Agile + DevOps East 2019 - DevOps Automation | TechWell

Agile + DevOps East 2019 - DevOps Automation

Monday, November 4

Danilo Sato
ThoughtWorks
MA

Continuous Delivery in Practice: A Hands-On DevOps Workshop

Add to calendar
Monday, November 4, 2019 - 8:30am to 4:30pm

For many organizations, delivering software into production has become increasingly more complex with long testing cycles and a division between development and operations teams. DevOps is a cultural movement that is breaking down those barriers. Focusing on automation, collaboration, tools, and knowledge sharing, DevOps is showing that developers and system engineers have much to learn from each other. Through a series of hands-on exercises, Danilo Sato will use a sample web application to demonstrate how to automate its build and deployment pipeline, using infrastructure and pipeline as...

Melissa Benua
mParticle
MI

Continuous Testing with Containers

Preview New
Add to calendar
Monday, November 4, 2019 - 1:00pm to 4:30pm

Containers. Every manager thinks they want them, but few teams have experience in knowing what to DO with them. Used thoughtfully, containerization of your services can transform the way your organization thinks about testing. Gone can be the days of maintaining X different compute environments with Y different configurations. Imagine instead spinning up just the code you need, on the machine type it needs, and only for as long as you need it. In this technical training, Melissa will walk through what containerization means for a legacy code base attempting to practice continuous...

Wednesday, November 6

Blaine Carter
Oracle
AW14

DevOps Tools for Database Developers

Add to calendar
Wednesday, November 6, 2019 - 11:45am to 12:45pm

You're thinking about modernizing your database development process ... someday. You have directories full of SQL files you use to build your application. You know unit tests should be included as part of your build process, and you are going to start adding them ... maybe next week. Does this sound like you? If you think modernizing your dev process will be difficult, time-consuming, and expensive, you may be surprised at how easy and cost-effective it is to get started. Blaine Carter will explore how to manage your database application in a continuous development pipeline. He will talk...

Peter Varhol
Technology Strategy Research
Gerie_Owen
Technology Strategy Research
AW20

Testing Serverless Applications

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

Serverless cloud applications are rapidly moving into the mainstream. In this model, teams focus on developing and deploying code on a known technology stack and runtime, with fixed interfaces for application, database, and network. It offers the advantage of lower costs, faster development, and elastic growth. But testing serverless applications also brings significant challenges to testers. Because the stack is maintained by the cloud provider, it is updated with new versions and security patches on a regular basis. Testers have to continuously test the stack interfaces to make sure that...

Sean Miller
Capital One
Suresh Chellapilla
Capital One
AW21

You Build It, You Own It!

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

The days of writing software and throwing it over the proverbial wall to operations and production support teams are over. It’s time we, as software development teams, become more accountable and take pride and ownership in what we do. The results will be better transparency, more autonomy, and reduced risk (among other things). Join Sean and Suresh as they walk through how Capital One tackled one particular project by leveraging DevOps and forming their "you build it, you own it" principles. You'll gain a better understanding of how to improve quality within your agile teams and how to...

Tom Stiehm
Coveros, Inc.
AW22

Shifting Security Left: The Innovation of DevSecOps

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

DevSecOps uses application security practices that have existed for a while. The innovation of DevSecOps is incorporating security into the daily workflow of the team rather than leaving it to the end, shifting security left by automating aspects of security testing. DevSecOps leverages DevOps practices to make application security a first-class citizen in the practices of modern software development. But that requires a culture change: DevSecOps starts before the code is even written, using techniques like threat modeling and risk analysis to figure out who will attack you and how. Come...

Michelle Hodges
Red Ventures
AW23

Wage Your Bets: Microservice, Monolith, or Serverless

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

Microservice, Monolith, and Serverless are some of the three architectural styles that have recently gained popularity. Some engineers swear one over the other, but in reality, there is no black and white: there are advantages and disadvantages, depending on each use case. For example, if the flow of your services are dependent on another and each service doesn’t need to scale independently, is it worth increasing the development power it needs to maintain infrastructure? In this talk, Michelle Hodges will provide the pros and cons of going one way versus another, providing real life...

