DevOps Days Podcast

Aug 04 2019 5.1k

Audio recordings of DevOpsDays conferences (http://devopsdays.org).
















DevOps Days DC - 2018 - If you can polyfill for Internet Explorer, you can optimize for a screenreader.
Aug 13 2018 34 mins  
As developers, we take great pains to make our applications accessible to users on a range of devices and browsers. There are more adults with disabilities in the US than there are users of Internet Explorer. So why do we spend more time worrying about polyfills for out-dated browsers than we do on ensuring the accessibility of our applications for users of all ability levels? This talk will emphasize the importance of incorporating accessibility best practices throughout our design and development workflow. Simulated experiences of engaging with inaccessible software will provide insight into the realities that millions of users face day to day. Drawing on recommendations from the Department of Justice, we will discuss action steps for evaluating and improving the accessibility of software. Meg is a science and technology educator turned software engineer working in Washington, DC. She approaches new technologies with curiosity and confidence, building on her interdisciplinary education and experiences. These range from making technology decisions in the non-profit and education sectors to engineering full-stack solutions in a number of programming languages and frameworks. Her interest in accessible development begin with work as a blended learning instructor developing original digital content for a diverse youth audience. Kim is an attorney and disability rights advocate. Her interest in accessible technology stems from her own vision impairment and her use of assistive software on a daily basis. In her career she has worked in various disability policy areas including housing rights and access to reasonable accommodations in employment. Kim has dedicated her career to the full inclusion of people with all types of disabilities.


DevOps Days DC - 2018 - DevOps for AI
Aug 13 2018 4 mins  
Today--Incorporating AI into applications is as easy as a single API call. Once imbued with AI, these transformed applications can improve over time as they learn from user interactions. How do we manage these new learning systems to ensure that they take advantage of all available information while maintaining accuracy and minimizing bias? This talk will discuss common problems encountered when designing and implementing AI systems and how DevOps practices can be used to address these issues. DevOps practitioners will learn the relevance of their skillset and practices to the rapidly evolving AI domain. The problem of properly managing AI applications and their underlying models is not trivial. Michael Flores is an Architect on the Strategy and Technology Team in IBM’s Federal Chief Technology Office. He has helped numerous agencies use Cloud, Artificial Intelligence(AI), Robotics, and DevOps through the adoption of open standards such as Cloud Foundry, Docker, and OpenWhisk. Michael represents IBM in The Open Group as chair of the Open Platform 3.0™ Forum, where he collaborates with other industry leaders to develop standards for modern technologies to support global interoperability and boundaryless information flow. Michael has extensive development, design, and architecture experience across a variety of technologies and has implemented numerous chatbots and AI driven solutions through various channels including web, SMS, and robots. Michael received an undergraduate degree in Bioinformatics from Baylor University and holds a patent for dynamic customization of reference architectures. His capstone project at Baylor focused on crawling heterogenous data sources to create knowledge graphs to aid PTSD research.


DevOps Days DC - 2018 - DevOps in Politics
Aug 13 2018 25 mins  
Working technology for a political campaign involves the shortest timelines, tightest deadlines, and highest stakes you will likely ever encounter in a technology career. Come hear a tale of two political campaigns - a state measure campaign and a presidential campaign - and the application of both DevOps technologies and culture to move fast, pivot quickly, and hopefully win. One of the key challenges of politics - as well as DevOps in general - is harnessing automation without losing the critical human touch which moves hearts and changes minds. Learn how to find the line where too much automation (yes, there is such a thing) is counterproductive and you need to pull back to maintain a personal connection with voters, customers, employees, and more. You will also walk away knowing how to take the lessons and experience learned to future campaigns and projects - especially when your candidate, product, etc. does not end up winning. There is value - sometimes more value - in a loss as well as a win. Learn how to take what you can, iterate, and refine it for a future application. Nell Shamrell-Harrington is a Software Development Engineer at Chef, focusing on the Habitat open source product. She is also CTO of Operation Code - a non-profit dedicated to teaching software engineer skills to Veterans that heavily creates and uses open source. Additionally, she is a technology volunteer for multiple political campaigns. She specializes in Chef, Ruby, Rails, Rust, DevOps, and Regular Expressions and has traveled the world speaking on these topics. Prior to entering the world of software development, she studied and worked in the field of Theatre.



















Build - Test - Monitor: Microservice Monitoring for Developers on a CaaS Platform - DevOpsDays DC - 2017
Sep 01 2017 21 mins  
For the past two years my team and I worked with a large federal agency to deploy & migrate to a new container-as-a-service platform based on Docker. The migration has enabled development teams to isolate components of their code for faster, more reliable development. But, we also saw that the additional tooling - such as monitoring technology - supporting these services doesn’t yet map to the model that developers need to efficiently monitor their own services. In essence, the Develop-Test-Monitor loop is still broken for modern environments. So how do you fix it? This presentation is based on my real-world experience with container platforms. Based on this work, I’ll address: How do you effectively instrument your systems, without pushing too much burden on to developers? How do you isolate data, dashboards, and alerts in a way that improves security while simplifying analysis? What can you do to give developers deep information when troubleshooting, without giving them the keys to the kingdom? How do you facilitate data-driven conversations among your developers and ops teams? If you attend this talk, you’ll walk away with tested, practical ideas that will help your teams become more self-sufficient, improve data-driven conversations among your teams, and evolve your monitoring infrastructure to work more effectively with your CaaS platform.





