Continuous Delivery Foundation / cdCon 2020

A CI/CD Framework for Production Machine Learning at Massive Scale (using Jenkins X and Seldon Core) - Alejandro Saucedo, Seldon

Managing production machine learning systems as internal data science infrastructure requirements grow, has uncovered new challenges which have required fundamentally different approaches to that of traditional CI/CD in software engineering. In this talk we will dive into the work we are doing at the SIG-MLOps and the CD Foundation towards developing the methodoloties that encompass best practices to continuously integrate and deploy machine learning in production at massive scale. In this talk we'll provide key insights on the core MLOps concepts, as well as a hands on coding example where we take a text classificaiton model through its training, deployment and promotion as canary and shadow deployments, which will also allow us to get deeper and more specific insight on our production environment.

Automated Verification of Deployments for Risk Assessment - Gopinath Rebala , OpsMx

Safe and reliable deployments are critical for continuous delivery of application services. Time taken to detect an issue has direct impact on bottom line. Web scale companies like Netflix practiced deployment strategies like canary deployments and blue/green deployments and use statistical techniques to determine problems before they cause an outage and improve the MTTR in case of an outage. In this talk we will present an automated verification model combined with canary and blue/green deployments in Spinnaker pipelines. We will present the usefulness of the models in verification of performance and functionality of deployments using metrics and logs generated in distributed microservice environment for identifying problems in deployments.

CI/CD Agility and Controlling Pipeline Sprawl - Angel Rivera , CircleCI

The adoption of CI/CD has automated the process of how DevOps teams build, test, and deliver software at rapid speeds and with high confidence. Although CI/CD platforms offer many benefits, in the attempt to make sophisticated pipelines, many teams run into the issue of “Pipeline Sprawl”. Pipeline sprawl makes it difficult for DevOps teams to identify and reuse common execution patterns which diminishes their ability to efficiently ship new code. In this talk, Angel will discuss the common pain points associated with existing CI/CD platforms. The talk will pull in examples from his recent experience and conversations with DevOps teams from across the open source community, startups, and large enterprises. Attendees will learn technical strategies to develop pipeline configurations that diminish potentially costly vendor-lock in.

CI/CD as a Product - Garima Bajpai, Capital Carbon Consulting

During this talk, I will reflect on my thoughts on decoding the importance of next-generation CI/CD pipeline. Without dwelling too much on the basics, the key priority for them will influence the next-generation value ecosystem for CICD features. Some of the key factors would be: CxOs are suggesting to consider business need to be producing features which are more than just a faster, more efficient version of everything, making sure next-generation data capabilities are part of the ecosystem and bridging the multi-cloud and on-premise cloud stack takes priority to integrate edge, cloud and compute capabilities.

These factors will craft the next-generation features for the CICD pipeline. In order to align the features with the value ecosystem, here are some suggestions:

Treat CICD as a product group
The product group must have incremental features aligned with the key CxO priorities
Embed unified value tracking into the CICD pipeline to steer the right investments
Invest in traceability, audit and vulnerability management

When you start treating CICD as a product group, it is essential to define the “north star” for the product group, create a leader’s action plan, map the people of the product group and eventually accelerate the new charter.”

CI/CD with Open Source Screwdriver - Jithin Emmanuel & Tiffany Kyi, Verizon Media

Now part of the Continuous Delivery Foundation, Screwdriver is an open source CICD platform, originally created and open sourced by Yahoo/Verizon Media. At Yahoo/Verizon Media, Screwdriver is used to run more than 60,000 software builds every day. Yahoo! Japan also uses and contributes to Screwdriver. In this session, core contributors to Screwdriver will provide an overview of its features and capabilities, and how it is used at scale covering use-cases across Mobile, Web applications and Library development across various programming languages.

Case Study: How Yahoo! JAPAN Uses and Contributes to Screwdriver at Scale - Hiroki Takatsuka & Jithin Emmanuel, Yahoo Japan Corporation

Key users and contributors from Yahoo! Japan will share how they use and contribute to Screwdriver, an open source build platform designed for Continuous Delivery, at scale. Several topics will be covered including: architecture, use cases, usage stats, customization, operational tips, and collaborating directly with Verizon Media's Screwdriver team to constantly evolve Screwdriver.