Helen J Beal
Ranger4
Guy Herbert
Atlassian
AW24

DevOps Panel: Compliance While Moving Faster

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

Do you want to move at the speed of DevOps, but need to show compliance to your organization, a governing body, or through regulation? Are you already struggling with compliance and want to know how DevOps could help? Come listen to our panelists as they answer questions about compliance and security in DevOps without slowing down. This panel is looking to answer your questions about all things Compliance, so be ready to participate.

Thursday, November 7

Matty Stratton
PagerDuty
AT6

The Psychology of Chaos Engineering

Add to calendar
Thursday, November 7, 2019 - 10:00am to 11:00am

Chaos engineering, failure injection, and similar practices have verified benefits to the resilience of systems and infrastructure. But can they provide similar resilience to teams and people? What are the effects and impacts on the humans involved in the systems? This talk will delve into both positive and negative outcomes for all the groups of people involved, including users, engineers, product owners, and business owners. Using case studies from organizations where chaos engineering has been implemented, Matty Stratton will explore the changes in attitude that these practices create,...

Pierre Vincent
Poppulo
AT7

Changing Tires on a Moving Car: A Journey to Zero-Downtime Deployments

Add to calendar
Thursday, November 7, 2019 - 10:00am to 11:00am

Applications built over the years carry historical design assumptions, such as that a few hours of downtime for maintenance upgrades every six months is acceptable. Today, embracing continuous delivery practices means more frequent releases, which means more downtime. This is the problem Poppulo faced and successfully overcame, going from monthly deployments with a couple of hours of downtime to zero-downtime deployments on demand. Pierre Vincent will show that by mapping out a deployment process, it becomes possible to progressively reduce its impact on users. He will also give practical...

Ryan Ripley
Independent Consultant
AT8

Fishbowl: Liberating Structures

Add to calendar
Thursday, November 7, 2019 - 10:00am to 11:00am

Liberating structures offer a revolutionary solution to collaboration in groups by using a handful of simple rules to unleash and involve everyone, enabling groups of any size to work at the top of their intelligence. Discuss them with peers and experts in this fishbowl discussion, where the audience members sit in a circle of chairs in the middle of the room. Several brave souls will fill all but one of the chairs in the "fishbowl." When you want to join as a speaker, you enter the fishbowl and sit in the empty chair, and one of the other speakers will voluntarily leave so that one chair...

Tim_Guay
AgileWorks
AT15

A Fool with a Tool: The Dangers of Ignoring Culture by Overfocusing on Tools

Preview
Add to calendar
Thursday, November 7, 2019 - 11:30am to 12:30pm

Many organizations ignore culture and overfocus on picking and implementing the right tools. However, these tools have underlying cultural assumptions. If the current culture does not support these assumptions, then automation will only have limited success, or even fail altogether. So how do you address this problem? By recognizing that overfocusing on tools is a problem in the first place. Start by understanding the cultural assumptions supporting the optimum use of the tools, as well as how your organization measures up in relation to high-performing organizations. Finally,...

Owen Gotimer
TechWell
AT16

A DevOps Fireside Chat with Andy Glover

Add to calendar
Thursday, November 7, 2019 - 11:30am to 12:30pm

You've got DevOps questions, and we've got Andy Glover to answer them for you. He won't really be sitting by the fire, but he will be on hand to talk about all things DevOps. From his experiences building the Spinnaker continuous delivery platform to writing the open-source BDD framework easyb, Andy wants to talk about the things that worry you or thrill you about DevOps. Bring your questions and be ready for a lively, interactive discussion.

Owen Gotimer
TechWell
B1

Agile+DevOps Feud!

Add to calendar
Thursday, November 7, 2019 - 1:30pm to 2:00pm

Join us for a game of Agile+DevOps Feud, where two teams of thought leaders compete to name the most popular responses to survey questions to win bragging rights and to share their experiences. Questions and voting will be in the TechWell Hub leading up to the conference, where community members will name their greatest concerns, best practices, etc. Our two teams of panelists, will do their best to guess the community’s viewpoint, and the winning team will get to explain how they deal with those concerns. Our panelists are competing...

AT22

So You’re Using Docker. Now What?

