pieces - Cosign for signing things, Fulcio for signing with short-lived certificates, and Rekor for verification and monitoring. Sigstore allows signing of software artifacts, documents like SBOMs and attestations, and git commits. Attestations provide signed statements about software, and Sigstore ensures their integrity. Sigstore supports achieving different levels in the SLSA framework for supply chain security. It also aligns with frameworks from NIST and CIS. Tools like Gitsign allow "keyless" signing of git commits to meet requirements for verified history and two-person review.
This document summarizes a presentation on avoiding configuration drift with Argo CD. It introduces configuration drift as differences between environments that are supposed to be similar, such as undocumented changes or "cowboy deployments". It then discusses how configuration drift can occur in Kubernetes and strategies like GitOps and Argo CD that use bidirectional synchronization between code repositories and clusters. This helps guarantee clusters always deploy the desired configuration from Git and can self-heal if manual changes are made. The presentation includes a live demo of these concepts using Rancher and Argo CD.
This document summarizes a virtual meetup on app modernization. It discusses that 79% of app modernization efforts fail, with the average cost being $1.5 million and time being 16 months. App modernization aims to improve scalability, engineering velocity, and remove technical debt. Common obstacles include complexity, technical debt, and lack of resources. Modernizing just the UI without the business logic is ineffective. The document recommends prioritizing modernizing the business logic first to achieve the most benefits, and provides guidance for successful modernization projects such as defining requirements, securing resources, training teams, and providing the right tools.
CNCF Live Webinar: Low Footprint Java Containers with GraalVMLibbySchulze
GraalVM Native Image can compile Java applications into native executables for improved performance and lower resource usage compared to the traditional Java Runtime. It works by ahead-of-time compiling Java applications into native images that have a smaller footprint when deployed in containers and start faster than traditionally interpreted Java applications. Native images generated by GraalVM Native Image were shown to use half the memory and achieve better throughput than the same application running on the Java Runtime when deployed to Oracle Kubernetes Engine.
This document summarizes a workshop about using EnRoute and Open Policy Agent (OPA) to enforce policies at the ingress level. It includes an overview of EnRoute and OPA, a system diagram, differences between EnRoute and other ingress controllers, how OPA can be used for attribute-based access control (ABAC). It then demonstrates configuring EnRoute with OPA integration, installing an example workload secured with JWT, enforcing JWT claims using an OPA policy, and verifying the policy is applied.
1. An air-gapped Kubernetes environment restricts internet access to increase security by preventing downloads of malicious data and attacks from outside entities.
2. Implementing an air-gapped Kubernetes cluster is more difficult than a standard one and requires additional effort for maintenance, but provides protections such as preventing data exfiltration by third parties.
3. Deploying components like the ELK stack in an air-gapped environment requires manually downloading, transferring, and installing charts and images due to the lack of access to external registries and repositories. Processes and permissions must be tightly controlled to maintain security.
CNCF_ A step to step guide to platforming your delivery setup.pdfLibbySchulze
1. This document provides a step-by-step guide to establishing an internal developer platform to help teams build applications more efficiently.
2. It recommends treating the platform as a product with a product owner, roadmap, and user interviews. Prioritize components based on how much developer and operations time they save.
3. Agree on core technologies like containers and Kubernetes as the minimum standard. Identify evangelistic teams to pilot the initial platform offerings.
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfLibbySchulze
The document discusses a presentation by Joey Lei and Anders Eknert on data protection guardrails using Open Policy Agent (OPA). It provides background on the speakers and an overview of OPA, including how it works, the Rego policy language, and OPA's open source community. It then discusses how data protection policies can be enforced as code using OPA to provide guardrails for infrastructure-as-code deployments and prevent misconfigurations that could compromise availability, integrity or confidentiality of data. Examples of policy checks for recovery objectives, retention, backup strategies and exfiltration protection are provided.
This document summarizes a presentation about securing Windows workloads in a hybrid Kubernetes cluster. It begins with an overview of Calico and describes what a hybrid cluster is. It then discusses running Windows containers and the need to choose container base images wisely. The presentation covers how to secure Windows workloads using Calico for networking and policy enforcement. It concludes with information about demo resources and links for further reading.