Looking for something specific?
0:00 Introduction
0:54 What is Screwdriver?
2:44 About Yahoo! Japan
3:17 How are they using Screwdriver
4:29 Deploy Screwdriver with itself
5:15 Internally distributing mobile app
5:54 Teams and responsibilities
6:50 Architecture (Jenkins, Screwdriver, Kubernetes, ...)
7:46 Build cluster specs
8:28 Logging, monitoring, alerting
9:15 Monitoring dashboard
10:07 Experimental SLO "queued time"
11:10 CRE Teams User Support
12:01 Internal documentation
12:34 Customization of Screwdriver for users
13:24 Collaborating with Verizon Media
14:26 Contributing to Screwdriver
15:55 Conclusion


SUBSCRIBE CDF CHANNEL ►► https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

Cloud Native CD Pipelines with Tekton - Andrea Frittoli, IBM

Tekton is an open-source project for building cloud-native CI/CD pipelines and systems. It provides reusable and lightweight building blocks, such as tasks, that embody best practices. Tekton, hosted by the CD Foundation, aspires to be the common denominator in CI/CD.
Tekton gives developers full flexibility in how to set up their workflows.
In this talk, we will present how to get started authoring cloud-native delivery pipelines; we will dig into the Tekton resources used to implement the CD pipelines that build, release, and deploy Tekton itself.

Intro: (0:00)
What is Tekton: (0:25)
Plumbing: (5:38)
CD Pipelines: (8:00)
Demo: (14:13)
Lesson Learnt: (21:06)
Join us + References: (24:43)
Q&A: (25:15)

Conditional Constructs to the Rescue - Priti Desai, IBM & Jerop Kipruto, Google

What do you do when your CI/CD use case is a bit more complicated than a simple build, test, deploy? What about when you want to build from a GitHub repo but only for a specific branch, deploy only if an image exists in the registry, or cleanup even when things fail?

Being able to express your CI/CD pipelines as a directed acyclic graph (DAG) is powerful, but when you want to add conditions into your pipeline or take action even when things fail, it gets more complicated. In Tekton, execution order has historically been controlled by expressing dependencies between tasks in a pipeline, or by explicitly specifying the order.

In this session, we’ll take a look at how to express conditional behavior across several major CI/CD tools, and take a deep dive into how to use conditional constructs with Tekton:

Efficiently guard execution of a task with When Expressions
Reimagine the DAG with Finally

Continuous Deployment - The Last Frontier for Continuous Delivery - Fernando Ike , Zup Innovation

What is the strategy for implementing new versions of a new version application? Continuous Deployment not only automates the deploy, it’s beyond when aligned for the product and services lifecycle. Continuous Deployment as part of Continuous Delivery becomes valuable to test and experiment in production that can’t test in not production environments. Choosing what’s the better strategy for each type organization, budget or departments means to know what’s the main deploy strategies, when possible to use any of them, pros and cons. It’s a talk to dive for the most deploy strategies

Continuous Integration; Tips & Tricks - Paul Dragoonis , Independent Consultant

In this session Paul is going to share with you his tips & tricks learned when building top quality CI pipelines for large organizations such as the UK Government, banks and the private sector. Using Continuous Integration already? Whether you're a beginner or CI ninja, you'll gain value from this session as we cover a broad range of topics. We'll look at how we can leverage tools like Docker, Jenkins, AWS to truly push CI pipelines to the limit. After this session, you'll walk away with new ideas, new tools, and lots of real-world experience, for you to take with you into your journey of continuous integration.

Dailymotion's Continuous Delivery Story - Vincent Behar, Dailymotion

In this session, Vincent will share Dailymotion's Continuous Delivery story with Jenkins, Jenkins X and Tekton. He will come back on the initial state and issues faced on the CI/CD topic, and how it was solved. He will insist on the practices that were put in place and the benefits that resulted from switching to Jenkins X. He will conclude with the new challenges brought by improving Dailymotion's Continuous Delivery platform. If you are wondering if Jenkins X is the right tool for you, and the impact it can have on your team(s), then this is the right session for you!

Looking for something specific?
0:00 Introduction
0:57 What are the issues?
2:19 What can be done?
3:46 How to do it? Jenkins X + Kubernetes
4:24 Why Jenkins X?
6:02 Practices first
7:27 Jenkins X practices (incl. GitOps)
9:44 Benefits
13:01 Preview environment benefits
15:38 Results
16:57 New challenges
17:49 Conclusion
19:15 Q&A

SUBSCRIBE CDF CHANNEL ►► https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

DevOps Patterns and Antipatterns for Continuous Software Updates - Baruch Sadogursky, JFrog

So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possibly go wrong?

In this talk, we’ll analyze real-world software update fails and how multiple DevOps patterns, that fit a variety of scenarios, could have saved the developers. Manually making sure that everything works before sending an update and expecting the user to do acceptance tests before they update is most definitely not on the list of such patterns.

