Podcasts about continuous delivery foundation

  • 24PODCASTS
  • 27EPISODES
  • 42mAVG DURATION
  • ?INFREQUENT EPISODES
  • Feb 20, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about continuous delivery foundation

Latest podcast episodes about continuous delivery foundation

The Engineering Leadership Podcast
Software Dev in 2033 w/ Tara Hernandez, Erik Meijer, and Jocelyn Goldfein #167

The Engineering Leadership Podcast

Play Episode Listen Later Feb 20, 2024 42:46


In this episode, we're resharing one of the most popular & exciting sessions from ELC Annual 2023, featuring a panel of experts discussing what software dev will look like in the decades to come! This conversation features Tara Hernandez, VP Developer Productivity @ MongoDB; Erik Meijer, Sr. Director of Engineering @ Meta; and Jocelyn Goldfein, Managing Director @ Zetta Venture Partners. They debate & dissect how AI is changing what software dev looks like, what capabilities future eng leaders will need to build upon, where AI technology will need to improve moving forward, and more.ABOUT TARA HERNANDEZTara Hernandez has spent nearly thirty years evolving ways for companies to develop and ship software. She helped launch Mozilla.org and has been a firm proponent of open source ever since. She also thinks smart companies understand the business value of having a diverse employee base. Tara currently works at MongoDB, is a member of the board for Women Who Code, and a member of the Continuous Delivery Foundation."What was so amazing about Da Vinci? Da Vinci was an artist, he was a painter, he was a sculptor, he was an engineer. Breadth, more than depth, is increasingly going to be critical.”- Tara Hernandez   ABOUT ERIK MEIJERErik Meijer is a Dutch Computer Scientist, entrepreneur, and AI enthusiast.In his long career, he has democratized many academic concepts such as functional programming, reactive programming, and language-integrated query by introducing these concepts into mainstream languages such as C#, Visual Basic, Dart, and Hack, as well as through his startup Apllied Duality Inc.As an educator, Erik has shared his knowledge through platforms like Channel 9, Coursera, and edX, enlightening learners worldwide with his courses on reactive and functional programming.As the founder of the Probability team at Meta in 2016, he is one of the pioneers in applying AI to programmer productivity and systems efficiency.Most recently, Erik is working on providing every knowledge worker with a personal assistant that supercharges their productivity and boosts job satisfaction."I think the engineer of the future will be more like an English major or a music major. Somebody that can really explain their thoughts very well. If you have kids, I would not send them to do computer science. Send them to a liberal arts.”- Erik Meijer   ABOUT JOCELYN GOLDFEINJocelyn Goldfein (@jgoldfein) is a Managing Director at Zetta Venture Partners, where she invests seed capital in AI-native startups with B2B business models.Jocelyn is a widely recognized industry expert on product strategy, infrastructure, and organizational scale. Her career as an engineering leader spans from early-stage startups to high-growth years at Facebook and VMware.During her tenure at Facebook, she helped convert News Feed to Machine Learning and spearheaded the transition to a ‘mobile first' product organization. As an early engineer at VMware, she built core virtualization technology and ultimately created and led VMware's Desktop Business Unit. Jocelyn also held engineering and leadership roles at startups Datify, MessageOne, and Trilogy/pcOrder.Jocelyn has a passion for STEM Education. She currently lectures at Stanford University where she received her BS in Computer Science."Part of me finds it almost insane to think about what if there's never a new programming language? What if we're at the end of history for new programming languages and the next and last programming language is Hindi?”- Jocelyn Goldfein   This episode is brought to you by testRigor!testRigor is trusted by tens of thousands of companies across the globe, including Netflix, Splunk, BusinessWire, and more to solve three main problems with end-to-end test automation:It's challenging, expensive, and slow to hire QA Automation EngineersLow productivity building your own QA AutomationFragile tests, that cause maintenance to consume enormous amounts of timetestRigor solves all of the above by allowing our users to express test cases in plain EnglishTo learn more, check out a case study on testRigor hereSign up for a free trial today at testrigor.comSHOW NOTES:Introducing Jocelyn, Tara, and Erik & their interest in the future of software dev (2:31)Ensuring AI accuracy / confidence as a key inflection point (5:06)What the next generation of building software will look like (7:09)Why engineers will always be needed for understanding machine capabilities (10:51)Erik & Tara's perspectives on the future of AI & engineer interaction in software dev (13:19)Great engineers of the future need to have well-rounded skills (16:38)Why flow will (or will not) be as necessary in the future (19:06)How AI will augment human creativity & the engineering role (21:06)Will AI replace the need for cross-collaborative teams? (23:30)Jocelyn's theory that today's best QA folks will be the best engineers in 2033 (26:14)Audience Q&A: What logical & cognitive skills will still be needed as AI progresses? (28:24)Challenging the current definition of software development (31:45)What is the potential for a future dialogue system? (34:17)Will the change in eng skills also impact other degrees like mathematics? (36:46)How will the industry navigate workforce loss as AI replaces certain roles? (38:01)LINKS AND RESOURCESVideo Version of EpisodeAll of the Sessions from ELC AnnualThis episode wouldn't have been possible without the help of our incredible production team:Patrick Gallagher - Producer & Co-HostJerry Li - Co-HostNoah Olberding - Associate Producer, Audio & Video Editor https://www.linkedin.com/in/noah-olberding/Dan Overheim - Audio Engineer, Dan's also an avid 3D printer - https://www.bnd3d.com/Ellie Coggins Angus - Copywriter, Check out her other work at https://elliecoggins.com/about/

The Craft Of Open Source
Oleg Nenashev, Governance Board/Core Maintainer, Jenkins

The Craft Of Open Source

Play Episode Listen Later Jan 9, 2024 36:34


Jenkins, an open-source stalwart and a foundational project of the Continuous Delivery Foundation, underwent a transformative journey towards independence within the foundation. In this conversation with Oleg Nenashev, Governance Board/Core Maintainer, we navigate through the significance of feature flags in continuous integration and delivery, culminating in excitement about the potential standardization through the open feature project. Shifting gears, the conversation delves into WireMock, a widely-used API mocking tool, exploring its capabilities, commercial extensions, and upcoming improvements in version 3. Oleg emphasizes collaboration and alignment across diverse languages and repositories. The conversation concludes by spotlighting Penpot, an open-source design platform, as a noteworthy project. Join in for a comprehensive exploration of Jenkins, feature flags, WireMock, and the broader open-source landscape.

Data on Kubernetes Community
Dok Talks #146 - OpenFeature - Making feature flags a commodity // Oleg Nenashev

Data on Kubernetes Community

Play Episode Listen Later Aug 26, 2022 61:30


https://go.dok.community/slack https://dok.community/ With: Oleg Nenashev - Community Builder and Developer Advocate, Dynatrace Bart Farrell - Head of Community, Data on Kubernetes Community ABSTRACT OF THE TALK With the evolution of software delivery methods, feature flags became one of the ways to deliver features and get user feedback. Modern applications may have hundreds of feature flags describing customizations, preview features and environment specifics. Feature flags are not just a single toggle anymore, their values are often determined at runtime depending on the instance, user context and inputs from the control plane. In this session we will talk about OpenFeature - a new collaboration by many feature flag vendors and end users. OpenFeature, a CNCF sandbox project, is an open standard for feature flag management, created to support a robust feature flag ecosystem using cloud native technologies and to basically make feature flags a commodity. OpenFeature provides a unified API and SDKs, and a developer-first, cloud-native implementation, with extensibility for open source and commercial offerings. BIO Oleg works on open source programs and Keptn community at the Dynatrace Open Source Program Office. He is a TOC chair and community ambassador in the Continuous Delivery Foundation. Oleg is a core maintainer and board member in Jenkins where he writes code, mentors contributors, and organizes community events and Google Summer of Code in the project. Open source software and open hardware advocate. Oleg has a PhD degree in hardware design and volunteers in the Free and Open Source Silicon Foundation. KEY TAKE-AWAYS FROM THE TALK Feature flags at scale 101. Feature flags are an important topic for stateful apps in K8s, and for progressive delivery and other modern approaches. OpenFeature is like OTel but for feature flags. You can try it now, here is a live demo to follow.

