Thriving in the Cloud with HashiCorp Terraform and Vault

Tampa Bay DevOps

Tampa Bay DevOps will be hosting a meetup event on Terraform and Vault presented by Ray Ploski from HashiCorp. Event will be free and open to the public. Register here.

Tampa Bay DevOps – Thriving in the Cloud with HashiCorp Terraform and Vault | Meetup

Thriving in the Cloud with HashiCorp Terraform and Vault

The move to cloud involves a shift in operating model for infrastructure and security. Traditionally we had a relatively static world of dedicated servers, static IP addresses, and a clear network perimeter. In our new reality, we have ephemeral and elastic pools of infrastructure with dynamic IP addresses, and no clear security perimeter.

Join us as we demonstrate how DevOps can utilize HashiCorp Terraform to spin up resources using Infrastructure as Code in a way that is industry agnostic, that even allows developers to provision their own infrastructure via self-service.

We will also cover how HashiCorp Vault provides a different approach to security to mitigate the concerns of our new world, by focusing on securing infrastructure and application services through a trusted source of identity and secrets management.

Bio: Ray Ploski, Field CTO, HashiCorp, Inc.

For the past 25 years, Ray has been collaborating with companies, governments and other enterprises around the world to adopt and evolve new technologies via people, process, and tools.

He has a granular knowledge of enterprise information technologies, software architecture, application development, and complex systems re-architecture. He is a subject matter expert on Java, cloud-engineering and open-source platforms.

Prior to HashiCorp, Ray led the Application Development Practice at Red Hat, Inc. In that role he helped some of the world’s largest organizations roll out changes throughout the enterprise while adopting best practices with technologies in the local datacenter as well as in the public cloud.

Automate CIS Benchmark Assessment using DevSecOps pipelines

Tampa Bay DevOps DevSecOps

Were kicking off 2021 with a lot of great content and what better topic to start the year off that is aligned to Security. Hope to virtually see you in the New Year.

Event will be virtual and we will be raffling off a $25 gift card to one lucky attendee.

Tampa Bay DevOps Kick Off – Automate CIS Benchmark Assessment Using DevSecOps

Wednesday, Jan 13, 2021, 4:30 PM

Online event
,

33 Members Attending

Were kicking off 2021 with a lot of great content and what better topic to start the year off that is aligned to Security. Hope to virtually see you in the New Year. Event will be virtual and we will be raffling off a $25 gift card to one lucky attendee. Title Automate CIS Benchmark Assessment using DevSecOps pipelines Description In today’s reg…

Check out this Meetup →

Automate CIS Benchmark Assessment using DevSecOps pipelines

Description
In today’s regulatory environment, organizations must stay on top of compliance requirements while modernizing to cloud-native Kubernetes, mitigates against security breaches through continuous automation. Organizations are using Center for Internet Security’s Kubernetes Benchmark for assessments, and that does not need to be a manual process. Building DevSecOps pipelines that assess and remediate is essential for every organization who wants to build security into their DevSecOps CI/CD pipelines.

Speaker
Michael Fraser is the co-founder, CEO and chief architect at Refactr. Mike started his career in the United States Air Force working on F-15 fighter jets weapon systems and later as a cybersecurity engineer. While on active duty, Mike started his first company when he was 19 years old; a retail computer repair store. Mike has since founded multiple tech companies and is a regular speaker at numerous industry events, including CRN, various Microsoft events, RedHatAnsibleFest, DevOps Days, and All Day DevOps. He has published several feature articles including in Redmond Channel Partners, and appeared on the cover of Channel Pro Magazine. Mike aspires to be the world’s coolest dad for his 5-year-old autistic daughter. In his spare time, he is creating an augmented reality app to help autistic children communicate better in social situations. Mike earned a bachelor’s degree in application development from North Seattle College and has a master’s degree in computer science from Seattle University.

New Tools and Enhancements for DevOps from re:Invent including DevOps Guru, CodeGuru and More.

December 9th 4:30 PM EST Tampa Bay DevOps Meetup hosted it final event for 2020. We covered the new Amazon DevOps Guru and new enhancements to Code Guru. Check out our replay and deck attached below.

Special thanks to Nikung Vaidya and Sam Chon for proving a great presentation!

Deck

re:Invent New DevOps Capabilities including DevOps Guru, CodeGuru and More.

