OPEN Stage

Join on Hopin

Tuesday, September 14, 2021

- PDT
OPEN TALK: Observability in the Cloud
Imaya Kumar Jagannathan
Imaya Kumar Jagannathan
Amazon Web Services, Senior Specialist Solution Architect, Observability

Observability is critical for any application. Polyglot microservices-based applications, hosted on ephemeral environments such as containers and serverless technologies, make it increasingly important to have the right tools, frameworks, and processes to understand application behavior, performance, and health. Done correctly, Observability helps reduce Mean Time To Resolution (MTTR) when troubleshooting complex problems, and can help improve customer satisfaction. Whatever your role - developer, cloud operator, or business person - you need to be able to visualize, inspect, and comprehend telemetry data. AWS offers a variety of services and options to help you gain comprehensive Observability of your applications, whatever the environment. In this session, we will show how you can implement Observability for your .NET applications with logs, metrics, and traces, unlocking your ability to build better systems and increase operational efficiency. You will learn AWS best practices for implementing Observability with services including CloudWatch, X-Ray, Amazon Manager Service for Prometheus (AMP), Amazon Managed Service for Grafana (AMG), and AWS Distro for OpenTelemetry.

- PDT
OPEN TALK: Relational Databases: Don't Call It a Comeback!
Rob Hedgpeth
Rob Hedgpeth
MariaDB, Director, Developer Relations

The data revolution is upon us, and, well, has been for several years. It comes as no surprise that as application technology has evolved to keep up with the ever increasing expectations of users, the data platforms and solutions have had to as well. A decade or so ago we thought all our problems had been solved with a new player in the game, NoSQL. But, spoiler alert, they weren't.

In this session we're going to dive into a brief history of data. We'll examine its humble beginnings, where we stand today, and how modern relational databases will shape the cloud landscape going forward. Throughout the journey you'll gain an understanding of how SQL and relational databases have adapted to pave the road for a truly bright future.

- PDT
OPEN TALK: The Scale Trap: How We Reduced Our CPU Utilization from 80% To 15%
Ezequiel Nulman
Ezequiel Nulman
Granulate, R&D Team Lead

Application performance metrics are a top priority for Developers and Engineering teams, as they have to ensure their applications are running properly at all times, handling high fluctuations in demand and scale. All while keeping in mind the rising and changing cloud costs that come with the territory.
In this session, Ezequiel will go over the internals of profiling in production and explain how this practice provides teams with deeper visibility into their workloads at scale, enabling them to optimize performance. He'll then go over a real-life use-case of how profiling our own workloads, managing millions of events per second, improved our CPU utilization, and reduced it from 80% to 15%.

- PDT
OPEN TALK: Authorization across the Stack
Peter ONeill
Peter ONeill
Styra, Community Advocate

When you think of authorization control and policy enforcement, do you put together a scavenger hunt of resources needed to figure out what should have access, then what actually does have access? Is there one team or one person in your organization holding all the policy information needed to secure your cloud-native application in an excel spreadsheet or a wiki somewhere? Then is this information hard-coded into each layer between your microservices?

OPA (Open Policy Agent) is a graduated CNCF (Cloud Native Computing Foundation) project that exists to simplify and accelerate application development by decoupling policy decisions from enforcement. Already battle tested and proven by organizations such as Netflix, Goldman Sachs, Pinterest and Atlassian; who are using OPA for distributed policy enforcement across a range of languages, execution environments and protocols.

During this talk we will cover some common authorization use cases. Showing how to utilizes OPA's decoupled nature to write simple policies that can be easily enforced by your system.

Common Use Cases:
* Restrict API access during blackout periods
* Grant SSH and sudo access to on-call engineers
* Require test certification for workloads deployed to production environments

You should attend this talk if you have an interest in learning how to enforce complex policies at scale with OPA, and without introducing significant latency or impacting availability.

- PDT
OPEN TALK: Keep Your Head in the Cloud and Your Documents Too with Datalogics PDF Cloud Solutions

You know Datalogics for our Adobe-powered PDF SDKs and Command-line applications, but we’ve brought that same dynamic document technology to the development space you need it most: the Cloud. In this session, we’ll share how our tried-and-true solutions are supporting web application and service development like never before. What can Datalogics do for your Cloud development projects, ideas, and goals? Join us and find out!

- PDT
OPEN TALK: How Your Applications Are under Attack - Struts2 Vulnerability Workshop
Austin Becker
Austin Becker
Sonatype, Solutions Engineer

This session will include information about how popular open source has become and how it is driving innovation for enterprises in today's market. Open source allows enterprises to get value to market faster, and ensure the survival of many businesses. But open source software (OSS) has recently been an attack vector and focus for cybercrime syndicates. How can you protect yourself? What are you up against? We will also cover how the Struts2 vulnerability, a common java OSS component, led to the attack and breach of several financial institutions. In this workshop, we will set up the Struts2 application and walk through not only how to exploit it, but also how to protect yourself from this attack.