DevOps: Lessons Learned From Detroit To Deming - DevOpsDays DC - 2017
Sep 01 2017 30 mins  
In 1982, the city of Detroit saw 15,000 vehicles roll of its production lines every day. To achieve this goal, Detroit's line workers were being measured on velocity, often at the expense of quality. At the same time, auto workers in Japan -- applying lessons from W. Edwards Deming -- were implementing new supply chain management practices which enabled them to manufacture higher quality vehicles, for less cost, at higher velocity. As a result, from 1962 to 1982, the Detroit auto industry lost 20% of its domestic market to Japan. The parallels between the auto industry of 35 years ago and software development practices in place today are remarkable. DevOps teams around the world are consuming billions of open source components and containerized applications to improve productivity at a massive scale. The good news: they are accelerating time to market. The bad news: many of the components and containers they are using are fraught with defects including critical security vulnerabilities. This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 2017 State of the Software Supply Chain Report -- a blend of public and proprietary data with expert research and analysis. The presentation will also reveal findings from the 2017 DevSecOps Community survey where over 2,000 professionals shared their experiences blending DevOps and security practices together. Throughout the discussion, I will share lessons that Deming employed decades ago to help us accelerate adoption of the right DevSecOps culture, practices, and measures today. Attendees in this session will learn: What our analysis of 60,000 applications reveals about the quality and security of software built with open source components How organizations like PayPal, Intuit, Fannie Mae and the Department of Defense are utilizing the DevOps principles of software supply chain automation Why avoiding open source components and containers over 3 years old might be a really good idea How to balance the need for speed with quality and security -- early in the development lifecycle Attend this session and leverage the insights to understand how your organization's application DevOpsSec practices compare to others. We'll share the industry benchmarks to take back and discuss with your DevOps, development and security teams.








2015 - DevOpsDays Minneapolis - Cheffing Etsy: Do too many cooks really spoil the soup?
Nov 10 2015 39 mins  
It's an oft-quoted adage that too many cooks spoil the soup. But is this always true? At Etsy, we have roughly 40 Ops and Developers making upwards of 20 or 30 Chef changes per day. In this talk, I'll look at the tools, techniques and workflows we leverage to enable tens of people spread across teams, timezones and even countries to work together to continuously deliver Chef changes with nearly the same frequency we ship code. Although the specific tooling discussed in this talk is designed to work with Chef, many of the techniques and practices I'll talk about are applicable to many other engineering disciplines - the importance of communication and visibility in a Continuously Delivered world, the importance of testing and metrics, and optimising your workflows to remove friction and enable agility while also satisfying the requirements of your stakeholders. This talk will break down roughly as follows: • A quick summary of Chef at Etsy - what we use it for, a quick guide to our workflow, and how we think about Chef changes internally• Tooling & Workflows - the tools and practices we use to deliver our Chef changes, and how we monitor and test our changes.• The roadbumps we've encountered along the way as we've scaled and evolved our usage of Chef and what we've done to solve those problems• What next? We're not perfect, and we never stop iterating and improving our workflows. What are the pain points we're experiencing currently, and how are we looking to solve them?











2015 - DevOpsDays Minneapolis - DevOps in the Public Sector
Nov 09 2015 32 mins  
The IT community in the public sector has a sizeable, but frequently forgotten influence on peoples lives. Have you tried to renew a license plate online recently? How about navigated https://www.healthcare.gov/ to get health insurance? Used online learning tools for a public educational institution? Have any of these experiences been pleasant, or what you would expect from a well run modern website? These websites are your tax dollars at work. Are there reasons why we maybe aren't seeing the cultural ideas of DevOps reaching public sector IT shops as quickly? Public sector organizations differ greatly from private sector organizations with regards to structure, motivations and funding. Other factors such as government mandates for the existence of these organizations, tenured employees and reliance on antiquated domain specific applications can exacerbate the issues caused by these differences. In the past year or so, we've seen how the discussions around DevOps in enterprise organizations have opened up discussion of many of these cultural ideas to more traditional corporate settings. For DevOps ideas to gain influence the thousands of public sector IT workers, we need to recognize that they too have a separate subset of problems and challenges and start a conversation about how to tackle these issues. This talk will seek to begin that conversation, explain some of the cultural differences between the public and private sectors, explain some of the challenges the public sector faces when trying to break down silos and explain why and how we should evangelize to public sector employees.





