DevOps Speakeasy Podcast
S03E22: #DevOpsSpeakeasy at #KubeCon EU 2022 with Andrea Frittoli on CDEvents

DevOps Speakeasy Podcast

Play Episode Listen Later Aug 15, 2022 12:54


In this interview, Andrea Frittoli, OpenSource Developer Advocate for IBM, speaks about the CDEvents project within the Continuous Delivery Foundation.

european union ibm kubecon continuous delivery foundation
OpenObservability Talks
SLO Driven Engineering: from Dev to Prod - OpenObservability Talks S2E10

OpenObservability Talks

Play Episode Listen Later Mar 30, 2022 59:56


Google's SRE Book popularized the concept of Service Level Objective (SLO) and the SLO-driven approach. But what does it really mean to make SLO driven decisions? How can we generate observability and synchronize teams around joint SLOs? And how can we automate SLOs and integrate them into the software release pipeline? In this episode I'll host Andreas Grabner. We'll discuss the SRE practices, and how to automate SLO from dev all the way to prod. We'll talk about the open source efforts to standardize the process under the Continuous Delivery Foundation, and about Keptn, the new CNCF open source project that promises to help with this automation. Andreas Grabner (@grabnerandi) has 20+ years of experience as a software developer, tester and architect and is an advocate for high-performing cloud scale applications. He is a contributor and DevRel for the CNCF open source project keptn (www.keptn.sh). Andreas is also a regular contributor to the DevOps community, a frequent speaker at technology conferences and regularly publishes articles on blog.dynatrace.com or medium. In his spare time you can most likely find him on one of the salsa dancefloors of the world. The episode was live-streamed on 15 March 2022 and the video is available at https://youtu.be/J81byOpVqrk  OpenObservability Talks episodes are released monthly, on the last Thursday of each month and are available for listening on your favorite podcast app and on YouTube. We live-stream the episodes on Twitch and YouTube Live - tune in to see us live, and pitch in with your comments and questions on the live chat.https://www.twitch.tv/openobservabilityhttps://www.youtube.com/channel/UCLKOtaBdQAJVRJqhJDuOlPg Show Notes: What's SRE Where is SRE placed in the organization SRE vs. DevOps Good and bad SLOs How to define SLOs top-down Who owns SLO definition, monitoring, remediation Where is SRE within less mature organizations Keptn OSS project background Who uses and contributes to Keptn project What's the CDF (Continuous Delivery Foundation) Creating a standard CD event format under the CDF (CDF Events SIG) Cloud Native Observability survey by the CNCF Resources: SLO in the age of microservices: Keptn OSS project: https://keptn.sh/ Keptn 0.14.0 major release TechWorld with Nana on Keptn CD Foundation - SIG Events: https://github.com/cdfoundation/sig-events PurePerformance podcast Cloud Native Observability survey by the CNCF Socials: Twitter: https://twitter.com/OpenObserv Twitch: https://www.twitch.tv/openobservability YouTube: https://www.youtube.com/channel/UCLKOtaBdQAJVR

L8ist Sh9y Podcast
Scaling Continuous Delivery

L8ist Sh9y Podcast

Play Episode Listen Later Mar 4, 2022 39:28


We went beyond what the Continuous Delivery Foundation is doing to talk about how to scale Continuous Delivery. Especially around the continuous reconciler pattern. So what does CD take beyond committing something in git? To make scalable continuous delivery systems and cross team continuous delivery systems means building things beyond GitOps that really scale and work for enterprise teams. The use cases are not just cloud native technologies, but really useful for established enterprise tech too. Transcript: https://otter.ai/u/JkTWNWtaaUEOHrd-bdHIP3rsmO8 Photo: https://www.pexels.com/photo/man-wearing-a-face-mask-putting-food-on-a-thermal-bag-4393667/

cd scaling continuous delivery gitops continuous delivery foundation
The Humans of DevOps Podcast Series
54: Getting Human with Helen Beal

The Humans of DevOps Podcast Series

Play Episode Listen Later Oct 11, 2021 31:34


On this episode of the Humans of DevOps, Jason Baum is joined by Helen Beal, Chief Ambassador at DevOps Institute. They discuss Helen's tech beginnings including an *interesting* data entry story, human skills, learning and helping people plus way more! Helen Beal is a DevOps and Ways of Working coach, Chief Ambassador at DevOps Institute, and ambassador for the Continuous Delivery Foundation. She is the Chair of the Value Stream Management Consortium and provides strategic advisory services to DevOps industry leaders such as Plutora and Moogsoft. She is also an analyst at Techstrong Research. She hosts the Day-to-Day DevOps webinar series for BrightTalk and the Value Stream Evolution series on TechStrong TV. She speaks regularly on DevOps and value stream-related topics, is a DevOps editor for InfoQ, and also writes for a number of other online platforms. She regularly appears in TechBeacon's DevOps Top100 lists and was recognized as the Top DevOps Evangelist 2020 in the DevOps Dozen awards and was a finalist for Computing DevOps Excellence Awards' DevOps Professional of the Year 2021. Want access to more content like this? Gain the tools, resources and knowledge to help your organization adapt and respond to challenges by becoming a professional member of DevOps Institute. Engage in one of the fastest-growing DevOps communities today! Get started for free: https://www.devopsinstitute.com/membership/ Use promo code HODPOD21 at this link for 20% off your Premium Membership.

humans engage devops beal premium membership infoq brighttalk chief ambassador continuous delivery foundation devops institute jason baum
What the Dev?
The challenges and benefits of continuous delivery - Episode 115

What the Dev?

Play Episode Listen Later Aug 10, 2021 15:12


 In this week's episode, we spoke about continuous delivery (CD), the premise of delivering safely when you want to.So far, the number of companies adopting CD seems to be behind what was originally projected by the Continuous Delivery Foundation, and the difficulty of getting started may be a culprit.We spoke to Ravi Lachman, an evangelist at Harness, about the challenges as well as benefits of CD. 

7 Layers
Interview: Cutting Edge Cloud Native, an Expert's Perspective

7 Layers

Play Episode Listen Later Apr 20, 2021 19:38


This week, host Connor Craven is joined by cloud native expert, Tracy Miranda. Miranda is the executive director for the Continuous Delivery Foundation and brings a unique perspective to the conversation. The two talk about common cloud native misconceptions, the future of cloud native development, and the value of open source and collaboration. Full Transcript Here. Learn more about your ad choices. Visit megaphone.fm/adchoices

cutting edge cloud native continuous delivery foundation
ShipTalk
The Brass Tacks of Open Source - Tracy Miranda - Continuous Delivery Foundation

ShipTalk

Play Episode Listen Later Feb 11, 2021 26:34 Transcription Available


In this episode of ShipTalk, we are joined by Tracy Miranda who is the Executive Director of the Continuous Delivery Foundation which is part of the Linux Foundation. Tracy has been leading open source communities prior to her time at the CDF at Cloudbees and has spent time on the governing board of the Eclipse Foundation. Tracy chats through her experience creating thriving open source communities and practices from inception to maturity. Open source projects especially at their inception run like a start-up. Learn in this episode how to build a sustainable, robust, and inclusive community and more from Tracy. 

ShipTalk
Finding Your Tribe - Tracy Ragan - DeployHub

ShipTalk

Play Episode Listen Later Jan 19, 2021 31:08 Transcription Available


In this episode of ShipTalk, we are joined by Tracy Ragan who is the CEO of DeployHub. Tracy is no stranger to open source communities spending time with the Eclipse Foundation and Continuous Delivery Foundation [part of the Linux Foundation].  A software and open source community is more than just a place to get free software, the community aspect is crucial. Especially during the COVID pandemic, the human element is key to furthering the software engineering craft.  Tracy talks about her career and community journey and why it is important to find your tribe.  At a bonus at the end, a joint perplexity around the rise of YAML.