- PDT
OPEN TALK: Putting the Five Pillars of the AWS into Practice
Mike Watson
Mike Watson
Excellarate, SVP Engineering
Hamdy Eed
Hamdy Eed
AWS, Sr. Solution Architect

In today’s fast-paced business and technology environments, an organization should never find itself boxed in by limited options for adapting to changing requirements or improving its workload strategy.

The Five Pillars of the AWS Well-Architected Framework—Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization—provide a way to consistently measure operations and architectures, identify areas for improvement, and respond to evolving requirements or external issues. The goal of the framework is to help architects learn the process of making informed, value-add decisions that reflect the organization’s priorities.

In this Q&A session, Excellarate’s Mike Watson hosts Hamdy Eed, an AWS Senior Solution Architect, for a lively discussion about putting the pillars into practice. They’ll explore how to navigate tradeoffs, a crucial function of the framework in guiding organizations through the process of shifting focus and priority among the pillars as needed. And Mike will ask Hamdy to talk about the latest tools and innovations available in the market to augment the implementation of each pillar.

Walk away with a better understanding of how the AWS Well-Architected Framework will help you learn how to:

~Design and implement scalable architectures that align with AWS best practices.
~Effectively utilize computing resources to maintain efficiency when system requirements change or technologies evolve
~Expand options with a structure that weighs priorities and adds business context when evaluating the trade-offs of each decision

Wednesday, September 15, 2021

- PDT
OPEN TALK: Cloud-Native Pipelines: Secure Software Delivery, Made Simple
Andrew Speed
Andrew Speed
Cloudsmith, Staff Software Engineer

In 2021, your entire tech stack is likely in the Cloud - so why aren’t your software packages?

Whether you’re currently on-premise, have your own in-house solution or have a bit of a hybrid set up, join us in this session to explore why the future is cloud-native, what the benefits of this are over cloud-hosted, and how to easily set up a secure, cloud-native software pipeline in 60 seconds.

- PDT
OPEN TALK: Improve Your Automation to Reduce Toil
Mandi Walls
Mandi Walls
PagerDuty, DevOps Advocate

In the course of your day as an SRE, or DevOps, or SysAdmin, your knowledge and expertise are in high demand. You can’t do every task every person in your org needs from you without the help of comprehensive automation.

Automation can be tricky. Some systems aren’t built with automation in mind, but assume that a human being will be there to keep an eye on things and fix errors on the fly, and we can’t be everywhere when there’s too much to do.
Plus, you want to provide access to automation for the right folks and keep a record of when the tools were used.

In this workshop, we’ll cover some things to keep in mind when you’re building out your automation library, characteristics of good automation, and give you a look at PagerDuty Rundeck, a platform that will help you share your expertise with other folks in your organization.

Build automation that works for you and gives you your time back!

- PDT
OPEN TALK: Observability and the Glorious Future
Charity Majors
Charity Majors
Honeycomb, Co-founder and CTO

Distributed systems, microservices, containers/schedulers, continuous delivery … we’ve been through one paradigm shift after another when it comes to architecture, but when it comes to observability we’re still using crufty old logging and metrics and dashboards that haven't been innovative since the LAMP stack era. And guess what? These tools completely fall apart past a certain level of complexity. Let’s dig into some of the deep technical reasons why this is happening and talk about some newer approaches to debugging complex systems when every single request into a system must be identifiable and aggregatable (e.g. honeycomb, distributed tracing). Why are events better than metrics? What is cardinality and why does it matter? And what is the difference between monitoring and observability, anyhow? Come find out.

- PDT
OPEN TALK: Cloud Devsecops in Practice From Everyday Automation to Top-Level Strategy
Taylor Smith
Taylor Smith
Palo Alto Networks, Bridgecrew Sr. PMM

Cloud security in most dev environments is broken. With ever-changing environments, engineers focused on features, and DevOps enabling incredible agility, traditional cloud security can't keep up. Even with a security resource at hand, the chance of catching each bad Terraform default or hidden * in a wide-open IAM policy is near impossible across endless cloud services. In this session, we'll show how (with very little effort) you can adopt DevSecOps with the right training, tools, processes and strategy. You’ll get practical advice and tactical tips to start implementing IaC security scanning and fixing security issues right away.

- PDT
From a Database in Container to DBaaS on Kubernetes
Peter Zaitsev
Peter Zaitsev
Percona, CEO

Talk about all important steps that it takes to run the database on Kubernetes in production. We will answer the questions: Can you do it without operators? Can you work with k8s primitives only to run production-grade DB and then DBaaS?