This document summarizes a presentation about securing Windows workloads in a hybrid Kubernetes cluster. It begins with an overview of Calico and describes what a hybrid cluster is. It then discusses running Windows containers and the need to choose container base images wisely. The presentation covers how Calico can be used to secure Windows workloads by providing networking and policy enforcement capabilities. It concludes with information about demo environments and resources for working with Windows and Kubernetes.
Advancements in Kubernetes Workload Identity for AzureLibbySchulze
This document summarizes Azure Workload Identity, a new solution for providing managed identities to Kubernetes workloads. It discusses the limitations of the existing AAD Pod Identity solution and introduces the motivations and architecture of Azure Workload Identity. Key points include that it eliminates identity assignment wait times, dependencies on Kubernetes custom resource definitions and the IMDS, and supports non-Azure Kubernetes clusters and non-Linux nodes. Integrations, the roadmap, and resources are also outlined.
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsexgf28
Jarren Duran Fuck EM T shirts
https://www.pinterest.com/youngtshirt/jarren-duran-fuck-em-t-shirts/
Happy to Pay Fine for Expletive shirt,Happy to Pay Fine for Expletive T shirts,Jarren Duran Fuck EM T shirts Grabs yours today. tag and share who loves it.
10th International Conference on Networks, Mobile Communications and Telema...ijp2p
10th International Conference on Networks, Mobile Communications and
Telematics (NMOCT 2024)
Scope
10th International Conference on Networks, Mobile Communications and Telematics (NMOCT 2024) is a forum for presenting new advances and research results in the fields of Network, Mobile communications, and Telematics. The aim of the conference is to provide a platform to the researchers and practitioners from both academia as well as industry to meet and share cutting-edge development in the field.
Authors are solicited to contribute to the conference by submitting articles that illustrate research results, projects, surveying works, and industrial experiences that describe significant advances in the following areas but are not limited to.
Topics of interest include, but are not limited to, the following:
Mobile Communications and Telematics Mobile Network Management and Service Infrastructure Mobile Computing Integrated Mobile Marketing Communications Efficacy of Mobile Communications Mobile Communication Applications Critical Success Factors for Mobile Communication Diffusion Metric Mobile Business Enterprise Mobile Communication Security Issues and Requirements Mobile and Handheld Devices in the Education Telematics Tele-Learning Privacy and Security in Mobile Computing and Wireless Systems Cross-Cultural Mobile Communication Issues Integration and Interworking of Wired and Wireless Networks Location Management for Mobile Communications Distributed Systems Aspects of Mobile Computing Next Generation Internet Next Generation Web Architectures Network Operations and Management Adhoc and Sensor Networks Internet and Web Applications Ubiquitous Networks Wireless Multimedia Systems Wireless Communications
Heterogeneous Wireless Networks Operating System and Middleware Support for Mobile Computing Interaction and Integration in Mobile Communications Business Models for Mobile Communications E-Commerce & E-Governance
Nomadic and Portable Communication Wireless Information Assurance Mobile Multimedia Architecture and Network Management Mobile Multimedia Network Traffic Engineering & Optimization Mobile Multimedia Infrastructure Developments Mobile Multimedia Markets & Business Models Personalization, Privacy and Security in Mobile Multimedia Mobile Computing Software Architectures Network & Communications Network Protocols & Wireless Networks Network Architectures High Speed Networks Routing, Switching and Addressing Techniques Measurement and Performance Analysis Peer To Peer and Overlay Networks QOS and Resource Management Network-Based Applications Network Security Self-organizing networks and Networked Systems Mobile & Broadband Wireless Internet Recent Trends & Developments in Computer Networks
Paper Submission
Authors are invited to submit papers through the conference Submission System by July 06, 2024. Submissions must be original and
Book dating , international dating phgrathomaskurtha9
International dating programhttps: please register here and start to meet new people todayhttps://www.digistore24.com/redir/384521/godtim/.
get started. https://www.digistore24.com/redir/384521/godtim/
Have you ever built a sandcastle at the beach, only to see it crumble when the tide comes in? In the digital world, our information is like that sandcastle, constantly under threat from waves of cyberattacks. A cybersecurity course is like learning to build a fortress for your information!