The Business of Open Source
Exploring Open-Source and Cloud-Native with Tracy Miranda

The Business of Open Source

Play Episode Listen Later Oct 21, 2020 27:52


The conversation covers:  Tracy's thoughts on how the relationship between open-source and cloud-native should be described. The advantages and disadvantages to an organization using open-source. Some of the major risks associated with using open-source, and why companies should approach with caution.   Why CI/CD is a rising security concern for open-source organizations.Tracy also provides her thoughts on how businesses are handling the CI/CD pipeline today, and where the trend is heading. Some of the unresolved challenges related to continuous delivery that currently exist. Tracy's advice for companies that are just starting to develop an open-source contribution strategy. How companies should approach topics like open-source strategizing and building open-source communities. The common mistakes that individuals and companies make when nurturing open-source communities. Tracy also comments on mistakes that people are making with continuous delivery. Links CloudBees: https://www.cloudbees.com/ Continuous Delivery Foundation: https://cd.foundation/ Twitter: https://twitter.com/tracymiranda  Emily: Hi everyone. I'm Emily Omier, your host, and my day job is helping companies position themselves in the cloud-native ecosystem so that their product's value is obvious to end-users. I started this podcast because organizations embark on the cloud naive journey for business reasons, but in general, the industry doesn't talk about them. Instead, we talk a lot about technical reasons. I'm hoping that with this podcast, we focus more on the business goals and business motivations that lead organizations to adopt cloud-native and Kubernetes. I hope you'll join me.Emily: Welcome to The Business of Cloud Native. Today, I'm chatting with Tracy Miranda. Tracy, thank you so much for joining me.Tracy: Hi, Emily. Thanks for having me. It's my pleasure.Emily: So, as usual, I just want to start off with having you introduce yourself, both what you do, where you work, but also, like, some details, what does this actually mean? How do you actually spend your day?Tracy: Yeah, so I'm the director of open-source CloudBees, and I'm also the board chair at the Continuous Delivery Foundation, which is an open-source foundation, which is home to projects like Jenkins, and Spinnaker, and Tecton, and Jenkins X. So, basically, I'm a big fan of all things open-source, which in day-to-day means I'm doing anything which is related to building communities. So, either involved with code, or building communities and through conferences, or sometimes just the boring governance stuff around open-source.Emily: What is the boring governance stuff around open-source?Tracy: So, I guess it is just trying to get folks moving in the same direction, and reminding people that it's sometimes more than just code. And whether it's updating a code of conduct, and one of the things we've seen and—okay, I wouldn't call this boring; it's actually taken over a bit in open-source communities, but it's sort of different from the code, but it's the whole terminology updates. We've seen a lot of open-source communities have become more aware about wanting to be better about using terms like ‘master' and ‘slave' and move away from that. That being said, it's not that easy, so there's a lot to do in getting people on the same page and ready to move forward even before you can start changing a line of code.Emily: Since the topic of the podcast is cloud-native, obviously, open-source and cloud-native are related. In fact, some people think that cloud-native must be open-source. Where do you fall on that spectrum? How do you think the relationship between open-source and cloud-native should be described?Tracy: Yeah, I think that they're pretty distinct things. So, cloud-native is all about using the Cloud effectively and having technology which takes advantage of modern architectures to give you things like rapid elasticity, or on-demand self-service. And that's distinct from open-source, which is around the licensing, and it's become more about communities, as well. But I think because Kubernetes has been the most successful cloud-native project that is open-source, I guess there's become this very, very strong association which, in my mind, is a very, very good thing because I think open-source communities are really the way to drive innovation very, very quickly across the industry.Emily: And this may seem sort of obvious, but what are some of the advantages and disadvantages to an organization in using open-source?Tracy: Yes. So, I think—well, lots—virtually every company uses open-source, and the first thing people can see as the benefits are just the engineering efficiencies. So, using technologies which, say aren't core to the business, but then building on top of those and taking advantage of the features rather than dedicating their own engineering resources to developing them. I used to work as a consultant, and I would go from company to company, and usually, they would be adopting open-source when they wanted to get away from an in-house project where the people or person who had written it had left the company. So, I think there's a lot to be said, as well, for sustainability of technology: that communities and open-source communities are really good at sustaining projects over the long term, and therefore kind of the best bet for technology that's going to live on beyond individuals or even companies, acquisitions, or whatever.Emily: Do you think there are any risks to using open-source? I'm even interested in hearing if there are risks that are not real, but that are perceived risks. And then even maybe some risks that people don't think about, but that are in fact, quite real.Tracy: Yes, yeah, no, absolutely there are risks. So, it's wise for companies to approach with caution. I think the risks sort of depend on which side—like, are you looking to just use open-source that someone else has written, or are you contributing something, which might be key to your company, but then you're saying, “Okay, I'm going to do this in an open way,” which brings us to one of those common perceived myths, that someone, like a cloud provider, is then going to take your open-source software and do a better job of making money around it, so thereby just ruining your entire business model.And I think the other area where we tend to see a lot of dialogue around, is always around open-source security. For a long time, people used to, sort of, make out that this was different from closed source security, somehow. Security through obscurity meant that closed-source was better than open-source, which is clearly not the case. You can have secure open-source software, not secure open-source software. It just really depends on the project and the practices.Emily: And then also, I thought we'd talk a little bit specifically about this CI/CD work that you do. How important is CI/CD, do you think, in the pursuit of being cloud-native?Tracy: Yes, no, I think CI/CD has just risen to the top as one of the key concerns. And I think, part of the reason—when you're doing things in a cloud-native way it means that your systems are very distributed; you don't necessarily know where the services are running, it's typically not on-premise, and suddenly it becomes very important to understand how do you do this integration, and how do you then deliver that software in a way that is both quick, and that is not going to—you can do it in a safe way, so it's not going to break every time you do releases. And I think we're seeing that it really is at the forefront. Like last year, we started the Continuous Delivery Foundation, which is an open-source foundation, and the mission there is to increase the world's capacity to ship software securely and at speed. And the uptake from folks has been really well. Everyone's grappling and trying to figure out, what does CI/CD look like in the Cloud? What does it mean to be cloud-native CI/CD?Emily: And from the perspective of an end-user, what do you think are some of the, still, unresolved challenges related to continuous delivery?Tracy: Yeah, it's very challenging. Everything is changing under enterprise's feet. And it's not just the tools we're using, is also the skills we expect people to have, the way we organize a team. And traditionally, it's been very, very hard to decommission software or deprecate it, but what we're seeing in the industry now is that everything is changing really rapidly. You take something like Kubernetes and it has a new release, like, every three months and then nine months later, that's deprecated. So, people are having to make changes in enterprise situations at a rate that they just previously didn't come anywhere close to, and that's pretty challenging when you're having to deal with the changing tools, and processes, and people all at the same time, all while keeping your business up and running.Emily: In terms of the whole CI/CD pipeline, do you think most end-users experience that as being mature? Is it sort of figured out, or is it something that they continue to struggle with?Tracy: I think everybody has a CI… certainly CI… many people have sort of cracked, and they've got their systems set up. And then the delivery side, it just, kind of, varies. And I think it depends; we see a lot of folks who are really trying to figure out pipelines and are really trying to figure out what that looks like in a cloud-native world, and they haven't figured out, what does it mean for things to be highly available? What does it mean to be able to scale at any level? So, everybody's got something, but I think we've only just scratched the surface of what's possible with today's technology.Emily: Where do you think it's going in the future?Tracy: Yeah, I think, like in the same way we're having this big shift, everybody's got monoliths, and the problem with the monolith is that you can't do the speed and security at the same time. So, if you think about the key metrics people use today, there's two on speed, “Which is how quickly can you deploy?” And, “What's your lead time for changes?” And then for the safety, it's, “How long would it take you to restore services, if something went wrong?” And, “What is your change failure rate? How often are things going wrong every time you push code?” So, in the bid to get really good at those metrics, I think people have realized that monoliths cause a lot of problems, and it's much easier to meet these capabilities if you've got microservices are smaller batches of code, each, which do a specific thing, and there's less chance of things falling over when you make changes because there's not all these huge dependencies. Now, however, when you do start having all these different microservices with, let's say, a web of dependencies, things start to get really complicated. So, now you don't have, perhaps, one CI/CD pipeline, you have a pipeline per microservice. And then we start to say, “Okay, what is the definition of the application even? Is it all these microservices? Which version is it?” And then things like configuration management start to enter the picture, especially if you've got dependencies on things, let's say, outside your company, or open-source. So, I think it's a lot for people to grapple with, like, how to truly do microservices, and how the definition of an application is going to evolve. And I think for CI/CD, we can't keep doing what we've done in the sense of traditionally, folks have written a pipeline by hand, and you'd write a pipeline for your monolith. But now you've got all these different microservices. You want to start thinking about how can you have a pipeline auto-generated for them.Emily: I wanted to actually shift and talk more about open-source communities as well since I know that's a large part of what you do. My first question is, what would you say to a company that's starting to think not just about consuming open-source, but developing a strategy to contribute to open-source? What do you advise companies who are just starting that journey?Tracy: Yeah, no, I think for companies, it's a really good thing. I think open-source can give you a lot of strategic advantages, especially if you're coming in strong, and you're looking to be a leader in a space. And if we talk about category creation, you can use open-source almost as a weapon to drive the industry in a specific direction. So, I think what is important for companies is to be very deliberate about this strategy because open-source strategies can be almost counterintuitive, especially to folks who haven't done it before. This idea that you're giving away assets for free, or making them open. So, it's really important to have all the stakeholders in the company on the same page, and really understanding that this is a long-term thing