Please note this schedule is still tentative. Times will stay as they are but the order of talks may still change a bit.
Get your badges and swag and have a snack while we wait for the conference to start!
Welcome to the DevOps Barcelona Conference!
Over the past 10 years, the DevOps movement has fundamentally changed the way software is built. Nowadays most organisations have adopted a DevOps way of working in varying levels of maturity.
The Three Ways, as defined by Gene Kim, are the 3 principles that underpin the DevOps way of working for any organisation that builds software and IT Systems, but these principles can cross-over in a much wider range of jobs and industries.
In this talk I will walk you through how I apply The Three Ways in my work as Developer Relations & Community Manager, and how you can use it in yours.
Using Terraform is often simple, extending it to do what YOU want, can be challenging (or “impossible”). Want to manage unsupported resources? Maintain lots of resources? Integrate non-integrable? The talk is an advanced guide about HOW to extend, integrate and execute Terraform to get things DONE.
If you’ve been using Terraform just by following the official documentation, you are not getting all from it.
As soon as one cloud provider announces a new service or a feature, you dream that Terraform has zero-day support for it. Well, it is not always like this, and I will show what we can do about it.
Are you using Terraform and keep asking yourself why I should copy-paste so much? What if you need to manage more than a dozen resources with Terraform (e.g., hundreds of GitHub repositories with permissions, or hundreds of IAM users and their permissions)? How can I use Terraform to manage absolutely ANY type of resource? What is beyond Terraform modules? What is a really dynamic module and what Terraform 0.12 will help us with?
Let's see the advanced and very unusual solutions of how Terraform can be extended, integrated, executed, or merely hacked to get the job done with the help of external open-source services and integrations.
See you back at 11.15! Don't forget to visit our sponsors booths
In the life of every organization there are inflection points when processes and tools no longer scale. How do we recognize these points and how can we best prepare for them? More importantly, when should we start generalizing tools into core services, or when do we build entirely new processes and abstractions? While every growth story is different, commonalities do exist.
At Fastly, we built a powerful edge cloud platform, designed from the ground up to be programmable, have real-time visibility, and support agile software development. These POPs, as of September 2019, have 58 TB per second of connected global capacity. This exceptional growth has come with some important, and sometimes difficult, lessons. In this talk I will share our approach to continuously evolve our system pipelines and operational components plus what we learned along the way.
On Adevinta we host several popular websites with several million daily visitors, and we face tons of security attacks every day.
If your company is present on the Internet, and I am sure it is, you also face similar attacks. Maybe you don’t notice already, but sure you do.
We will show you real and curated SQL injection attacks, problems with unexpected open ports and service misconfigurations, big Brute Force attacks on logins, extensive Bots activity everywhere, and cases of Data Leakage from third parties that affected our users.
On tech-conferences we believe we must share our experiences, so you can learn from them and make your platforms more secure.
But we will not tell you the attacks that failed or the silly attacks, we will tell you about the smart attacks that were close to succeed, the ones that succeeded a bit, and the ones that resulted in a face slap.
Free time for lunch! Lots of nice options around the area!
See you back at 14.45! Don't forget to visit our sponsors booths if you want to participate in the raffle
This is the story about how volatile environments and the devops culture fit in a microservices-oriented teams. What did not work, what did. Mistakes and lessons learnt.
Using a kubernetes-based infrastructure, we are going to find out the best ways to set up development environments and how the software ends up in production.
How? From jenkins using the kubernetes client to gitops using flux. Prioritizing individuals and interactions over processes and tools. Finding the best continous deployment strategy. Getting to a common consensus that fits everyone's needs. Let's talk about devops.
You want to migrate your existing application to serverless and you don’t know where to start. This is a common problem that a lot of the architects, CTOs and developers have, as it is very rare that we start a project from a Greenfield.
In this talk I will walk you through different strategies to migrate an existing application to serverless.
We will look at known architectures existing challenges in applications and how we can overcome them with serverless.
And also I will share what I learnt when I worked on the migration of one existing micro services application into serverless.
See you back at 16.45!
Last chance to get all the stickers to participate in the raffle!
With the release of Apache Zookeeper 3.5.5, the first stable release in the 3.5.x branch, the last 20 of May 2019, the door to upgrade Apache Kafka most precious component opened, and this is already there (KAFKA-8634), with the release of Apache Kafka 2.4 a new motore will be available in your Kafka deployment.
This release adds long awaited futures like TLS support and dynamic configuration. In this talk we’re going to live build a secured Apache Kafka cluster (using docker), taking advantage of this upcoming and old futures. All this is going to be available after the talk via a dockerized setup, for the attendance to experiment.
Have you ever been tasked to build an Apache Kafka deployment with security in mind? After this talk you will take home best practises, guidance and recommendations to build the Kafka cluster following up to date security methodologies.
Your company has decided to start migrating to Kubernetes. Exciting! It is time to set up your development environment so you can quickly test your application changes in a real Kubernetes cluster.
But, what should your development environment look like? Should you use minikube? kind? Firekube? Something completely different?
In this demo-led session we will have a look at some of the development tools that help you locally deploy your Kubernetes application as part of your development process. We will show the differences between each tool from a technical and user experience point of view, so you can choose the ones that better fit your use case and company’s needs.
End of the 1st day announcements and raffle time!