This course will teach you how to protect yourself from sneaky online characters who might try to steal your passwords, photos, or even mess with your computer. You'll learn about things like:
* **Spotting online traps:** Phishing emails that look real but could steal your info, and websites that might be hiding malware (like tiny digital monsters).
* **Building strong defenses:** Creating powerful passwords and keeping your software up-to-date, like putting a big, strong lock on your digital door.
* **Fighting back (safely):** Learning how to identify and avoid threats, and what to do if something does go wrong.
By the end of this course, you'll be a cybersecurity champion, ready to defend your digital world and keep your information safe and sound!
The advent of social media has revolutionized communication, transforming the way people connect, share, and interact globally. At the forefront of this digital revolution are visionary entrepreneurs who recognized the potential of the internet to foster social connections and create communities. This essay explores the founders of some of the most influential social media platforms, their journeys, and the lasting impact they have made on society.
Mark Zuckerberg, along with his college roommates Eduardo Saverin, Andrew McCollum, Dustin Moskovitz, and Chris Hughes, founded Facebook in 2004. Initially created as a social networking site for Harvard University students, Facebook rapidly expanded to other universities and eventually to the general public. Zuckerberg's vision was to create an online directory that connected people through their real-life social networks.
Twitter, founded in 2006 by Jack Dorsey, Biz Stone, and Evan Williams, brought a new dimension to social media with its microblogging platform. Dorsey envisioned a service that allowed users to share short, real-time updates, limited to 140 characters (now 280). This concise format encouraged rapid sharing of information and fostered a culture of brevity and immediacy.
Kevin Systrom and Mike Krieger co-founded Instagram in 2010, focusing on photo and video sharing. Systrom, who studied photography, wanted to create an app that made mobile photos look professional. The app's unique filters and easy-to-use interface quickly gained popularity, amassing over a million users within two months of its launch.
Instagram's emphasis on visual content has had a significant cultural impact. It has popularized the concept of influencers, giving rise to a new industry where individuals can monetize their popularity and reach. The platform has also revolutionized digital marketing, enabling brands to connect with consumers in more authentic and engaging ways. Acquired by Facebook in 2012, Instagram continues to be a dominant force in social media, shaping trends and cultural norms.
Reid Hoffman founded LinkedIn in 2002 with the goal of creating a professional networking platform. Unlike other social media sites focused on personal connections, LinkedIn was designed to connect professionals, facilitate job searches, and foster business relationships. The platform allows users to create professional profiles, network with colleagues, and share industry insights.
LinkedIn has become an indispensable tool for job seekers, recruiters, and businesses. It has transformed the job market by making it easier to find and connect with potential employers and employees. LinkedIn's influence extends beyond job searches; it has become a hub for professional development, thought leadership, and industry news. Hoffman's vision has significantly impacted how professionals manage their careers and build their networks.
Jan Koum and Brian Acton co-founded WhatsApp in 2009, aiming to create a simple, reliable..
1. Automating SRE from “Hello World”
to Enterprise Scale with
Andreas Grabner
DevOps Activist at Dynatrace
DevRel for Keptn
@grabnerandi, https://www.linkedin.com/in/grabnerandi
Star us @ https://github.com/keptn/keptn
Followus @keptnProject
Slack Us @ https://slack.keptn.sh
Visit us @ https://keptn.sh
3. Confidential 6
Too complexautomationpipelines are too hard to maintain!
ChristianHeckelmann
Senior DevOps Engineer
2800
projects
966
CI/CDs
„I am constantlyreacting to
‚Pipeline Broken – please fix!‘“
7. Confidential 10
Too much manual expert workon test execution & SLO Analysis
~90%of test reruns
9:1 ratio
script maintenancevs creation
only 10% projects
performance tested
Test Result Analysis
MonitoringConfiguration
~ 80%time
spent in manual...
Scripts Creation
SLO Report Generation
15-20
tests /
year
< 5
Apps
„We are limited in scaling SRE
due to manual expert tasks!‘“
Roman Ferstl
Managing Director
8. Confidential 11
3 examples of how Keptn solves these problems ...