where you'll have these benefits and not something where you start off and you do sort of half-heartedly.Emily: Are there two or three, sort of, primary open-source strategies?Tracy: Yeah, no, I think—[00:13:42 unintelligible] I think you can break it down. So, people would talk about the Red Hat model, which is really hard to reproduce but everything was open-source, and then they have this whole—they layered on top of that with a lot of services, and things. And then there's the open-core model where you're separating an open-source portion of the product, and then you add on a lot of features and things that add value that aren't being produced in the open-source. So, I think there's those, and then the new one that we're starting to see more of is—just looking much more at SaaS platforms. So, you have some open-source code, but your real—where you're making money is by offering it as a service.Emily: And how does that differ for a company whose core business isn't software? So, for example, if you're something like a Home Depot, and almost undoubtedly you use open-source software. If Home Depot wants to start contributing as well, as part of their company strategy, what should they know? What should a company like that think about as strategies?Tracy: Yeah, no, I think that's a great point because we do see a lot of companies contributing, and actually a lot of innovation is coming from companies who use software, but they have a different focus. And I think one good example, as well, is Capital One, who have a lot of open-source they contribute and maintain. And it's different, it's separate from, kind of, the main banking function. So, I think, again, for companies like that, it's just mapping out the strategy, being very deliberate in is there some sort of monetization around this, or is it more—you know, we see a lot of companies who want to do it to be seen as leaders in the field, and to, sort of, share some innovation to be seen as an attractive place, as well, for people to work with, and just to really drive that industry to help the innovation and to help make it a good place to be. So, I think the same things apply there, although maybe the business models allow, perhaps, for a bit more freedom. And we often find in those companies, they will have open-source program offices, which is a dedicated set of people who will map out the strategy and pull the whole company along in the same direction.Emily: Obviously, a big part of open-source is building a community. How do you do this? How do you herd the cats in a way that advances your project? And I'm actually curious, I don't know if you have a perspective on this from both somebody—an individual starting a project, and a company that wants to create a community around a particular project?Tracy: Yeah, no, I think that's a really great question. And people are always attracted to, I think, you want to start out with the big idea: why is your project going to do things better than before, or what's nicer about it? So, I think you have to start with, I guess you'd call it, like, you're [00:16:58 unintelligible] for your open-source project; the reason people are going to be attracted to it, and they're going to come and say, “Actually, I want to be part of this.” Because I think people do want to feel part of something bigger than themselves. They also want to see other people contributing, and everybody pulling their weight, and not necessarily any kind of biases for specific companies. So, the more open you can make it, the more transparent you can be about how things happen, people love to—if they're committing, and folks in open-source do commit fully—they want to know that they're not going to be taken advantage of, that they can do that, and they can really change the way the project is going to—they can feel the change they're going to make. So, I think it's important just to go to those principles of openness and transparency, and to let people participate. I think sometimes having clear ways—like with Jenkins, we saw that originally it really thrived because people could write their plugins, and they could make it their own, and they could share them and show them to their friends. And it's the same idea with GitHub, things that make developers look good as well, while they're contributing to open-source always makes for very, very successful projects.Emily: What do you think are common mistakes that people—individuals or companies make around nurturing the community?Tracy: Yeah, I think the mistakes are always connected to control and wanting to control too much or in a too specific way. And you could almost—I don't know if this is a good analogy, but it's almost like, I guess, parenting, in a way. You might be tempted to be very regimented and say, “Okay, your child can do this, or they can't do that.” But then you sort of lose out in finding out where could this go? How big could this grow? So, I think it's finding the right level of control so that the project can take on a life of its own and be used in ways that perhaps you couldn't even imagine. I think that's when the real magic happens. But it does take a leap of faith and understanding that you will be able to reap some business benefit out of this if that is your aim as well.Emily: Do you think that that's easier for individuals or for companies to achieve?Tracy: I think it depends on what people are going into it for. And for individuals, I think often it's they want to share their idea with the world or they want to build a reputation, which is very synonymous with doing the project. Having said that, individuals can have the same issues around wanting to control it, but I think there's perhaps a different monetization emphasis which would make it easier.Emily: Actually, I had a similar question related to continuous delivery which is, do you find that there are common mistakes that you see people making?Tracy: Yes. And some of the mistakes, I guess—one of the most common mistakes is a pretty boring one. And I know why it happens, but [laughs] it's just around documentation, to be honest. And it's the, “Okay, we're going to write the code, and then we're not going to necessarily document it or share the way people can either get involved or use a project.” And it's just—documentation is hard. Good documentation is really hard. Things keep changing, and it's boring to go keep updating them. But it's so incredibly important, and some of the most successful open-source projects have always provided that kind of self-service set of docs where people don't have to be asking the same questions over and over again. They really can go off and feel empowered to do things and to do things and not feel like they're getting it wrong or wasting their time, which I think is really important when building community. So, yeah, just write good docs, everybody.Emily: And do you think there's anything else specifically related to how companies approach continuous delivery, that there's something that a lot of them are not doing right?Tracy: With continuous delivery, especially today where everybody's in a really, kind of, tricky situation where they're trying to make this move to using cloud-native technologies because the benefits are so huge, but at the same time, all these technologies are coming very thick and fast, and nobody's sure—people have tried technologies which are now no longer used, so this is a bit of fear of saying, “Okay, is this going to be a safe bet? And at the same time, while I'm trying to decide if that's the right technology to use, I'm having to restructure my teams, and change of habits is really hard, and we've got all these additional environments we're having to deliver software for.” So, it's a huge challenge, and everything has to be done in balance: you have to get the tools, and you have to get the technology, and you have to get the people right. You can't do any one of those and hope it's going to work, you have to do this juggling act within your organization. And that's massively, massively challenging, especially when you are trying to change long-held behaviors and habits people have, and just ask them to do things in a different way.Emily: Do you think technology is more challenging, or people skills organization is more challenging?Tracy: Yeah, I think the thing with technology that is more challenging today is, especially in the CI/CD space, we have a lot of different types of tools. And we don't have standard ways to talk about—like, we don't have standardization of terms, so different things have different meanings to different people. So, you might say ‘a pipeline' but it might mean—the scope might change depending on who you're talking to. And so it's really hard for people to understand, how do I connect these different tools together? There's very poor interoperability, as well, which is another thing the Continuous Delivery Foundation wants to try and solve. So, I think those are key areas. Security is another one, which makes it really hard when you break things up. And no one's taking responsibility for the interaction between different platforms of different open-source technology written by different people, that becomes really tricky. So, I think we do need solutions at a community level, and we need communities working together closer to tackle this proliferation, and lack of interoperability, and new security concerns that we have to deal with as an industry.Emily: Is there anything else that I didn't think to ask that you'd like to add?Tracy: Yeah, no. I think what we're doing in the Continuous Delivery Foundation, if I can say a little bit about that, it is a relatively new open-source foundation. And I think it's a good place to bring people together where we're trying to tackle these issues. So, things like interoperability, we have an interoperability working group. And one of the first things that happened in that group as people would come together and talk about the different tools, is that we spontaneously realized we needed to define the tools. And there was a page set up where everybody could write down the definition of how their tool—use different terms. You know, is it a step? Or what do you call it in your tool? So, we have this what we call, like, the Rosetta Stone, of CI/CD tools. So, it compares across—whether it's all kinds of Git providers or pipeline orchestration tools, was the different terminology. And I think from there, we're going to look to see how we can standardize as an industry, just to make it simpler for people because I think—I would really hate to be someone new coming into the industry today and trying to figure out where to start, which tool to try out because the amount of noise and confusion is at all-time high levels.Emily: That's absolutely fair. And in fact, speaking of tools, my next question is, what tool do you really rely on? What engineering tool would you not be able to work without?Tracy: Yeah, well, they kind of say for developers, and I think this rings true for me as well, you're kind of in three places. You're in, like, GitHub and Slack, and then your development environment which use VS code, and like many people. So, those are, kind of, the three development environments. I think, when I look at CI/CD, and we look at new technology in the space that's, kind of, gaining quick adoption, there's two projects in CDF which are starting to really resonate. And one is Tekton, which came out of Google, and their Knative serverless platform. But that's looking to have these standardized building blocks for CI/CD pipelines. And then the other one is Jenkins X, which, incidentally, uses the building blocks of Tekton to stitch together a CI/CD experience, if you wish, that pulls in Kubernetes, and Helm, and all those other projects to give a really nice developer experience just generating pipelines for you, so you don't have to write things by hand, and giving you preview environments, and really just trying to take advantage of all the power that cloud-native affords you in delivering software.Emily: And then lastly, how can listeners connect with you or follow you?Tracy: Yeah, no, I think the best place is Twitter. So, find me Twitter at @tracymiranda, and in all the continuous delivery working groups, and the communities we're building there. So, find that on cd.foundation, and, yeah, come join the community. We're having some great conversations in the space.Emily: Well, thank you so much, Tracy, for joining us.Tracy: Yeah, thanks for having me. And yeah, really great conversation and questions.Emily: Thanks for listening. I hope you've learned just a little bit more about The Business of Cloud Native. If you'd like to connect with me or learn more about my positioning services, look me up on LinkedIn: I'm Emily Omier—that's O-M-I-E-R—or visit my website which is emilyomier.com. Thank you, and until next time.Announcer: This has been a HumblePod production. Stay humble.