According to recent researches, an Elite team is one that deploys several times a day, has a short lead time to ship changes, has a lower change failure rate, and can recover from failures quicker.
Unicorn companies like Netflix, Google, or Amazon are not the only ones with Elite teams. You can be part of one too, but there are certain practices, changes, and commitment from CXOs that need to be in place to see results. Want to learn about how? I’ll share with you how a few tips, concepts, and strategies to succeed in your continuous improvement journey.
Kubernetes, Docker, Cloud, Microservices, or Serverless are just a small part of the formula. It’s not all bout technology, the most difficult change is in the culture and how we do things. More importantly, you need to make decisions based on data, not based on sentiments or hypes.
Come to my session, we’ll have fun and learn from each other.
Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. Anonymity is a broad concept, and it can mean different things to different groups.
The Tor network itself is only a part of what Tor is. Tor provides privacy at the application level through the Tor Browser, and with .onion service Tor allows users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. Using Tor "rendezvous points," other Tor users can connect to these .onion services, formerly known as hidden services, each without knowing the other's network identity.
Because .onion services live on the Tor network, you do not need hosting or a public ip address to offer some service via .onion address. This means .onion services are a gateway to a decentralised, peer-to-peer internet, where you regain control on the content you create and who you are sharing it with. The .onion is hosted on your computer for the time you desire, allowing the people visiting your site to remain anonymous, and also you. We believe anonymity to be very important since it can free people, allowing them to decide how to expose themselves or to make themselves visible on their own terms.
This talk is about creating and running ephemeral .onion services to share websites or simple web applications. We present different use cases for onion services and a wrapper app that allows you to start a .onion and start sharing a static website or a web application.
A crash course in psychology applied to teams. We'll walk through typical team scenarios such as conflicts, misunderstandings, etc and we'll see how most of them come from schemas, stereotypes and biases.
This is not the typical talk where you just sit and listen, we will do a few experiments together.
Cluster orchestrators and schedulers underpin the majority of modern software deployment, and are trusted to manage the uptime and reliability of your applications. These orchestrators are large and complex distributed systems whose failure can cause large scale outages for their users if they fail unexpectedly.
This talk is a look into how cluster orchestrators (specifically HashiCorp Nomad) are designed to be resilient against many modes of failure and how they keep your services running smoothly and safely - and how the Nomad team builds fault tolerance into features through design and into development.
This talk is an introduction to SIEM, the new elastic tool geared toward security information and event management. Elastic SIEM introduces a new set of data integrations for security use cases, and a new dedicated app in Kibana that lets security practitioners investigate and triage common host and network security workflows in a more streamlined way.
As we start to go toward cloud-native infrastructure and build our applications out of microservices, we must fully face the drawbacks and challenges to doing so. Some of these challenges include how to consistently monitor and collect statistics, tracing, and another telemetry, how to add resiliency in the face of unexpected failure, how to do powerful feature routing (ie feature graduation, tap compare) and much more like securing your services correctly.
Service mesh, in general, helps developers solve this in a non-invasive way.
In this session, we'll show how you can take advantage of these capabilities and show you some patterns that you can implement easily with a service mesh to make your delivery to production smoothly and without surprises.
We expect most developers haven't adequately solved for these issues, so we'll take it step by step and build up a strong understanding of Istio and its patterns, harness its power in your production services architecture.
If you follow the trends in web development, you have surely heard of WebAssembly (Wasm). Wasm is supported by all modern browsers, and its growing track of success stories seem to confirm that it will change the web development landscape in the coming years.
But wait, this is a DevOps conference, why should you be interested in a web development tool? Because Wasm is not only for web developers, it's quickly becoming a serious player as a server-side technology.
Wasm is a binary instruction format for a stack-based virtual machine. And Wasm execution environments can include not only browsers but minimal shells, mobiles, desktops and IoT devices.
Tools like Wasmer (a server-side WASM runtime) and WASI (the WebAssembly system interface) allows to run WebAssembly in a fast, scalable, secure way across all machines. It's potential is so high that Solomon Hykes, co-founder of Docker, has said that if WASM+WASI existed in 2008, they wouldn't have needed to build Docker.
In this talk we will take a look at the WASM state in 2020, from a server-side point of view. After a brief introduction to WebAssembly, we will see how Wasmer and WASI allow you to use WASM on any machine, and we will discuss real-life exemples of how WebAssembly is a true alternative as a server-side platform.
Some of the use-cases we will see include a FaaS platform, a server-side platform to compute untrusted code, and some other examples of Wasm replacing traditional virtual machines, containers, and processes.
A walk through the processes, success and failure histories and lessons lernt after migrating and maintaining multiple kubernetes clusters in production environments in high availability with high traffic (quite high) for the last 3 years.
We feel passionated and inspired by everyone in the DevOps community. From the small Open Source Projects to the Big Cloud Players. This Conference is for every SysAdmin, Ops, DevOps, Developer, Manager or Techie who wants to level up. For those teams that want to leave a dent both in their companies and in the community.
We've crafted the best possible DEVOPS conference just for you so you can see the future and get ready before anybody else. We'll gather top-notch speakers and an awesome community eager to share a lot of knowledge. All of this will take place in the very center of the gorgeous city of Barcelona in an excellent venue. What are you waiting for? Go get your tickets!