Add to calendar
Thursday, November 7, 2019 - 3:30pm to 4:30pm

These days everyone wants to containerize their application, but not everyone understands the best way to go about it. You need a tool to manage your containers, you need tools for image security scanning, you need to completely rethink how your application fits into its deployment environment, and most importantly you need to make sure you’re following good DevSecOps practices. Join Ryan Kenney as he discusses how he has addressed these concerns, among others, for various clients. Ryan will discuss options for container orchestration tools like Kubernetes and its competitors. Then, he...

AT28

Contract Testing with Pact: A Different Approach

Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

With the microservice architecture evolving and becoming a golden standard, the necessity of testing the contracts between services appears to be more and more obvious. One of the most interesting solutions here is the Pact tool, which helps with testing and verifying the API contracts in a CI/CD manner and opens up a lot of interesting possibilities. However, the devil is always in the details: the implementation. We need to configure the Pact mock servers, but similar configurations are often needed across all the different parts of testing, from the verification of the providers to end-...

Dave Karow
Split
AT29

Feature Flagging: Proven Patterns for Control and Observability in Continuous Delivery

Preview
Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

Are you moving faster than fast? Congrats! Chances are you already use feature flags to decouple code deployments from feature rollouts. Whether you use a roll-your-own feature-flagging solution (with a few quirks) or a feature-flags-as-a-service solution, hopefully you post feature flag rollout changes to something like Datadog so that when a flag rollout lines up with an obvious spike, you know whom to have a talk with. It's a solid start, but that’s just the basics. What do data-driven CD ninjas do? They build in observability to every feature release, so when they push a...

Derek Ashmore
Asperitas Consulting
AT30

AWS Lambda: Best Practices and Common Mistakes

Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

AWS Lambda is a serverless architecture that relieves you of hardware and scaling setup concerns. AWS Lambda functions are used by many organizations for serverless application development and automating DevOps tasks. But many teams start using AWS Lambdas and uncover problems such as running into resource limits, debugging nested lambda defects, managing code change across dozens of AWS accounts, and many more. Derek Ashmore will provide tips and tricks to make your AWS Lambda functions usable in different contexts and easier to develop and support. He will show you how to mitigate common...

Friday, November 8

Tom Stiehm
Coveros, Inc.
DS5

Panel Discussion: Effective Integration of Tooling into DevOps

Add to calendar
Friday, November 8, 2019 - 11:00am to 11:45am

Integrating security tools into a DevOps pipeline is about more than just dropping them into a test environment. It’s about putting them where the business return is greatest. Where fast feedback can be gathered. Picking the right tools for the job. Join DevSecOps experts as they discuss and debate the merits of SAST, DAST, IAST, and RAST tools for your pipeline. Learn about the pros and cons of each type of security testing and how to choose the right tools for your needs. Hear how various organizations have gotten started with DevSecOps tooling and learn tips and trick for implementing...

Gene Gotimer
Coveros, Inc.
DS7

A Practical Approach to Building Security In

Add to calendar
Friday, November 8, 2019 - 1:30pm to 2:00pm

The release date is a week away. Development is complete. The code works, and everything looks good. Marketing is ready with the media blitz. Our customers are waiting to get their hands on the new features and are sure to give us good feedback. The only step left is to get the security group to scan the application and give us the approval to release. Cross your fingers- let’s hope we get the green light! Otherwise, I don’t know what we are going to do. DevOps, and more importantly, DevSecOps, promises to do away with rolling the dice at the end and hoping we are allowed to release what...

Tom Stiehm
Coveros, Inc.
DS9

Panel Discussion: Getting Development and Security To Work Together

Add to calendar
Friday, November 8, 2019 - 2:45pm to 3:30pm

DevSecOps is all about getting security teams, practices, processes, and tooling integrated into your DevOps process but often getting a cross-functional team that includes security in place is difficult. Join DevSecOps practitioners in exploring the best ways to get security groups and personnel involved in day-to-day DevOps teams. Learn what role security personnel play in Sprint activities and how to remove compliance from being an end-of-lifecycle hurdle. Hear how leading organizations successfully shift security left and tips and tricks for getting started.