DevOps Chat
DevOps Unbound, Episode 3: DevOps and Open Source

DevOps Chat

Play Episode Listen Later Oct 2, 2020 48:18


DevOps Unbound episode 3 is about open source and DevOps. We have a great cast of Tracy Miranda, ED of the Continuous Delivery Foundation, Alon Girmonsky, found of UP9 and Kevin Dunne of Tricentis. DevOps Unbound is an every other week video series about topics related to all aspects of Devops. It is available at https://digitalanarchist.com

open source devops unbound tricentis continuous delivery foundation kevin dunne
DevOps Paradox
DOP 57: Join An Open Source Foundation And Get Free Stickers!

DevOps Paradox

Play Episode Listen Later May 27, 2020 28:03


#57: On this episode, we have a conversation with Tracy Miranda, the current chair of the Governing Board of the Continuous Delivery Foundation.   Tracy on Twitter: https://twitter.com/tracymiranda   Continuous Delivery Foundation: https://cd.foundation/ https://twitter.com/cdeliveryfdn   Transcript: https://www.devopsparadox.com/57#transcript   YouTube channel: https://youtube.com/devopsparadox   Books and Courses: Kubernetes Chaos Engineering With Chaos Toolkit And Istio https://www.devopstoolkitseries.com/posts/chaos/   Canary Deployments To Kubernetes Using Istio and Friends https://www.devopstoolkitseries.com/posts/canary/   The DevOps 2.6 Toolkit: Jenkins X https://www.devopstoolkitseries.com/posts/devops-26/   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast   Leave us a message on Voxer: https://web.voxer.com/u/devopsparadox   Find our contact information at: https://www.devopsparadox.com/contact

The Pipeline: All Things CD & DevOps Podcast by The CD Foundation
CDF SIG Interoperability Chair, Cloudbees & Puppet Discuss Interoperability

The Pipeline: All Things CD & DevOps Podcast by The CD Foundation

Play Episode Play 39 sec Highlight Listen Later May 15, 2020 48:48


Panelist include: Kara de la Marck, Jenkins X Community Manager at CloudbeesFatih Degirmenci, SIG Interoperability Chair at CDFDeepak Giridharagopal, CTO at PuppetOrganizations often employ more than one tool in various stages of their CI/CD pipelines due to different capabilities provided by the tools and this is perhaps one of the biggest benefits users get by using open technologies for their CI/CD needs. However, one of the challenges users face is the lack of interoperability across the CI/CD tools and technologies, resulting in various issues while constructing and running pipelines such as passing metadata and artifacts between the tools or achieving traceability from commit to deployment. Often users end up building their “own glue code” to address what is a common problem, further complicating moving from one tool to another and adopting new technologies and methodologies.These “glue code solutions” are generally specific to users' needs and tools rather than being loosely coupled and agnostic to tooling and technology. Additionally these solutions are not visible to other users and the communities, making them vulnerable to the risk of outage in their CI/CD pipelines due to potential changes (i.e. non-backward changes to the APIs, changes in data models) that happen to the tools in respective projects.Therefore, focusing on tool interoperability is critical. The Continuous Delivery Foundation highlighted interoperability as one of the Foundation's 9 goals. The Interoperability special interest group (SIG) was founded as the forum for driving towards this goal. Support the show (https://cd.foundation/podcast/podcast-submission-form/)

The InfoQ Podcast
Tracy Miranda on the Continuous Delivery Foundation, Interoperability, and Open Standards

The InfoQ Podcast

Play Episode Listen Later May 15, 2020 24:04


In this podcast, Tracy Miranda sat down with InfoQ podcast co-host Daniel Bryant. Miranda, Director of Open Source Community at CloudBees, and board chair at the Continuous Delivery Foundation (CDF), discussed topics that included: the aims of the CDF and an outline of the current hosted projects, the need for open standards and interoperability in the CD space, and the benefits offered by progressive delivery and software supply chain management. Why listen to this podcast: - The Continuous Delivery Foundation (CDF) serves as the vendor-neutral home of many projects within continuous delivery space, including: Jenkins, Jenkins X, Spinnaker, Tekton, and Screwdriver.cd - Jenkins X is a Kubernetes-native continuous delivery solution for cloud applications. This project uses a completely new architecture and code base in comparison with the original Jenkins project. - Spinnaker is an open source, multi-cloud continuous delivery platform. The Tekton Pipelines project provides Kubernetes-style custom resources for declaring continuous integration and delivery pipelines. Spinnaker can use Tekton as its pipeline engine. - In addition to providing a neutral home for projects within the CD space, the CDF is also aiming to help define appropriate terminology, open standards, and abstractions. This will assist with interoperability between CD components, and also promote innovation in the areas that can provide the most value. - The CDF is also aiming to facilitate software testing, progressive delivery, and software supply chain management. Wide ranging topics such as observability and security are important will play an important role here. More on this: Quick scan our curated show notes on InfoQ https://bit.ly/3bzoYiz You can also subscribe to the InfoQ newsletter to receive weekly updates on the hottest topics from professional software development. bit.ly/24x3IVq Subscribe: www.youtube.com/infoq Like InfoQ on Facebook: bit.ly/2jmlyG8 Follow on Twitter: twitter.com/InfoQ Follow on LinkedIn: www.linkedin.com/company/infoq Check the landing page on InfoQ: https://bit.ly/3bzoYiz

Kubernetes Podcast from Google
Attacking and Defending Kubernetes, with Ian Coldwater