Sumit Nagal
Principal Engineer
Roman Ferstl
Managing Director
ChristianHeckelmann
Senior DevOps Engineer
50+
Continuous SLO Validations
15x
Perf tests
10x
tested apps
~60
Services
14
Stages
Tool stack
SLO-based Quality Gate
Automation
Performance & Resiliance
Test Automation
Scaling SRE through
Delivery Automation
10. Confidential 13
Keptn: Data-DrivenDelivery& Operations Automation
You
(Dev/Ops/SRE)
bring your configuration
pick your use case
SLO-Quality
Gates
Progressive
Delivery
Auto-
Remediation
Declaration GitOps SLOs Standards
SLI/SLO shipyard runbook
SRE
Automation
workload
Monitoring Delivery Reliability Remediation
automates configuration and provides self-service for
through event-driven process orchestrationbased on
connect your tools
12. Confidential 15
We lookedat the fundamential problems our users have
Mixed information about
• Process (build,deploy,test,evaluate, …)
• Target platform (k8s, …)
• Environments(dev, hardening,…)
• Tools (Terraform,Helm, hey, …)
No clear separation of concerns
• Developers
• Define which artifact to use
• Want fast feedback on their code
• DevOps Engineers
• Define which tools to use
• Ensure tools are properly configured
• Site ReliabilityEngineers
• Define delivery processes
• Define operations workflows
13. Confidential 16
Solution: Remove hard dependencies and integrations
Build
Prepare
Deploy
Test
Notify
Rollback
Config Mgmt.
Deploy
Test
Monitoring
ChatOps
Rollback
14. Confidential 17
Solution: Remove hard dependencies and integrations
Build
Prepare
Deploy
Test
Notify
Rollback
Config Mgmt.
Deploy
Test
Monitoring
ChatOps
Rollback
Eventing
Event:Deploy
Artifact:container1
Stage:Dev
Strategy:Blue/Green
which events to generate ➔ Process Definition who consumesevents ➔ Tool Definition
15. Confidential 18
Eventing
Solution:Keptn is built on an architecture that supports this paradigm
Application Plane (=Process Definition)
Define overall process for delivery and operations
Control Plane
Follow application logic and communicate/configure required services
API
Site Reliability
Engineer
DevOps
Developer
uniform.yaml
config-change*: helm
deploy*: JMeter
deploy-finish: Lighthouse
problem*: Remediation
all: Slack, Dynatrace
Execution Plane (=Tool Definition)
Deploy Service
(Helm, Jenkins …)
Test Service
(JMeter, Neotys, ..)
Validation Service
(Keptn Lighthouse …)
Remediation Service
(Keptn Remediation, SNOW …)
Config Service
(Git, …)
Monitoring Service
(Prometheus,
Dynatrace, …)
Artifact /
Microservice
config.change:artifact:x.y deploy.finished:http://service1 tests.finished:OK evaluation.done:98% Score problem.open:HighFailure
shipyard.yaml
- dev: direct, functional, SLO
- staging: B/G, perf, SLO
- prod: canary, real-user, SLA
remediation.yaml
- high-failure-rate:
- scaleup, rollback
- full-disk:
- cleandir;adjustlog-level
16. Confidential 19
Demo #1: SLO-Driven Progressive Delivery and Operations Automation with Keptn
Developer
Pull Request
(1)Deploy & Test
(2)Evaluate SLOs
(3)Auto-Promote
(4)Deploy & Test
(5)Evaluate SLOs
(7)Deploy Blue / Green
(8)Evaluate SLOs
(1)Action 1: Scale Up
(2)Evaluate SLOs
(3)Action 2: Roll Back
(6)Promote? (9)Toggle Blue/Green
#1 - IncreasedSpeedand Quality of ProgressiveDelivery through Automation #2 - Automate Operations
(10)Re-Evaluate SLOs (4)Evaluate SLOs
Closed-Loop Remediation
Observability
19. Confidential 23
RootCause: Lengthy manual approval
Build
Deployto
„Test“
Run Test
In „Test“ Manual Approval
Promote to
„Staging“
Functional: Test Result Trend Not Enough Performance: ManualComparison Is Slow Monitoring: Too much unstructed data
~30-60min
Which metrics are important
and which build is therefore better
Which data comesfrom my test