Join us for some awesome and scary continuous update horror stories and some obvious (and some not so obvious) proven ideas for improvement and best practices you can start following tomorrow.

0:00 Intro
0:12 Why do we need software updates?
3:38 Most Important Slide (Shownotes)
4:17 Updating Faster
6:00 Why do we update?
8:00 Why is quality assurance hard?
11:43 Tips to build trust
16:14 Continuous over-the-air updates
19:00 Updating servers
22:38 Do Progressive Delivery
25:21 Lessons: Don't do like Cloudflare
27:00 Liquid Vision
27:56 Corner Cases

Enable a Pipeline As Code Capability for 12,000 Developers - Jimmy McNamara & Aoife Fitzmaurice, Fidelity Investments

Aoife Fitzmaurice and Jimmy McNamara take us through a journey on how Fidelity Investments plan to roll out a Pipeline As Code capability to 12,000 developers. Leveraging cloud based kubernetes platforms to ensure best operational outcomes the team is driven to enable this best practice capability across Fidelity. This capability is key to assisting the growth of both an innersourcing and open-sourcing culture throughout the firm.

Looking for something specific?
0:00 Introduction
1:16 Who's Fidelity?
2:21 Enabling ALM for the Enterprise
4:47 Principle for enabling a pipeline platform
5:36 Traditional vs DevOps Teams
7:04 Key principles
8:13 Measuring DevOps
9:15 Enabling value through self-service model
10:10 Reference Architecture
12:45 Pattern based pipeline as code model
14:48 Culture and challenges
15:22 Managing scale through Automation of DevSecOps
16:34 Lessons learned
17:31 Partner communication
19:04 Q&A

SUBSCRIBE CDF CHANNEL ►► https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

Event-based Continuous Delivery: The End of the Monolithic Pipeline - Andreas Grabner , Dynatrace

While software architects have broken their monoliths into event-driven service architectures, many pipeline architects still try to apply a monolithic pipeline approach to deliver these new architectures. This results in constantly outdated pipeline code, tight integration of process and tools, lengthy diagnostics sessions to fix broken pipelines and puts strains on the underlying resources that build, deploy, test and validate. In this presentation we introduce a new approach: Event-based Continuous Delivery which decouples the declaration of processes from tooling. It uses a “everything as code” approach which includes deployment, testing, quality gate, observability and promotion definitions. By breaking your existing monolithic pipelines into smaller tasks this approach allows you to reuse your existing investment!

Getting Started with OpenTelemetry - Ted Young, Lightstep

This talk introduces OpenTelemetry to developers and operators. First, learn about each open telemetry component, the core concepts, and how they all fit together to provide flexible and robust observability. Second, learn the easiest way to set up and deploy opentelemetry across your entire system.

Heard of JCasC and Not Sure Where to Start? Let me Help You! - Ewelina Wilkosz, Eficode

One of the goals of Jenkins Configuration as Code plugin is that it should make it easier to maintain your Jenkins setup. But before it gets easier some initial effort is required.

During this presentation I'll show you a very basic setup I use to quickly spin up new Jenkins instances, whenever I need one. I will also share some tips and tricks you'll be happy to know. We'll use docker, jenkins and utilize GitHub Actions as a quick way to build... Jenkins!

How CloudBees CI Brings Enterprise Scale to Jenkins - Doug Tidwell, CloudBees

With more than 70% market share, Jenkins is the #1 technology in the CI space. But how do you make it scalable and manageable? What about governance and compliance? In this video, you'll see how CloudBees CI solves those problems.

How Spinnaker is Shaping Delivery Excellence at SAP - Serge Poueme & Mohamed Bakr, SAP

Serge Poueme, a Site Reliability Engineer, along with his colleague, Jessie Metivier, a User Assistance Developer, share how they’re leveraging Spinnaker at SAP. Join them as they uncover why they chose Spinnaker as their CI/CD hero, the architecture they’ve designed, and of course, how it’s allowed their company to push projects quickly to the cloud! In their talk, they will also showcase how they integrate Spinnaker with their current DevOps tools and build starterkits for internal teams — zeroing in on a team that now confidently ships code with Spinnaker!

