Workshop Stage 2

Join on Hopin

Tuesday, September 14, 2021

- PDT
OPEN TALK: Lagoon: The Secret to High-Performing Developers & Happier Ops Teams
Michael Schmid
Michael Schmid
amazee.io, Head of Technology

Kubernetes is great, but complex — and the learning curve is steep. Some might even call it frustrating. After all, application developers should be making great applications, not struggling with the complexities of Kubernetes. And operations teams shouldn't be biting their nails over developers having direct Kubernetes cluster write access.

Lagoon solves this (and more). It reduces the initial Kubernetes knowledge required from developers by providing easy to use application templates that involve just a couple lines of code. It does this with fully automated deployment on every branch commit or pull request. This removes the need for developers to have write access to the Kubernetes cluster and makes your operation teams happier.

Lagoon is fully configurable and flexible, and supports your developers in learning (and loving!) Kubernetes.

- PDT
OPEN TALK: Building Resilient Applications Using Observability
Chinmay Gaikwad
Chinmay Gaikwad
Epsagon, Tech Evangelist

Modern environments such as Kubernetes and serverless, have made it easy to manage and scale microservices but observability into these environments is still a challenge for DevOps. In this session, we will describe how to use user request flows to build intuition about your architecture and build resilient applications. We will also dive into correlating metrics, events, & logs using distributed tracing, and creating alerts for anomalies detected in your environments.

- PDT
OPEN TALK: Develop Cloud-Native Apps on K8s with Postgres
Adam Wright
Adam Wright
EDB, Senior Product Manager

Kubernetes has become a popular platform among application developers for building cloud-native applications. They value the flexibility to deploy anywhere, automate tasks, and expedite production.

At the same time, PostgreSQL has increasingly become the database of choice among application developers.

For anyone who has deployed or looking to deploy Cloud Native PostgreSQL, a big question is how do I get connected and then how to leverage built-in features.

Join us during this session as we talk about what's next after you have deployed a PostgreSQL cluster using EDB's Kubernetes Operator. Topics on the agenda include an overview of Operator patterns with stateful workloads, what makes up Cloud Native PostgreSQL, tools to benchmark Cloud Native PostgreSQL, What makes PostgreSQL a fit for Kubernetes, PostgreSQL flexible data types, Document databases vs Relational databases, Imperative vs Declarative stateful infrastructure, databases in your CI/CD pipeline, and deploying your application anywhere.

- PDT
OPEN TALK: How to Solve Kubernetes Persistent Storage at Scale and Speed the GitOps Way
Romuald Vandepoel
Romuald Vandepoel
StorageOS, Cloud Solutions Architect

Persistent storage is one of the most difficult challenges to solve for Kubernetes workloads especially when integrating with continuous deployment solutions. The session will provide the audience with an overview of how to address persistent storage for stateful workload the Kubernetes way and how to operationalize with a common CD practice like GitOps

- PDT
OPEN TALK: ArgoCD Autopilot, Straightforward GitOps app Promotion Across Environments
Dan Garfield
Dan Garfield
Codefresh, Chief Open Source Officer

Open GitOps is crystalizing as a standard so how do you actually do it? Codefresh open source engineers recently launched Argo CD Autopilot, an opinionated way to manage applications across environments using GitOps at scale. We’ll bootstrap two clusters, deploy our apps, and promote a change from staging to prod. Easy peazy.

- PDT
OPEN TALK: Unlock Cassandra Data for Application Developers Using GraphQL and REST APIs with Stargate.IO
Cedrick Lunven
Cedrick Lunven
DataStax, Director of Developer Advocacy

Cassandra is an incredibly powerful, scalable and distributed open source database system. Companies with extremely high traffic use it to provide their users with consistent uptime, blazing speed, and a solid framework. However, many developers find Cassandra to be challenging because the configuration can be complex and learning a new query language (CQL) is something they just don't have time to do. Stargate is an OSS multi-model API Data Layer for cloud native databases which sits on top of Cassandra and provides HTTP interfaces to your data - it provides a REST API, a GraphQL API, and a document-oriented Schemaless API. You can install it on top of your own Cassandra instance and participate in the community. During this presentation we will demonstrate and share the purpose, capabilities and internals of Stargate. We also give a working sample as a docker-ready configuration file.