Kubernetes Podcast from Google

Play Episode Listen Later Aug 6, 2019 43:19


Ian Coldwater specializes in breaking and hardening Kubernetes, containers, and cloud native infrastructure. A pre-eminent voice in the Kubernetes security community, they are currently a Lead Platform Security Engineer at Heroku. Ian joins Adam and Craig to talk about the offensive and defensive arts. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Black Hat USA DEFCON Scavenger hunts An example of Spot the Fed An example of the Mystery Challenge News of the week Mesosphere becomes D2iQ Google Cloud launches Migrate for Anthos in Beta Google Cloud Game Servers coming soon Episode 26: Agones, with Mark Mandel and Cyril Tovena Announcing Kubernetes Summits in Seoul and Sydney Security updates of the week CVE-2019-11247: API server allows access to custom resources via wrong scope CVE-2019-11249: kubectl cp (round 3!) IBM and Red Hat: OpenShift on IBM Cloud OpenShift coming to Z Series and LinuxONE Cloud Paks and services Cisco Container Platform now supports Microsoft AKS Helm deployments at the Kubedex How Kubernetes can be used for genetic analysis by Mu Huan and Eric Li Alibaba Cloud Announcing CloudBees Jenkins X Distribution Episode 44, Continuous Delivery Foundation, with Tracy Miranda TiDB Operator now Generally Available Links from the interview Red teams and penetration testing Fuzzing Attacking Helm’s Tiller Black-box and white-box testing DevSecOps: guard rails, not gates OWASP - the Open Web Application Security Project The math behind calculating security risk CVSS score etcd: encrypt it at rest! Admission control Technologies for isolation: AppArmor Seccomp gVisor Firecracker (not yet supported with Kubernetes) “Kubernetes is powerful, and it’s insecure by design” Ian and Duffie Cooley’s BlackHat talk Cloud doesn’t make it better! Threat modelling hostpath - “a powerful escape hatch” Trail of Bits blog: understanding Docker container escapes Recommended watching: Ship of Fools by Ian Coldwater (slides) Hacking and Hardening Kubernetes by Example by Brad Geesaman (slides) A Hackers Guide to Kubernetes and the Cloud by Rory McCune (and his upcoming Black Hat training) DIY Pen Testing for your Kubernetes Cluster by Liz Rice (our guest on episode 19) Ian Coldwater on Twitter

The New Stack Podcast
The Continuous Delivery Foundation Gets a Reality Check

The New Stack Podcast

Play Episode Listen Later Jul 10, 2019 56:44


The Continuous Delivery Foundation (CDF) was created to help introduce processes, standards and other support and stewardship for DevOps teams that now face what some say is the Wild West of open source tools and platforms for deployments on Jenkins and coud native platforms. While there have been concerns expressed about potential overlap with the Cloud Native Computing Foundation (CNCF) — a sibling Linux Foundation-managed project — the concept is certainly attractive, especially for those teams that plan to or already rely on Jenkins, Jenkins X, Spinnaker and Tekton for their production pipelines. However, there is one catch: the CDF has yet to release any specifications and primitives after the initiative was announced a few months ago. During a podcast hosted by Alex Williams, The New Stack founder and editor in chief, questions were put to Dan Lorenc, a software engineer for Google and Kohsuke Kawaguchi, the CDF's technical oversight committee (TOC) chair and CTO for CloudBees, about the CDF's immediate plans, as well as what the oversight committee hopes to achieve.

Technology Leads Podcast
Technology Leads #11 met Clemens Reijnen

Technology Leads Podcast

Play Episode Listen Later May 20, 2019 44:24


In aflevering #11 hebben we Clemens Reijnen te gast. Clemens is Global CTO of Cloud Services bij Sogeti en Microsoft Most Valuable Professional. Facebook’s Data Deals Are Under Criminal Investigation | From public to private social media; Zuckerberg facebook mission statement | How to survive vacation as a nerd | Continuous Delivery Foundation

technology leads mark zuckerberg clemens cloud services global cto sogeti continuous delivery foundation microsoft most valuable professional
Java Off-Heap
Episode 44. A new Soap Opera! Starring Elastic and Amazon (A story of ElasticSearch Open Distro)

Java Off-Heap

Play Episode Listen Later Apr 29, 2019 66:55


Oh my, we take a break for a month, and things happen! We start with the news of the day (JDK 12 is General Availability, so go and download it today!). F5 buys NginX which brings more consolidation in the web appliance/software space, and there is a new Continuous Delivery Foundation! (What does it means for all of us devopsy folks) Then we dive into some interesting developments in ElasticSearch! You might have been using it, and even contributed to it, but may have not realized that some parts are actually commercial in nature. Amazon is releasing a purely "Free as in Free beer" ElasticSearch Open Distro where there's no confusion on what's commercial, since there's nothing commercial in it. It makes it harder for Elastic to make a buck, but maybe there might be a different monetization model for them? All in all, an exciting episode on how the open source community and for-profit companies are trying to find when the line is being crossed. We thank DataDogHQ for sponsoring this podcast episode We also thank OverOps for sponsoring this podcast episode   DO follow us on twitter @offheap The Definite Guide to Spring Batch (By our own Michael Minella!) JDK 12 is GA JavaFX 12 F5 Buys nginx ElasticSearch Open Distro Elastic Rebuttal to Amazon

Bigdata Hebdo
Episode 69 : Le dilemme de Batman

Bigdata Hebdo

Play Episode Listen Later Mar 17, 2019 66:56


OSS for ever !Keeping Open Source Open – Open Distro for Elasticsearchhttps://aws.amazon.com/blogs/opensource/keeping-open-source-open-open-distro-for-elasticsearch/Supporting The Apache Software Foundationhttps://aws.amazon.com/blogs/opensource/supporting-apache-software-foundation/On "Open" Distros, Open Source, and Building a Companyhttps://www.elastic.co/blog/on-open-distros-open-source-and-building-a-companyAWS intends for their new project to be an Elasticsearch forkhttps://www.influxdata.com/blog/aws-intends-for-their-new-project-to-be-an-elasticsearch-fork/Free Software is the only winner in Elastic NV vs AWShttps://medium.com/@adamhjk/free-software-is-the-only-winner-in-elastic-nv-vs-aws-9416f2a0a7f5Redis Labs drops Commons Clause for a new licensehttps://www.zdnet.com/article/redis-labs-drops-commons-clause-for-a-new-license/HardwareNouvelles instances General Purpose avec des processeurs haut de gammehttps://blog.scaleway.com/2019/instances-general-purpose-haut-de-gamme/GPU Instanceshttps://www.scaleway.com/gpu-instances/NVIDIA to Acquire Mellanoxhttps://news.developer.nvidia.com/nvidia-to-acquire-mellanox/#10. Benjamin Barthe - HPC aka High Performance Computinghttps://www.spreaker.com/user/guignol/ep10-benjamin-barthe-hpc-finalDivers Introducing the Continuous Delivery Foundation, the new home for Tekton, Jenkins, Jenkins X and Spinnakerhttps://opensource.googleblog.com/2019/03/introducing-continuous-delivery-foundation.htmlContinuous Delivery Foundation, with Tracy Mirandattps://kubernetespodcast.com/episode/044-continuous-delivery-foundation/Virtual tables are coming in Cassandra 4.0http://thelastpickle.com/blog/2019/03/08/virtual-tables-in-cassandra-4_0.htmlAnalytics Data Compute powered by Apache Sparkhttps://labs.ovh.com/analytics-data-computeLa veille technologique dans la Datahttps://blog.ippon.fr/2019/03/13/la-veille-techno-dans-la-data/-------------------------------------------------------------http://www.bigdatahebdo.com https://twitter.com/bigdatahebdoVincent : https://twitter.com/vhe74 et http://blog.affini-tech.comNicolas : https://www.cerenit.fr/ et https://twitter.com/_CerenIT et https://twitter.com/nsteinmetz Jérôme : https://twitter.com/jxerome et https://www.zeenea.comAlexander : https://twitter.com/alexanderDejaCette publication est sponsorisée par Affini-Tech ( http://affini-tech.com https://twitter.com/affinitech )On recrute ! venez cruncher de la data avec nous ! écrivez nous à recrutement@affini-tech.com-----------------------------------------