Looking for something specific?
0:00 Introduction
0:48 Journey towards CI/CD
1:18 Why Spinnaker?
3:21 Several iterations
4:20 Company numbers
4:46 Spinnaker performance
4:57 Struggles before Spinnaker
6:30 How Spinnaker helps
8:34 Example deployment of agent operator
10:20 Spinnaker for application deployment
11:40 Deployment pipeline
14:41 How SRE supports these projects
14:58 Architectural overview (Jenkins, Spinnaker, Kubernetes)
15:58 Spinnaker landscape
18:09 Implementing Spinnaker
20:23 Self-service API
21:20 CD Starter-kit
22:52 Thank you/Contact
23:03 Q&A


SUBSCRIBE CDF CHANNEL ►► https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

How the Tekton Community is Driving its Growth and Adoption - Adam Roberts, IBM

Adam's been a familiar figure in the Tekton community since it started, coming out of knative-build, so has been able to see it grow and develop rapidly. As a Tekton Dashboard maintainer, and someone that's involved in Tekton everyday, Adam's looking to use this platform to highlight that not only is the project itself awesome, but the community is helping to drive its growth and adoption. Adam's specifically referring to the "not just on GitHub" events that regularly occur and will be providing particular examples and insights into what makes the community project something special.

How the Tekton Community is Driving its Growth and Adoption - Adam Roberts, IBM

Adam's been a familiar figure in the Tekton community since it started, coming out of knative-build, so has been able to see it grow and develop rapidly. As a Tekton Dashboard maintainer, and someone that's involved in Tekton everyday, Adam's looking to use this platform to highlight that not only is the project itself awesome, but the community is helping to drive its growth and adoption. Adam's specifically referring to the "not just on GitHub" events that regularly occur and will be providing particular examples and insights into what makes the community project something special.

How to Clean Up Your DevOps Dumping Ground - Melissa Sussmann, Puppet

As the automation surface area grows to accommodate hundreds of interconnected APIs on the cloud, developers are using their own, home-grown “digital duct tape” to manage a growing “DevOps dumping ground”. For a lot of organizations, home-grown glue logic is inconsistent, not repeatable, and expensive to maintain hundreds of event-based workflows and thousands of combinations. We believe that the answer lies in automation workflows. In particular, workflows-as-code that can be triggered by events. We want to replace engineers’ home-grown digital duct tape with reusable, event-driven workflows.
In an effort to deal with ad-hoc deployments and devops infrastructure CI/CD management, many devs try to create their own one-off automation tools or integration hubs, usually per team or per project.
Examples include:

Using Lambda and writing functions for EC2 management tasks
Running scheduled jobs for EBS cleanup
Repurposing a CI/CD tool like Jenkins for incident response workflows

But this “dumping ground” current approach is Inefficient, expensive, and risky.

Inefficient because work is done as one-offs that last forever, no reusability or repeatability
Expensive because spending time building tools and integrations aren’t directly delivering customer value
Risky because sidestepping governance to get stuff done can lead to exposure and failures

This presentation from Melissa Sussmann at Puppet gives viewers a peek into the beta version of Relay, a product for managing containerized apps. This presentation goes over what the team has learned in the process of working on Relay, the underpinnings of the product, and demonstrates a few example workflows to help you save time and money.

Introduction to Spinnaker on Kubernetes - Marky Jackson , OpsMX

Spinnaker is an open-source, multi-cloud deployment tool for releasing software changes reliably. You can deploy and automate your application release across multiple cloud environments including Kubernetes, AWS EC2, Google Computer Engine, Google App Engine, Microsoft Azure, and many more. In this session, we will focus on the installation of Spinnaker in a Kubernetes cluster using Halyard. Halyard is a command-line administration tool that manages the lifecycle of your Spinnaker deployment, and it's a recommended way to install, configure, and update Spinnaker.

Keynote Panel - End User Council - Moderated by John Mark Walker, Capital One; Yasemin Blanton, BMO Financial & Art Butler, Discover Financial Services

Watch continuous delivery practitioners and subject matter experts discuss lessons learned from years of technology modernization in highly regulated, large enterprises. Cloud, open source, and devops have combined to form the basis of technology modernization, but spoiler alert: it's not just about the technology. The platforms and tooling are maturing, but bringing about organizational change requires relationship-building and other under-utilized "soft skills".

For more information on the End User Council, including dates and time for future meetings, check out cd.foundation/end-user-council/

Looking for something specific?
0:00 Introduction
4:36 Why this panel?
5:04 How does open-source software affect decisions?
9:31 How has cloud-computing helped you and affected agility within the enterprise?
14:12 What strategies are useful to get people on board with new technologies?
19:00 What helps create the initial partnership to build on?
26:16 What's the right approach for growth in the early stages?
30:45 How do you define success?
35:00 When do you decide to scratch an idea and go back to the beginning?
39:40 Thank you

SUBSCRIBE CDF CHANNEL ►►https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

Keynote Session Sponsored by CircleCI - Microservices: Just Another Tool in the Toolbox - Rob Zuber, CircleCI

In the world of software development, we love to have strong opinions about architecture. Monoliths are great. Microservices will fix everything. “Micro” is too small, you need macroservices. It goes on and on. How can so many smart people have such wildly different answers? Can it mean anything except that there is no single right answer?