- PDT
OPEN TALK: Introducing The Independent Infrastructure Cloud
Walt Ribeiro
Walt Ribeiro
Vultr, Developer Advocate
David Dymko
David Dymko
Vultr, Technical Lead

As companies transition to hybrid cloud, they are faced with complex decisions about choosing a strategic cloud partner who can support their growth at an affordable cost. Now more than ever, buyers are highly educated about the technology they need to scale their business. That’s why many value a partner who will make decisions that are right for their customers; a partner who’s invested in supporting their growth.

We will discuss how Vultr, the largest privately-owned Global cloud provider outside of the Big 3 Clouds supporting over 1.3 million customers, believes developers and businesses should feel the freedom of the cloud, and be empowered to do what they do best: develop and build a company.

- PDT
OPEN TALK: Check Out Their (Lateral) Moves! The Importance of Blast Radius in DevSecOps
Matt Johnson
Matt Johnson
Palo Alto Networks, Bridgecrew Developer Advocate Lead

I enjoy hacker films as much as the next bloke. Who doesn’t love a flashy NSA login page and some exciting terminal colour schemes? They always forget one thing, however; successful attacks are more like a game of chess with small actions orchestrated together, each bug, CVE and misconfiguration allows another successful move towards checkmate! In this session, we’ll use examples from our own research, highlighting potential attacker kill chains combining minor IaC misconfigurations in dangerous but preventable combinations with known CVE’s. We will also take a look, from a defender’s perspective, providing actionable takeaways your DevOps teams can start doing *today* to turn your security posture up to eleven.

- PDT
OPEN TALK: Improve Cloud Threat Detection and Response Using the MITRE ATT&CK Framework
Daniella Pontes
Daniella Pontes
Sysdig, Security Product Marketing Manager

As cloud threats continue to rise, understanding an adversary's tactics, techniques and procedures (TTPs) is critical to strengthening cloud security. How can you pull together a unified and simple approach to speed up detection and response for your SOC team?

In this session, we will:
-Dive into a comprehensive view of the MITRE ATT&CK for Cloud Matrix
-Explore real attack scenarios and best practices to detect them
-Advise on how to establish a unified threat detection strategy for cloud and containers
-Share how open source tools like Falco provide IDS capabilities for containers

- PDT
Making OSS Vault Highly Available Backed by NFS
Karthikeyan Govindaraj
Karthikeyan Govindaraj
BlackRock, Cloud Native and DevOps Architect

In this session you will get to know how to deploy the Open Source Vault(which cannot be clustered) on top of NFS Backend(Vault doesn't support NFS natively) using Consul and couple of utility tools like Vault Initializer and Vault Load Balancer.

Wednesday, September 15, 2021

- PDT
OPEN TALK: Level up Your Gaming Telemetry Using Kafka Stream
Evan Shortiss
Evan Shortiss
Red Hat, Technical Marketing Manager

Many modern video games are constantly evolving post-release. New maps, game modes, and game balancing adjustments are rolled out, often on a weekly basis. This continuous iteration to improve player engagement and satisfaction requires data-driven decision making based on events and telemetry captured during gameplay, and from community forums and discussions.

In this session you will learn how OpenShift Streams for Apache Kafka and Kafka Streams can be used to analyze real-time events and telemetry reported by a game server, using a practical example that encourages audience participation. Specifically you’ll learn how to:

Provision Kafka clusters on OpenShift Streams for Apache Kafka.

Develop a Java application that uses Kafka Streams and Quarkus to process event data.

Deploy the application locally, or on OpenShift and connect it to your OpenShift Streams for Apache Kafka Cluster.