2015 - DevOpsDays Singapore - Agile Service Provider (Telco) Transformation: What does it take to be Agile?
Oct 30 2015 29 mins  
As service providers(Telco's) begin to transform their business to embrace Virtualization & Cloud ( ie SDN & NFV) their network operations/service delivery teams needs to evolve. While Virtualization & Cloud make it easy to rapidly expand the size of infrastructure, but the habits and practices they used in the past with hardware-based infrastructure don't keep up. The Network operations teams need to adopt IT’s DevOps practices to maximize the potential benefits of the evolving software-defined infrastructure. This includes adopting new tools that enhance agility, implementing agile operational and organizational models and procedures, and in some cases adopting a new culture. The benefits of such an approach are compelling: lower costs and increased agility, including the ability to implement new services in days rather than weeks or months In this session, we will look at how to take advantage of technologies like cloud, virtualization, and configuration automation to manage IT infrastructure using patterns, practices, and ideas that have been adopted from software development, especially Agile concepts, and brought into the Network Operations world as part of the DevOps movement. Also, we will also go through the challenges and problems created by all these new tools, and the principles and mindset changes that a team needs to make to use them effectively.






























































2015 - DevOpsDays Pittsburgh - Application Orchestration with Kubernetes
Sep 29 2015 16 mins  
How to take an app from your laptop to production utilizing the future of container orchestration. It’s difficult to say with confidence that your app will work in production without testing it, many people today have very complex scripts which out outline deployment, testing and validation, and often rely on late night pager calls and very brittle rollback scenarios. Additionally, developers struggle with developing software on different platforms and SDK versions that are hard to make consistent which results in different builds and exceptions which are hard to resolve. We can finally stop saying, 'it works on my machine' phrase since it will work the same on every machine. Other processes in the past have attempted to solve the problem but are brittle and take time to build out environments. This talk will outline the process of how to deploy an app locally in docker-compose, then scale it out to multiple servers running Kubernetes. From there, the audience will see how to scale the app to achieve performance, manage failures, debug, and understand best practices. Containers are a great way to package, build, run and deploy apps and Docker has make that practice very simple, however, it’s only really works well on a single host. With the learnings from Google, Kubernetes is the open source container orchestration offering which builds on Google's current infrastructure learnings that we all can use in an Open Source model.




2015 - DevOpsDays Pittsburgh - The Incredible Shrinking Operating System!
Sep 29 2015 22 mins  
Operating Systems. Where did they come from? Did your customer ask for one? Why do you bother with them at all? Operating systems have traditionally played an enormous part in software development and operations. Most of us would find it difficult to imagine computing without one. They are certainly a source of religious contention. Operating systems represent a maintenance and security burden; they have long been viewed by many as a necessary evil. They often bring more bulk and complexity than the systems we are producing; particularly in the case of microservices. They complicate security, greatly increasing the attack surface, and they require a significant expense and effort to maintain. But generally, operating systems are assumed to be required and we seldom consider a service environment without them. How well do you really even know what you're deploying when an OS is involved? Operating systems introduce variation into a development workflow that can be difficult to manage. On a dev team, each individual's computing environment tends to stray apart. This divergence is a primary cause of Works-on-my-box syndrome. Things such as VM, libraries and general configuration are a source of drift. Unless your product is, itself, an operating system, your customer is not generally concerned about your OS. A great deal of effort and expense goes to the operating system, without any direct ROI. We will take a look at the ways emerging technologies will help you to reduce the liability of operating systems. We will consider how the minimization, or even elimination, of the operating system impacts development workflow; for better or worse. What would a CD pipeline look like? In particular, we would like to consider ways in which containers and unikernels or anykernels complement and can be used in combination.








2015 - DevOpsDays DC - 28 - Consumer to Collaborator: Re-imaging the US Government's role in Open Source
Sep 05 2015
Government agencies are often hesitant to use open source tools out of concerns of security and compliance issues. This hesitancy to use open source deprives many government agencies from closely collaborating with others to create software that is finely tuned and widely available to scratch its own itch. The five-year old OpenSCAP community is helping to change that and re-imagining the US Governments role in open source through its NIST-Certified SCAP 1.2 scanning software and growing body of open source licensed SCAP content. By the OpenSCAP suite scanning and configuration management tools, government agencies looking to become high velocity organizations can automate the cumbersome process certifying a server has been properly hardened for production and begin to develop community resources for hardening of other popular open source tools. The OpenSCAP community is actively developing suite of software tools to make continuous monitoring in agile environments easier, especially for developers, who often do not realize they could be scanning their systems more collaboratively with Ops. OpenSCAP is not merely a secure piece of open source software, it is software that helps demonstrate security and compliance. The SCAP-Security-Guide Project is the only source of official configuration management SCAP and hardening content for Linux that is licensed open source and also directly reviewed by official government agencies. Initially started (and still significantly funded) by Red Hat, the OpenSCAP project has recently moved it's repository from the the Fedora Project to GitHub and has seen an increase in the pace of development.









































No review available yet...