In this talk, CircleCI CTO Rob Zuber will discuss why context is everything, how to evaluate your options by returning to first principles, and why you should focus more on transition states than end states. Examples of CircleCI’s own architectural hits and misses will be reviewed with the lucidity of hindsight in order to discuss the decision-making tools and leadership approaches that could have improved the outcomes.

0:00 Intro
1:33 CircleCI's journey to Microservices
2:35 What problems do you need to solve?
3:47 Find the architecture for you today
5:50 Fitness Function
7:37 CircleCI's architectural values
11:07 Examples for reevaluating values
14:14 Summary: When to switch to Microservices?

Keynote Session Sponsored by JFrog - Best Practices In Implementing Container Image Promotion Pipelines - Baruch Sadogursky, JFrog

Surprisingly, implementing a secure, robust and fast promotion pipelines for container images is not as easy as it might sound. Automating dependency resolution (base images), implementing multiple registries for different maturity stages and making sure that we actually run in production containers from the images we intended can be tricky. In this talk, we will compare different approaches, compile a wish-list of features and create a pipeline that checks all the boxes using free and open-source tools.

Keynote Session Sponsored by Armory - Extending Jenkins with Spinnaker for a Multi-Target World - Isaac Mosquera, Armory

With the 3 major cloud providers battling it out for cloud dominance, we're left to reason through a dizzying array of new infrastructure and tools. What this means to your organization is that you're no longer deploying to 1 target (e.g. EC2, Bare Metal, PCF, Kubernetes, Lambda, Serverless), but now deploying to many targets. Jenkins is at the core of many CI/CD pipelines today, so we'll discuss how to pair Jenkins with Spinnaker for a multi-target world.

0:00 Intro
0:50 Armory's Journey
7:55 What is a target?
8:52 How Jenkins works
10:45 Deploying with Spinnaker
13:20 What does a pipeline look like?
14:46 Using Spinnaker and Jenkins

Keynote Session - Safe at any Speed - How Progressive Delivery Eliminates Risk - Edith Harbaugh, LaunchDarkly

Continuous Delivery makes you go faster. Progressive Delivery helps you go faster, safer. Edith Harbaugh, CEO/co-founder of LaunchDarkly, the leading feature management platform, talks about how you can go as quick as you want, in a way that’s responsive, performant and compliant

Looking for something specific?
0:00 - Intro
2:05 - History (Waterfall)
8:13 - Continuous Delivery
9:14 - Progressive Delivery
10:02 - Two Core Ideas
11:05 - Use Cases
17:20 - Summary

SUBSCRIBE CDF CHANNEL ►►https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

Keynote Session -The Golden Goose: Scaling CD Platforms in the Enterprise Through Self-Service - Abby Kearns, Puppet

The concept of Continuous Delivery has been around for over a decade. Early adopters of CD have reaped the benefits of reduced cycle times coupled with greater stability and reliability. Yet CD is far from a “solved problem” with many organizations struggling to implement CD at scale (or at all!) due to organizational, process and technology challenges. Moreover, those that have implemented CD struggle to scale deployment pipelines and patterns while integrating security, compliance and change management requirements.
In the next decade, our industry is going to solve these problems. We’ll see old paradigms shift from rigid control-based approaches and new models emerge that enable DevOps agility at scale. Movements like DevSecOps, Platform Services, SRE and AIOps will evolve CD practices and shape technology delivery for years to come enabling enterprises to finally reach the mountaintop of true continuous delivery, at scale.

Keynote Session - The Past, Present and Future of Continuous Delivery - Tracy Miranda, Continuous Delivery Foundation, Christie Wilson, Google & Zainab Abubakar, She Code Africa

It is an exciting time to be in the CI/CD industry. We are delivering more software than ever before and at a rate and scale that we might not have imagined years ago. 15 years ago continuous integration and continuous delivery were not common practices but today they are the key differentiators for every industry, whether you are a releasing a new banking app or a new contact tracing app. Delivering software securely and speed matters to every aspect of modern life.

We have huge opportunities to innovate and advance continuous delivery adoption. Yet there are some challenges which make this difficult to do so. Being a relatively new industry, we often talk at cross purposes about terms and phrases – the same words mean vastly different things to different teams. The landscape is confusing, often impenetrable to newcomers and changing habits to adopt emerging practices sometimes feels overwhelming to teams.