Bigdata Hebdo
Episode 69 : Le dilemme de Batman

Bigdata Hebdo

Play Episode Listen Later Mar 17, 2019 66:56


OSS for ever !Keeping Open Source Open – Open Distro for Elasticsearchhttps://aws.amazon.com/blogs/opensource/keeping-open-source-open-open-distro-for-elasticsearch/Supporting The Apache Software Foundationhttps://aws.amazon.com/blogs/opensource/supporting-apache-software-foundation/On "Open" Distros, Open Source, and Building a Companyhttps://www.elastic.co/blog/on-open-distros-open-source-and-building-a-companyAWS intends for their new project to be an Elasticsearch forkhttps://www.influxdata.com/blog/aws-intends-for-their-new-project-to-be-an-elasticsearch-fork/Free Software is the only winner in Elastic NV vs AWShttps://medium.com/@adamhjk/free-software-is-the-only-winner-in-elastic-nv-vs-aws-9416f2a0a7f5Redis Labs drops Commons Clause for a new licensehttps://www.zdnet.com/article/redis-labs-drops-commons-clause-for-a-new-license/HardwareNouvelles instances General Purpose avec des processeurs haut de gammehttps://blog.scaleway.com/2019/instances-general-purpose-haut-de-gamme/GPU Instanceshttps://www.scaleway.com/gpu-instances/NVIDIA to Acquire Mellanoxhttps://news.developer.nvidia.com/nvidia-to-acquire-mellanox/#10. Benjamin Barthe - HPC aka High Performance Computinghttps://www.spreaker.com/user/guignol/ep10-benjamin-barthe-hpc-finalDivers Introducing the Continuous Delivery Foundation, the new home for Tekton, Jenkins, Jenkins X and Spinnakerhttps://opensource.googleblog.com/2019/03/introducing-continuous-delivery-foundation.htmlContinuous Delivery Foundation, with Tracy Mirandattps://kubernetespodcast.com/episode/044-continuous-delivery-foundation/Virtual tables are coming in Cassandra 4.0http://thelastpickle.com/blog/2019/03/08/virtual-tables-in-cassandra-4_0.htmlAnalytics Data Compute powered by Apache Sparkhttps://labs.ovh.com/analytics-data-computeLa veille technologique dans la Datahttps://blog.ippon.fr/2019/03/13/la-veille-techno-dans-la-data/-------------------------------------------------------------http://www.bigdatahebdo.com https://twitter.com/bigdatahebdoVincent : https://twitter.com/vhe74 et http://blog.affini-tech.comNicolas : https://www.cerenit.fr/ et https://twitter.com/_CerenIT et https://twitter.com/nsteinmetz Jérôme : https://twitter.com/jxerome et https://www.zeenea.comAlexander : https://twitter.com/alexanderDejaCette publication est sponsorisée par Affini-Tech ( http://affini-tech.com https://twitter.com/affinitech )On recrute ! venez cruncher de la data avec nous ! écrivez nous à recrutement@affini-tech.com-----------------------------------------

The Cloudcast
AIOps for Security and Breach Protection

The Cloudcast

Play Episode Listen Later Mar 15, 2019 28:17


SHOW: 389DESCRIPTION: Brian talks with Adam Hunt (CTO and Chief Data Scientist at @RiskIQ) about the breadth of security breaches, how AI/ML can play a role if used properly, and immediate steps to improve protection for breaches.SHOW SPONSOR LINKS:Datadog Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirtCLOUD NEWS OF THE WEEKAWS Announced Open Distro for ElasticSearchhttps://aws.amazon.com/blogs/opensource/keeping-open-source-open-open-distro-for-elasticsearch/Rebuttals or Commentary on Open Distro for ElasticSearch https://www.elastic.co/blog/on-open-distros-open-source-and-building-a-companyhttps://thenewstack.io/what-the-fork-amazon/https://www.influxdata.com/blog/aws-intends-for-their-new-project-to-be-an-elasticsearch-fork/https://redmonk.com/sogrady/2019/03/15/cloud-open-source-powder-keg/Continuous Delivery Foundation launched by Linux Foundationhttps://devops.com/the-linux-foundation-launches-continuous-delivery-foundation/VC Investment in the Service Mesh spaceBouyant ($10M) Tetrate ($12.5M) SHOW INTERVIEW LINKS:RiskIQ - https://www.riskiq.com/Onboard Machine Learning Like a Junior Engineer - https://www.kdnuggets.com/2018/04/onboarding-machine-learning.htmlSHOW NOTES:Topic 1 - Welcome to the show. You have quite an interesting and impressive background. Can you talk a little bit about your work in academia prior to RiskIQ, and then what drew you to this space?Topic 2 - RiskIQ focuses on helping companies mitigate massive security attacks. For people that don’t live in the security domain, can you give us a sense of what one of these attacks and breaches look like? Topic 3 - Can you give us a sense of how many of these massive attacks are utilizing new techniques, or is it variants of existing techniques, or just old techniques looking for new (vulnerable) targets? And are there tools to help companies understand how to prioritize against these? Topic 4 - Where are we in the industry in terms of the intersection of security best practices that IT teams can control, and when ML-driven capabilities can augment for more proactive security? Topic 5 - What are some of the things that you’re recommending to companies that are helping to make immediate impacts to them preventing or reducing massive breaches? Feedback?Email: show at thecloudcast dot netTwitter: @thecloudcastnet and @ServerlessCast

Software Defined Talk
Episode 170: Look what you made me do Elasticsearch

Software Defined Talk

Play Episode Listen Later Mar 15, 2019 61:14


Look what you made me do Elasticsearch NGINX gets bought, AWS and Elasticsearch are fighting, and why are there so many tech foundations? All this and more on this week’s episode. Plus, Matt Ray tells us how he survived the Facebook outage. Relevant to your interests NGINX to Join F5 (https://www.nginx.com/blog/nginx-joins-f5/) Keeping Open Source Open – Open Distro for Elasticsearch (http://ttps://aws.amazon.com/blogs/opensource/keeping-open-source-open-open-distro-for-elasticsearch/) Free Software is the only winner in Elastic NV vs AWS (https://medium.com/@adamhjk/free-software-is-the-only-winner-in-elastic-nv-vs-aws-9416f2a0a7f5) Introducing the Continuous Delivery Foundation, the new home for Tekton, Jenkins, Jenkins X and Spinnaker (https://opensource.googleblog.com/2019/03/introducing-continuous-delivery-foundation.html) The Linux Foundation Launches New CommunityBridge Platform to Help Sustain Open Source Communities - The Linux Foundation (https://www.linuxfoundation.org/press-release/2019/03/the-linux-foundation-launches-new-communitybridge-platform-to-help-sustain-open-source-communities/) Senator Warren (https://medium.com/@teamwarren/heres-how-we-can-break-up-big-tech-9ad9e0da324c)’s (https://medium.com/@teamwarren/heres-how-we-can-break-up-big-tech-9ad9e0da324c) Here’s how we can break up Big Tech (https://medium.com/@teamwarren/heres-how-we-can-break-up-big-tech-9ad9e0da324c) Stratechery’s Response (https://stratechery.com/2019/where-warrens-wrong/) Application Lifecycle Management (ALM), Requirements Management, QA Management | Polarion Software (https://polarion.plm.automation.siemens.com/) Introducing Firefox Send, Providing Free File Transfers while Keeping your Personal Information Private (https://blog.mozilla.org/blog/2019/03/12/introducing-firefox-send-providing-free-file-transfers-while-keeping-your-personal-information-private/) Five Acquisitions You May Have Missed - IT Jungle (https://www.itjungle.com/2019/03/13/five-acquisitions-you-may-have-missed/) Node.js and JS foundations are merging to form OpenJS (https://venturebeat.com/2019/03/12/node-js-and-js-foundations-are-merging-to-form-openjs/) Nonsense United States citizens will need a visa to visit Europe starting in 2021 (https://www.cnn.com/travel/amp/us-citizens-need-visas-to-visit-europe-in-2021/index.html) LaCroix CEO blames poor sales on insecticide lawsuit, calls it "injustice (https://www.axios.com/lacroix-ceo-sales-insecticide-lawsuit-a9148037-5966-4526-8294-133f644230ab.html)” Amazon stops selling Dash buttons, goofy forerunners of the connected home (https://www.cnet.com/news/amazon-stops-selling-dash-buttons-goofy-forerunners-of-connected-home/?utm_source=Benedict%27s+newsletter&utm_campaign=a333b6b622-Benedict%27s+Newsletter_COPY_01&utm_medium=email&utm_term=0_4999ca107f-a333b6b622-70424493) Scientists have discovered a shape that blocks all sound–even your co-workers (https://www.fastcompany.com/90316833/scientists-have-discovered-a-shape-that-blocks-all-sound-even-your-co-workers) Sponsors Solarwinds AppOptics To learn more or try it free for 14 days visit http://appoptics.com/sdt. Conferences, et. al. ALERT! DevOpsDays Discount - DevOpsDays MSP (https://www.devopsdays.org/events/2019-minneapolis/welcome/), August 6th to 7th, $50 off with the code SDT2019 (https://www.eventbrite.com/e/devopsdays-minneapolis-2019-tickets-51444848928?discount=SDT2019). Mar 21st to 2nd, 2019 (https://springonetour.io/2019/amsterdam) - SpringOne Tour Amsterdam. Get €50 off ticket price of €150 with the code S1Tour2019_100. ChefConf 2019 (http://chefconf.chef.io/) May 20-23. Matt’s speaking! ChefConf London 2019 (https://chefconflondon.eventbrite.com/) June 19-20 Get a Free SDT T-Shirt Write an iTunes review of SDT and get a free SDT T-Shirt. Write an iTunes Review on the SDT iTunes Page. (https://itunes.apple.com/us/podcast/software-defined-talk/id893738521?mt=2) Send an email to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and include the following: T-Shirt Size (Only XL remain), Preferred Color (Gray, Black) and Postal address. First come, first serve. while supplies last! Can only ship T-Shirts within the United State Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send Job of the week Magento Sr. Product Marketing Manager (https://adobe.wd5.myworkdayjobs.com/en-US/external_experienced/job/Austin/Magento-Sr-Product-Marketing-Manager_70782?src=themuse) SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you a free laptop sticker! Follow us on Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/) or LinkedIn (https://www.linkedin.com/company/software-defined-talk/) Listen to the Software Defined Interviews Podcast (https://www.softwaredefinedinterviews.com/). Check out the back catalog (http://cote.coffee/howtotech/). Brandon built the Quick Concall iPhone App (https://itunes.apple.com/us/app/quick-concall/id1399948033?mt=8) and he wants you to buy it for $0.99. Recommendations Brandon: Plug (https://www.amazon.com/gp/product/B00S0C7QO8/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1)g (https://www.amazon.com/gp/product/B00S0C7QO8/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1)able Active DisplayPort to HDMI 2.0 Adapte (https://www.amazon.com/gp/product/B00S0C7QO8/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1)r (https://www.amazon.com/gp/product/B00S0C7QO8/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1) Matt: Test Kitchen/Vagrant Remote Shell and File Editing with Emacs' TRAMP Mode (https://mattray.github.io/2019/03/11/vagrant-and-emacs-tramp-mode.html)