Wednesday, Dec 9, 2020, 4:30 PM

Online event
,

66 Members Went

Update 12/7…. will also be covering the new #DevOps Guru! Happy to announce for this meeting we will have two AWS experts discuss New Tools and Enhancements for DevOps from re:Invent including CodeGuru and More. Many of them I am not able to share now as they are not yet announced. The one we can mention is CodeGuru: Drive Speed and Quality into …

Check out this Meetup →

Speakers:
Nikunj Vaiday – Sr Solution Architect DevOps
Sam Chon – Business Development

Additional Resources:

LinkedIn Page: https://www.linkedin.com/company/40678542
Twitter: https://twitter.com/tampabaydevops

DevOps Patterns and Antipatterns for Continuous Software Updates

DevOps Patterns and Antipatterns for Continuous Software Updates
So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possibly go wrong?

Deck: https://jfrog.com/shownotes/

In this talk, we’ll analyze real-world software update fails and how multiple DevOps patterns, that fit a variety of scenarios, could have saved the developers. Manually making sure that everything works before sending an update and expecting the user to do acceptance tests before they update is most definitely not on the list of such patterns.

Join us for some awesome and scary continuous update horror stories and some obvious (and some not so obvious) proven ideas for improvement and best practices you can start following tomorrow.

This talk is a collection of failure stories about software updates with advice on how to prevent those in your systems. As usual with epic failures talks, it’s educational and a lot of fun.

We’ll start by reviewing what are the driving forces behind software updates, how do we update, and why some update multiple times a day while others only update once a year. We’ll continue to review some of the epic fails, including Google WiFi, Knight Capital, CloudFlare, Jaguar and others. The patterns we are going to suggest are Canary Deployments, Observability, Local rollbacks, Feature Flags, and others.

Baruch Sadogursky
Head of DevOps Advocacy @jfrog
Baruch Sadogursky (a.k.a JBaruch) is the Head of DevOps Advocacy and a Developer Advocate at JFrog. His passion is speaking about technology. Well, speaking in general, but doing it about technology makes him look smart, and 19 years of hi-tech experience sure helps. When he’s not on stage (or on a plane to get there), he learns about technology, people and how they work, or more precisely, don’t work together.

He is a co-author of the Liquid Software book, a CNCF ambassador and a passionate conference speaker on DevOps, DevSecOps, digital transformation, containers and cloud-native, artifact management and other topics, and is a regular at the industry’s most prestigious events including KubeCon, DockerCon, Devoxx, DevOps Days, OSCON, Qcon, JavaOne and many others. You can see some of his talks at jfrog.com/shownotes

DevOps Patterns and Antipatterns for Continuous Software Updates

Wednesday, Oct 14, 2020, 5:30 PM

Online event
,

67 Members Went

Virtual Event Join us for our October event, JFrog to give away an Amazon Echo Dot and a few T-Shirts. DevOps Patterns and Antipatterns for Continuous Software Updates So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possib…

Check out this Meetup →

Test Driven Development with Molecule / Docker / Ansible

Molecule is a project that provides support to run multiple instances using different provides like Vagrant (Virtualbox, VMware), Docker, Cloud Instances and others; also with great test frameworks mostly for IT such Testinfra or Inspec as well as lint tools to validate the quality syntax of the roles.
Using this project, I will be talking about:
1. What are the requirement to get molecule working in a development environment?
2. Brief description on molecule structure and its integration with Ansible, Docker and Testinfra.
3. How to encourage Dev-Ops to create new ansible roles with a TDD mindset ?
4. Doing a demo of molecule commands and role creation from scratch.
5. All questions and interruptions are more than welcome to create a more interactive presentation and social environment rather than just a single-present-voice-with-accent.

Roberto Cardenas, Bachelor in Computer Sciences in 2009 and came from a Developer background with C++, C#, Java, Python, and Ruby. Started the DevOps career path in 2013 working Ansible, Docker, Chef, Jenkins, Powershell, BDD/TDD mindset with Cucumber Java, and Ruby.

Love any automation challenge with any tool in any environment. In my free time, I do sky diving, scuba diving, or any adventure with my family.

Upcoming event on Tampa Bay DevOps.

Tampa Bay DevOps

Tampa, FL
1,476 Members

This is a group for anyone interested in learning and sharing how DevOps can transform all aspects of technology innovation in a continual and sustainable manner within in an …

Next Meetup

DevOpsDays Tampa Bay 2020

Friday, Oct 2, 2020, 8:00 AM
17 Attending

Check out this Meetup Group →

follow on twitter https://twitter.com/jmgress

follow on LinkedIn https://www.linkedin.com/company/tampabaydevops

Amazon DevOps Yesterday Today Tomorrow Transformation Story

Kelly’s talk with our Tampa Bay DevOps group covered Amazon DevOps yesterday, today and tomorrow. First, Amazon’s transformation from technology organization built on a monolith application into one composed of hundreds of independent teams building microservices end-to-end. All a decade before DevOps or microservices were really coined as industry buzzwords. 2nd Kelly discusses how AWS customers use the Cloud to modernize themselves at a much faster pace than was thought possible in the past. Finally, Kelly talked about the future of DevOps and special challenges presented by modern applications and what NextOps will look like.