In this talk, we will look at the origins of continuous delivery, how it has evolved to present day and where it is going. We will also talk about the role open source communities will play to make continuous delivery simpler yet more innovative, widespread yet inclusive and faster yet still secure.

Intro: (0:00)
Christie Wilson (Past): (0:28)
Tracy Miranda (Present): (5:49)
Zainab Abubakar (Future): (16:02)
Conclusion: (22:27)

Lighting Talk - Deploying, Managing and Securing Applications on Kubernetes Without Knowing Kubernetes - Bruno Andrade, Shipa

Deploying applications is not as easy as many teams expected and scaling the number of applications and users just adds to that complexity. During this talk, we will discuss a completely different way of doing that that will allow you to deploy, manage and secure applications without building and managing a single Kubernetes related object and YAML file

Lightning Talk - CD, Continuous Doughnuts - What Can Creating Doughnuts teach us about Continuous Delivery - Ravi Lachhman, Harness

Doughnuts are delicious and the perfect container of happiness. Going through the process of developing a new doughnut flavor can teach us a lot about continuous delivery. There are no Yelp Reviews for software applications [there should be]. What are the typical steps in creating a doughnut flavor vs a Continuous Delivery pipeline? Feedback is important in both doughnuts and software platforms. If we get this wrong, we might have a lot of stale doughnuts and tech debt to pay off. Let’s call this Continuous Doughnuts and find out!

Lightning Talk - DevOps @ Scale - The Challenge of Cloud Native Architecture - Tracy Ragan, DeployHub

As we move away from monolithic practices and venture into cloud native architecture running Kubernetes and microservices, we find ourselves needing to push changes across the pipeline faster than ever before. Our DevOps practices will need to evolve and scale to support a much faster paced CD process supporting a continually changing run-time environment. This lighting talk will identify old habits and bottlenecks that prevent DevOps teams from achieving 100% business agility. What must be understood is that in this new world we no longer have the luxury of time to tweak brittle scripts, and sort through logs. Automation and visibility will be essential in the future Continuous Delivery pipeline and DevOps practice.

Lightning Talk - Speeding up your CI/CD Approvals and Risk assessments with Machine Learning: An Overview - Gopal Dommety, OpsMx

As Enterprises are implementing Continuous Delivery, it has been observed that Approval Gates and Risk Assessments are mostly manual processes. In this talk, we will discuss the time it takes for risk assessment and approvals, and how the use of data & machine learning can greatly reduce these times.
We will introduce OpsMx Autopilot- an intelligent continuous verification platform that works with your CI/CD Platforms, such as Jenkins, Spinnaker, ArgoCD, and Kubernetes. Autopilot will help CD implementers to gain control of their production deployments and help answer the above questions.
about: Gopal Dommety is the CEO of OpsMx. OpsMx was founded with the vision of “delivering applications with no human intervention". OpsMx Enterprise for Spinnaker, a multi-cloud, and cloud-native Continuous Delivery Platform, is trusted by many Fortune-100 enterprises.Previously he was the CEO of N42 and held senior roles at Cisco.Gopal studied Computer Science at IIT (Kharagpur), Finance & Public Policy at Stanford University, and obtained Ph.D in Large Scale Distributed Systems from Ohio State University. He was awarded 61 US Patents and designed widely deployed and popular Internet Protocols.

Managed Releases with Spinnaker - Nirmalya Sen , OpsMx

Spinnaker is a continuous delivery platform for releasing software changes with high velocity and confidence. But what if you are not doing continuous delivery? What if you are doing managed releases where the release manager based on lot of organizational and business criteria decides when to release, what to release. Can they use Spinnaker? In this talk, Nirmalya will show case how you can adopt Spinnaker's continuous delivery features to be able to make managed releases.

Measuring DevOps - Dina Graves Portman, Google

Software metrics often pit different functions against each other and result in local optimizations at the cost of overall outcomes. Google’s research has developed and validated four metrics that provide a high-level systems view of software delivery and performance and predict an organization’s ability to achieve its goals. Accurate collection of the data required to measure the four key metrics can be time consuming, error prone, and incomplete. This session will introduce some automation with Google Cloud Platform that automates the generation and collection of the metrics required to measure the four key software delivery performance metrics.
Slides (PDF): https://static.sched.com/hosted_files/cdcon2020/c0/Measuring%20DevOps%20-%20cdCon%20-%20DinaGravesPortman.pdf

Intro: (0:00)
What's DevOps?: (0:30)
What does DevOps do?: (1:28)
Key metrics: (2:26)
Four Keys Infrastructure: (4:43)
Metrics: (6:28)
How does Tekton fit in?: (10:26)
Demo: (10:42)
Tekton Challenge: (16:24)
Four Keys Dashboard: (18:18)
Try it out! (19:03)
Q&A: (19:19)

Moving from Jenkins to Jenkins X: Scaling and Accelerating CI/CD - Dr. Michael Garbade, Education Ecosystem

Jenkins has served as a continuous integration (CI) tool long before the emergence of Kubernetes and distributed systems running on cloud native platforms.