Kubernetes Podcast from Google
Continuous Delivery Foundation, with Tracy Miranda

Kubernetes Podcast from Google

Play Episode Listen Later Mar 12, 2019 21:22


Today Google and CloudBees, along with 20 other companies, launch the Continuous Delivery Foundation (CDF). Tracy Miranda is the Director of Open Source Community at CloudBees, who coordinated donating Jenkins and Jenkins X to the CDF. She talks to Adam and Craig about why it the CDF been formed, and what to expect in this space in the future. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week John Wilkes’ series of simulations Kubernetes Podcast from Google Cloud Next - live show at Google Cloud Next! News of the week Continuous Delivery Foundation Tekton Red Hat introduces Quarkus Web site and GitHub GraalVM Give-me-Gin-and-Tonic The service mesh era: Using Istio and Stackdriver to build an SRE service How Red Hat are changing deployment topology in OpenShift 4 Quickfire container security news: StackRox won an award for Best Emerging Technology from SC Media Alcide won the Breakout Cloud Security infosec award from Cyber Defense Magazine Capsule8 made it into the RSA innovation sandbox Aqua 4.0 now does function vulnerability scanning Twistlock 19.03 adds host forensics and runtime self-protection functionality for VMs SSH.com extended their tech to manage SSH keys for containers CNCF joins Google Summer of Code Fill out the State of DevOps Report Read last year’s results Links from the interview CloudBees Kohsuke Kawaguchi The population of Greece Jenkins Jenkins X Throwing an X Throwing an axe Tekton Spinnaker Continuous Delivery Summit at KubeCon EU in May CDF members Fastlane, continuous delivery for mobile, is on Tracy’s wishlist Tracy Miranda on Twitter or at tracymiranda.com

Les Cast Codeurs Podcast
LCC 204 - Silicon Valley, ton univers impitoyable

Les Cast Codeurs Podcast

Play Episode Listen Later Feb 10, 2019 98:14


Dans cet épisode, les voisins d’Arnaud ont essayé de le réduire au silence tandis qu’Antonio tentait de faire taire Audrey. Les voisins d’Arnaud ont gagné grâce à la perceuse, mais Antonio, lui, a perdu. Résultat : un épisode news où deux cast codeurs et demi discutent de l’actualité de vos languages et frameworks préférés, mais aussi de l’actualité des géants de la tech, et ça, c’est pas toujours joli. Enregistré le 8 février 2019 Téléchargement de l’épisode LesCastCodeurs-Episode–204.mp3 News Langages JDK 11.0.2 General-Availability Release + JDK 12 RC GraalVM 1.0-RC11 * GraalVM with Groovy and Grape - creating native image of a standalone script Go 1.11.5 and Go 1.10.8 are released * Un livre blanc pour démarrer en GO Frameworks Spring Framework 5.1.4, 5.0.12 and 4.3.22 available now How Fast is Spring? Et la suite : Manual Bean Definitions in Spring Boot Netflix OSS and Spring Boot — Coming Full Circle Middleware JHipster release v5.8.0 Micronaut 1.0.4 Infrastructure The future of Kubernetes is Virtual Machines L’article de Laurent Doguin sur le problème d’isolation des containers Web Node v11.8.0 Angular 7.2.0 Angular CLI 7.2 et Angular CLI 7.3 Vue 2.6 released Lightning-fast templates & Web Components: lit-html & LitElement React v16.8: The One With Hooks Google Play Store now open for Progressive Web Apps Browser diversity starts with us. Le bloqueur de pubs de Chrome va être déployé globalement Data Infinispan 10.0.0 Alpha3 and 9.4.6 final Outillage Spring Framework’s Migration from Jira to GitHub Issues Spring Boot in Visual Studio Code Travis CI joins the Idera family Jenkins crée et rejoint la Continuous Delivery Foundation au sein de la Linux Foundation GitLab 11.7 Gradle 5.2 Sécurité Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security Loi, société et organisation Oracle v. Google and the future of software development AWS vs l’Open Source, la suite AWS gives open source the middle finger AWS, MongoDB, and the Economic Realities of Open Source Première amende pour non conformité au RGPD, de 50 millions d’euros à l’encontre de Google Premiere sanction contre Google suite à nos plaintes collectives La formation restreinte de la CNIL prononce une sanction de 50 millions d’euros à l’encontre de la société GOOGLE LLC Facebook continue à se distinguer … Zuckerberg Plans to Integrate WhatsApp, Instagram and Facebook Messenger Apple says it’s banning Facebook’s research app that collects users’ personal information Facebook paid people to gather data on usage habits … et il n’est pas le seul : Google will stop peddling a data collector through Apple’s back door Article 13 is back on – and it got worse, not better Conférences DevFest Du Bout du Monde le 22 février 2019 ConFoo Montreal 2019 du 13 au 15 Mars 2019 Breizh Camp du 20 au 22 mars 2019 Greach (Madrid) du 28 au 30 Mars 2019 Devoxx France du 17 au 19 avril 2019 - sold out VoxxedCERN le 1er mai 2019 Riviera Dev du 15 au 17 mai 2019 NCrafts les 16 et 17 mai 2019 Mix-it les 23 et 24 mai 2019 BestOfWeb les 6 et 7 juin 2019 DevFest Lille le 14 juin 2019 - Le CfP est ouvert. Voxxed Days Luxembourg les 20 et 21 juin 2019 - le CfP est ouvert. Sunny Tech les 27 & 28 juin 2019 à Montpellier - Le CfP est ouvert. Nous contacter Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Faire un crowdcast ou une crowdquestion Contactez-nous via twitter https://twitter.com/lescastcodeurs sur le groupe Google https://groups.google.com/group/lescastcodeurs ou sur le site web https://lescastcodeurs.com/