Kelly is a 30+ year veteran in the software development arena. He has built software in everything from assembly language to Smalltalk, Unix/C, and to Kubernetes and Lambda. He has taken an abiding interest in improving organization’s software delivery from Agile, to DevOps, to Serverless and NextOps.

Kelly has been lucky enough to work directly with luminaries such as Kent Beck, Jez Humble, Damon Edwards, Craig Larman, Kenny Rubin, and Dick Gabriel. He has worked in successful startups (ParcPlace, Activerse, Skytap) and consulted (Thoughtworks, CAP Gemini, BAH) with all types of organizations in a variety of industries. At AWS, Kelly works with partners in the DevOps space to help solve customer problems and set the stage for modern high velocity, extra stable, and secure systems.

Tampa Bay DevOps

Tampa, FL
1,452 Members

This is a group for anyone interested in learning and sharing how DevOps can transform all aspects of technology innovation in a continual and sustainable manner within in an …

Next Meetup

Cyber Security Summit – Tampa

Tuesday, Jul 28, 2020, 8:00 AM
29 Attending

Check out this Meetup Group →

Follow me on Twitter… https://twitter.com/jmgress

Enterprise Source Control Management Repository Conversions

source control

Moving a repository to a new source control management system can be challenging in an enterprise environment. For the novice it might seem simple, just copy the files from one system to another and “bam” it’s done. However most projects in an enterprise are constantly being updated and making changes to these process can feel like trying to change a car tire while the car is still moving. In my career I have done this with many different types of source control system from centralized to distributed. Here are some focus areas and an approach to converting them successfully.

In this post will be from the perspective of going to a git based system. Git has been around for over a decade and is the most popular one out today and many companies have written applications that will help you manage git repositories.

Tool Selection – Select the new source control system and insure it will work for your development process. Some considerations, market adoption as it will have the most support and to be able find talent that already knows the process and organizations strategic direction as this can streamline support and procurement. Generally trying to find that obscure tool with that one or two special features that you cant get support for down the road will cause grief down the road.

Select Branching Strategy – This is generally not a hard process and git flow is what most folks recommend, however some systems especially COTS systems need some modification to this strategy. You may also want to insure things like generated files that can’t not be merged with previous version are properly handled.

Define Access Management – Access management is very important to define upfront as some branches you will want to restrict to the development team and only updatable via pull request and review processes. Start this list early on and figure out a good process. Most times and Admin\Developer\User approach works well but you may have other considerations.

History Migration Approach – By far the easiest choice is to not move history as you will likely not have to rely on it and can always retain access to the old system for a period of time. Being in the business for over 27 years, every request to get access to code that was over a year old has never been re-implemented in production. If this is a problem area for you looking a feature flags might be a better option that re implementing old code. If your working with a team that insists on history or need it for regularity purposes, there are many conversion programs that will assist in this. Plan on adding some time for this during your conversion process.

Define verification process for conversion – During this conversion you will want to do a bit of clean up that is listed below and with these types of changes, being able to define the “test” to insure your not going to disrupt the existing processes is needed.

Removing binaries and executable – Garbage can collect in existing repositories. Most of the time it is binaries for either to setup environment, dependencies, and generated binaries. None of these should exist in a git repository they will cause your repo to explode in size and significantly slow down the cloning process. These need to be move to an artifact repository to be managed.

Technical Debt Removal – Other things like old project files that are no longer being used should also be removed to reduce the overall technical dept in the system. If you have high technical dept that will require significant code changes, you may want to break this off into it’s own effort. For an SCM conversion there is likely some low hanging things that can be done quickly and make a big impact.

Identify current connections to existing SCM systems – It is likely that you will have something connecting to the old repositories and will need to be moved over to the new system. These should be identified and added to the plan to be moved during conversion.

Scanning for Secrets in existing repository – One of the most important things not to overlook is scanning for secrets in the existing repo and insuring they do not get moved to the new system. A big consideration is that repos are designed to hold all history, so moving then cleaning is not a good idea. Better to clean up in place or before the very first commit into the new system. There are many bots that exist just looking for this type of thing and can be damaging to the organization if discovered. Don’t skip this step!