Working with Jenkins as a stand-alone open source tool has proved to be extremely difficult for distributed systems engineers, as it is designed for small projects and not scalable to bigger projects.

Jenkins X has emerged as a way to both improve and automate continuous delivery pipelines to Kubernetes and cloud native environments.

In this talk, we will discuss the limitations of Jenkins, how Jenkins X addresses those limitations, how it leverages open source and commercial CI/CD tools for easier bug fixes, faster deployments, stability, consistency and improved communication.

Open Application Model: Application-centric DevOps Approach - Andy Shi , Alibaba Cloud

Open Application Model is an open source spec and framework to encourage application-centric DevOps approach. It does so by separating the concerns of developers and DevOps. This talk will walk through the "Why" and "How" of such an approach. Andy will also compare OAM with other CD pipelines by showing some examples.

Policy-driven Deployments in Spinnaker - Beth Fuller, Armory

Screwdriver UI Walkthrough - Alan Dong, Verizon Media

In this session, it will cover the fundamental parts of Screwdriver regards 1) what is a pipeline 2) how to use a screwdriver to setup a pipeline from scratch 3) integrate with SCM (i.e. GitHub) 4) setup collections for personal preferences 5) how to get involved with Screwdriver.cd to get help and contribute back to the community It would be informative, and please join.

Welcome 2020 - Software is now Saving the World (or at least helping) - Christina Noren, CloudBees

A lot has changed since Marc Andreessen published his well-known essay “Why Software Is Eating The World.” Today software is impacting the lives of people far outside the realm of just the tech world on a daily basis. There is software being built that will enable physical distancing and clean air everywhere from factories to Broadway theaters to museums to schools to sports arenas in the wake of COVID-19. There are new insights into how remote work upended the way wealth is managed, real estate is sold, students are taught and government and medical services are delivered - and how software is making that happen. Even the ways that software teams are delivering these capabilities and how they are handling the new pressures of software development during the current crisis at the level of people, processes, and tools have drastically changed.
In this session, we will discuss how software and technology are being applied in new ways within a different domain or industry to help the world change for the better, especially due to the onset of COVID-19 and its aftermath.
Attendees will:

Experience a deep dive into various industries that have been disrupted and advanced through software. Whether pharma, finance, or entertainment, we will dissect each sector’s response through software to the current crisis and the likely outcomes.
Gain an understanding of how software is impacting the world around them and beyond their own specific current focus, as well as how other teams are navigating the changes in how software is delivered in the current crisis.
Hear relevant ideas and circumstances from peers in their industry that will help them navigate these uncharted times.

0:00 Intro
1:11 Current Situation
4:03 How Is Software Saving the World?
5:40 Who Did we Talk to?
12:36 Emerging Themes
16:07 Erosion of Old Use Cases
19:28 DevOps Is Key to Responsiveness
22:23 Customer Intimacy Is Key to Changing Circumstances
23:54 All Remote Work Is Different
26:06 Employment Structural Shift
28:18 Thank You /Contact

Spinnaker Deployments on Kubernetes from a Security Perspective - Anirban Saha, Allianz Technology

Spinnaker has provided ease of deployment for a number of cloud native environments and has become the absolute tool of choice for infrastructure implementers. However, it is equally important to consider security challenges when working in a cloud ecosystem. There are a number of security concerns to address when deploying cloud native applications using Spinnaker such as the Spinnaker deployment itself, permissions provided for the target cloud accounts, access control for Spinnaker applications, credential handling, authentication mechanisms, using roles for deployment (RBAC) to name a few. Making sure to address these security challenges not only helps an organisation minimise risk factors but also enables engineers to deploy continuously in a safe manner.

Spinnaker at Salesforce: Enterprise-Level Multi-Substrate Continuous Delivery and Release Management - Jing Vergara, Salesforce

Learn how we manage releases at Salesforce and take Continuous Deployment to the next level. Listen to the complex release orchestration challenges we face. Find out more about how we iteratively solve the full automation of movement of all code and infrastructure changes, from local development all the way to multi-substrate production environments and multilevel security zones.