- PDT
OPEN TALK: Synthetic Monitoring and Single Page Apps: How to Increase Control, Visibility, and Performance
Tetiana Kelly
Tetiana Kelly
Splunk, Developer Advocate
Scott Mason
Scott Mason
Splunk Inc., Technology Advocate

For web developers or SREs leveraging Single Page Applications, client-side rendering can create challenges of control, visibility, and understanding user experience. Modern synthetic monitoring promises deeper understanding and visibility into user experience in pre-production, and after deployment. Join Developer and Technology Advocates Tetiana Kelly and Scott Mason, as they discuss how they leveraged synthetic monitoring to identify performance improvement opportunities for Splunk’s global SPA, The Quest for Observability. From measuring user experiences across geographies, to compression and image optimization opportunities, this talk provides best practices and lessons learned to help engineers deploy better SPAs.

- PDT
OPEN TALK: Open Source or Open Core? What Needs to Be Evaluated Before Diving In.
Anil Inamdar
Anil Inamdar
Instaclustr, VP and Global Head of Data Solutions

Most organizations considering open source and open core cloud technologies understand they need to rigorously evaluate the software’s licensing terms and gauge the long-term health of its community and ecosystem. What still happens less frequently – but is just as crucial to these risk assessments – is developing a thorough understanding of the business models governing the commercial organizations attached to each solution being considered. You must discern the underlying motivations of the vendors or technology providers you depend on to deliver or support open source data-layer software (as well as those vendors with strong influence over its development and maintenance). By acutely understanding these incentives, you can identify if, where, and how they may map to possible risks to your enterprise’s adoption and ongoing open source implementation. Don’t limit the assessment to licenses and community health -- although both are still very key variables.

This session will discuss specifics on what you need to look for and consider when vetting open source technologies in the cloud as offered by:

-- Businesses using OSS as the foundation of their own intellectual property

-- Businesses that maintain total control offer the OSS they offer

-- Major cloud providers

- PDT
OPEN TALK: Solving Multi-Region and Hybrid-Cloud Data Replication with Apache Cassandra™
Aaron Ploetz
Aaron Ploetz
DataStax, NoSQL Engineering Lead

Today's Kubernetes based applications need data services which can meet them where they are: in the cloud. But which ones? It is quickly becoming apparent that a presence in multiple, public clouds is necessary to maintain strategic data agility. However, keeping data highly-available and synchronized across multiple providers can be challenging. In this presentation we'll discuss Apache Cassandra's best-in-class approach to solve this problem, and how it can be leveraged to support multiple distributed use cases.

- PDT
OPEN TALK: Low Latency and High Throughput Chat Moderation on a CPU
Neha Rao
Neha Rao
Stream, Data Scientist

Transformer-based models have been dominant in the NLP landscape due to their state of the art performance on a wide variety of benchmarks and tasks. However, deploying such large models at scale can be quite difficult and costly. Learn about the techniques that we've utilized at Stream to overcome these challenges and moderate real-time chat messages efficiently on relatively inexpensive hardware. While this talk will focus on the BERT and its offshoots, many of these techniques can also be applied to other models.

- PDT
OPEN TALK: Cybersecurity at a Global Scale: Addressing Next Generation Supply Chain Issues in Open Source Ecosystems
Sal Kimmich
Sal Kimmich
Sonatype, Developer Advocate

The landscape of cybersecurity is rapidly changing. Traditional, or “Legacy Attacks” used to target code downstream in open source code running in production, but the next generation of attacks is in manufacturing upstream Typo-squatting campaigns, Malicious Code Injection directly at source and Tool Tampering in development stream, all of which pose risks from the biggest corporations to the smallest hobbyist project as we all rely on the same open source ecosystems to do our work. The reality of the modern development landscape is that in a world of continuous integration and delivery, we have to start thinking about continuous security in open source security. This talk will describe the security taxonomy that offers the ability to detect, report and resolve vulnerability and malware attacks before they make their way into our applications, and to provide actionable recommendations when new vulnerabilities in distributions are surfaced in open source repositories.