Training – This should be done in at least two phases. It is a good idea to get a few selected team members them test and walk though the process and really think about how these things will affect the development process for the team. You maybe surprised at some of the things you discover from getting feedback in this way. Additionally doing team wide training is critical. Even if the folks know or have familiarity with the new system because of the changes made to the repo and process, having a clear definition of the new way it will work is critical.

Preform test migration – Testing the migration is an important step, this will flush out and insure your defined process is working properly. Also by reviewing it with select members and architects on the team additional finding will make the conversion better and have a cleaner repo in the end.

Perform actual migration – Most teams can not disrupt the value to be business by stopping feature development. It is a good idea to plan for an outage that is the least disruptive. With all the prep done above this should be a smooth process. During this migration applying the permission and governance and moving the existing connection to the new SCM should be done.

Old repository retention and destruction process – Some factors to retire your old systems could be continued licensing, regulatory requirements, possibility of PII or secrets in old code, or even having it around contributing to process and technical debt to the system. Pick a plan and reminder to have it reviewed.

follow me: https://twitter.com/jmgress

ATDA Acceptance Test Driven Automation

Nikolay from SauceLabs presents Insanely Easy Framework Design with Acceptance Test Driven Automation at Tampa Bay DevOps

Acceptance Test Driven Automation (ATDA) is a test automation activity to help an individual develop a production quality, test automation framework, in under 45 min. ATDA iterates through 3 phases of development to produce a robust automation framework in lightning time.

Nikolay Advolodkin begins the presentation by showing what ATDA is and how it can help to overcome the challenges of framework development. After a theoretical overview, jumps on the keyboard and code live to create an automation framework using this methodology.
As the presentation progresses, applies each step of ATDA through code and explains it to the audience.

At the end of the presentation, the individual will have a complete paradigm shift into how easy it can be to create an automation framework using ATDA. Ultimately, changing their test automation quality forever.

Author
@Nikolay_A00
Nikolay Advolodkin is a Sr Solution Architect at Sauce Labs. He has an extensive background in software testing, quality assurance and test automation as the owner of UltimateQA.com, a training site full of videos and resources covering the gamut of testing topics and technologies. Nikolay has taught more than 50,000 students in over 120 countries about test automation. He is a frequent contributor to open source and was selected as one of the top automation engineers in the world three years in a row by TechBeacon.com.

Join us for more session at Tampa Bay DevOps

Tampa Bay DevOps

Tampa, FL
1,452 Members

This is a group for anyone interested in learning and sharing how DevOps can transform all aspects of technology innovation in a continual and sustainable manner within in an …

Next Meetup

Cyber Security Summit – Tampa

Tuesday, Jul 28, 2020, 8:00 AM
29 Attending

Check out this Meetup Group →

Feature Flags – Deploy More Feature More Frequently, With Less Risk

Grigory Avsyuk presented a topic on feature flags titled Deploy More Features More Frequently, With Less Risk at Tampa Bay DevOps

Deploy More Features More Frequently, With Less Risk Software developers need a new set of tools that are specifically designed for continuous delivery. What if you could “decouple” the act of delivering software from the act of releasing features? What if you could deploy any time and release features only when you’re ready? Imagine if you could know how each new feature will perform in production, turn off misbehaving features, or measure impact of each feature change? It’s more important than ever to drive digital innovation with security and stability. Feature management enables businesses to dynamically control availability of application features to end users. In this virtual DevOps Meetup, learn how product teams move faster with less risk — delivering new code and features to end users, run experiments, innovate and customize end user experience while the application running!

Grigory Avsyuk, https://www.linkedin.com/in/grigory-a…
Grigory is a Software Delivery Advocate for CloudBees. He currently educates Fortune 1000 Enteprrise development & product teams on the technical and business benefits of feature management. A graduate of RPI, Gregory has worked as a software developer for almost a decade. He has worked on many web development projects, big data enterprise solutions, projects to modernize development, containers, CI/CD pipelines, and coding best practices.

More from Tampa Bay Devops and upcoming sessions can be found here.

Tampa Bay DevOps

Tampa, FL
1,452 Members

This is a group for anyone interested in learning and sharing how DevOps can transform all aspects of technology innovation in a continual and sustainable manner within in an …

Next Meetup

Cyber Security Summit – Tampa

Tuesday, Jul 28, 2020, 8:00 AM
29 Attending

Check out this Meetup Group →