Looking for something specific?
0:00 Introduction
1:04 Spinnaker: Footprint
1:17 Instances and execution
3:53 Apps, templates and guidelines
4:44 Pipeline types
6:24 Salesforce Journey: Challenges
6:39 Challenge 1: Pipeline templates
8:54 Challenge 2: Release across multiple environments
10:00 Challenge 3: Change management
11:50 Challenge 4: Failure handling
13:40 Challenge 5: Infrastructure builds and changes
14:32 Challenge 6: Spinnaker account management
15:24 Challenge 7: Alerts and notifications
15:58 Challenge 8: Pipeline security
16:50 Challenge 9: Handling promotions
17:40 Challenge 10: Complex release orchestration mechanism
18:14 Roadmap: Future Projects
18:48 Q&A




SUBSCRIBE CDF CHANNEL ►► https://tinyurl.com/y4e4434n

ABOUT US
The Continuous Delivery Foundation seeks to improve the world’s capacity to deliver software with security and speed. Learn more at https://cd.foundation/

The Humans of DevOps - Jayne Groll, DevOps Institute

When you think about continuous delivery, do you automatically think about pipelines and tools? Automation is absolutely an essential element for continuous everything - but it is the human element that will be the key contributor to transformation success. This session will look at the characteristics, skills, tools and needs of the Humans of DevOps for the next decade as we move into the “new normal”.

The MLOps Roadmap - Terry Cox, Boostrap Ltd.

This talk is an introduction to the CDF MLOps Roadmap.

The Objectives And The Principles Behind GitOps - Viktor Farcic, Codefresh

GitOps is nothing new. Or, to be more precise, the principles of GitOps existed long before the term was invented. But hey, that's the pattern in our industry. It is the fate of all good practices to be misunderstood, so we need to come up with new names to get people back on track. That is not to say that we are in a constant loop. Instead, I tend to think of it as a periodic reset trying to eliminate misinterpretations. GitOps is one of those resets. It fosters the practices and the ideas that existed for a while now and builds on top of them.

We'll explore the fundamental principles of GitOps and the outcomes of those principles. We also try to answer some fundamental questions like "why do we want GitOps?", "why isn't everyone using GitOps?", and whether GitOps is mature enough for everyone to adopt it. More importantly, we'll try to see how GitOps fits into continuous delivery and how it might change the way we define application lifecycle pipelines.

The Power of Open Source Community - Jacqueline Salinas, Continuous Delivery Foundation; Tracy Ragan, DeployHub & Marky Jackson, OpsMX

The panel, "The Power of Open Source Community," will cover 2 unique stories of how community has impacted personal and professional lives for the better. This discussion will cover how you too can make an impact by contributing to open source communities. The panelists will tell us their personal DevOps journey, the people who helped them along the way, and how they continue to make a difference in the open source communities today. Join to learn how you can get involved in open source projects from Marky, Tracy, and Jacqueline's first hand experiences.

Where’s the Application? Understanding the Challenge of Your Microservice CD Pipeline - Tracy Ragan , DeployHub

As we take a hammer and smash up our monolithic applications into lots of little pieces, we also break the way we track and manage a software application. The software application no longer exists, yet we still need it. The loss of the application is partly responsible for the complexity in managing microservices. This session investigates the core benefits of continuous integration in a monolithic pipeline in terms of the packaging and configuration management of the software application. We will cover why the CI step is critical to the entire Continuous Delivery process, and what we lose as we move to microservices. We will explore the tracking of application versions overtime to remind us of the importance of BOM reports, 'diff' reports, and impact analysis. By looking at what we do well today, we will understand what we need to solve in a microservice based CD Pipeline.

GitOps, Kubernetes, and Secret Management: Don't Bake in a Tent! - Kara de la Marck, CloudBees

GitOps uses Git as the “single source of truth” for declarative infrastructure and enables developers to manage infrastructure with the same Git pull requests they use to manage a codebase. Having all configuration files version-controlled by Git has many advantages, but best practices for securely managing secrets with GitOps remain contested. Join us in this presentation about GitOps and secret management. Attendees will learn about the pros and cons of various approaches and why the Jenkins X project has chosen to standardize on Kubernetes external secrets for secret management.

Introduction: (0:00)
Why Git?: (1:00)
Why Kubernetes ?: (2:50)
What's a Secret?: (5:13)
Security Concern in Git: (6:58)
Strategies for Managing Secrets: (8:58)
To Avoid Storing Secrets in Git: (11:25)
Rules: (13:16)
External Secret Management Systems: (14:34)
Using Jenkins X: (17:23)
Jenkins X 3 Alpha and Community Links: (18:45)
Wrap-up: (19:15)
Q&A: (20:40)

Welcome & Opening Remarks - Tracy Miranda, Continuous Delivery Foundation