and is relevantfor business transactions
Is this regression impacting
key business use cases
20. Confidential 24
Learning from Google‘s SRE Practices
• Service Level Indicators(SLIs)
• Definition:Measurable Metrics as the base for evaluation
• Example:ErrorRate of Login Requests
• Service Level Objectives (SLOs)
• Definition:Bindingtargets for Service Level Indicators
• Example:Login Error Rate must be less than 2% over a 30 day period
• Service Level Agreements (SLAs)
• Definition:Business Agreement between consumer and provider typicallybasedon SLO
• Example:Logins must be reliable & fast (Error Rate, Response Time, Throughput)99% within a 30 daywindow
• Google Cloud YouTube Video
• SLIs, SLOs, SLAs, oh my! (class SRE implements DevOps): https://www.youtube.com/watch?v=tEylFyxbDLE
SLIs drive SLOs which inform SLAs
21. Confidential 25
Applying SRE Best Practices across the lifecycle
Authentication Service
0.89s
0.5%
May 2020 June 2020
0.61s
2.5%
1000/s 1600/s
Service X
xxs
xx% yys
yy%
xx/s yy/s
Production
Shift-Left
Continuous Delivery
Authentication Service
Commit
#1
Commit
#2
Commit
#3
Commit
#4
Service X
Quality Gates
23. Confidential 27
SLI/SLO-based evaluationimplementationin Keptn
SLIs defined per SLI Provider as YAML
SLI Provider specific queries,e.g: DynatraceMetrics Query
Quality Gates
...
Dynatrace Prometheus Neoload
Scores SLIs
Queries SLI
Providers with
SLI Definitions &
Timeframe
SLOs defined on Keptn Service Level as YAML
List of objectives with fixed or relative pass & warn criteria
indicators:
error_rate: "builtin:service.errors.total.count:merge(0):avg"
count_dbcalls: "calc:service.toptestdbcalls:merge(0):sum"
jvm_memory: "builtin:tech.jvm.memory.pool.committed:merge(0):sum"
objectives:
- sli: error_rate
pass:
- criteria:
- "<=1“ # We expect a max error rate of 1%
- sli: jvm_memory
- sli: count_dbcalls
pass:
- criteria:
- "=+2%" # We allow a 2% increase in DB Calls to previous runs
warning:
- criteria:
- "<=10" # We expect no more than 10 DB Calls per TX
total_score:
pass: "90%"
warning: "75%"
0.5 1.0 0.0 info
7/8
(87.5%)
4/8
(50%)
$ keptn start-evaluation 30m myservice sli.yaml slo.yaml
5 DB Calls 360MB 4.3% 123
SLI Value:
SLI Score:
Total Score
2
3
4
Tool X
1
24. Confidential 28
Demo: Automated SLI/SLO Validationbased on Dynatrace Dashboards
You: Just build a dashboard! : Automates the analysis!
15.5/16
(97%)
8/16
(50%)
25. Confidential 29
User Example: Automating Build Approvals using Keptn‘s SLIs/SLOs in GitLab
Christian Heckelmann
Senior Systems Engineer
87.5%: passed
AutomatedSLI/SLO based Quality Gates
Trigger Evaluation
30. Confidential 34
Keptn: Data-DrivenDelivery& Operations Automation
You
(Dev/Ops/SRE)
bring your configuration
pick your use case
SLO-Quality
Gates
Progressive
Delivery
Auto-
Remediation
Declaration GitOps SLOs Standards
shipyard SLI/SLO runbook
SRE
Automation
workload
Monitoring Delivery Reliability Remediation
automates configuration and provides self-service for
through event-driven process orchestrationbased on
connect your tools
31. Confidential 35
Keptn 0.8 was just releasedearly March2021 and opens new use cases
• Multi-Cluster Setup
Separationof Control & Execution Plane
D
E
V
I
N
T
P
R
D
32. Confidential 36
Keptn 0.8 was just releasedearly March2021 and opens new use cases
• Shipyard v0.2.0: Explicit vs opinionated sequences
34. Questions & Answers
Automating SRE from “Hello World”
to Enterprise Scale with
Andreas Grabner
DevOps Activist at Dynatrace
DevRel for Keptn
@grabnerandi, https://www.linkedin.com/in/grabnerandi
Star us @ https://github.com/keptn/keptn
Followus @keptnProject
Slack Us @ https://slack.keptn.sh
Visit us @ https://keptn.sh