Discover and read the best of Twitter Threads about #velocityconf

Most recents (19)

Final talk I'll be getting to at #VelocityConf before I dash to Toronto: @IanColdwater on improving container security on k8s.
@IanColdwater She focuses on hardening her employer's cloud container infrastructure, including doing work on k8s.

She also was an ethical hacker before she went into DevOps and DevSecOps. #VelocityConf
She travels around doing competitive hacking with CTFs. It's important to think like an attacker rather than assuming good intents and nice user personas that use our features in the way the devs intended things to be used. #VelocityConf
Read 36 tweets
My colleague @sethvargo on microservice security at #VelocityConf: traditionally we've thought of traditional security as all-or-nothing -- that you put the biggest possible padlock on your perimeter, and you have a secure zone and untrusted zone.
@sethvargo We know that monoliths don't actually work, so we're moving towards microservices. But how does this change your security model?

You might have a loadbalancer that has software-defined rules. And you have a variety of compartmentalized networks. #VelocityConf
You might also be communicating with managed services such as Cloud SQL that are outside of your security perimeter.

You no longer have one resource, firewall, loadbalancer, and security team. You have many. Including "Chris." #VelocityConf
Read 19 tweets
Leading off the k8s track today is @krisnova on migrating monoliths to k8s! #VelocityConf
@krisnova [ed: p.s. her ponies and rainbows dress is A+++]

She starts by providing a resources link: j.hept.io/velocity-nyc-2…

The problems we're solving:
(1) why are monoliths harder to migrate?
(2) Should you?
(3) How do I start?
(4) Best practices #VelocityConf
.@krisnova is a Gaypher (gay gopher), is a k8s maintainer, and is involved in two k8s SIGs (cluster lifecycle & aws, but she likes all the clouds. depending upon the day). And she did SRE before becoming a Dev Advocate! #VelocityConf
Read 29 tweets
Final keynote block: @lxt of Mozilla on practical ethics and user data. #VelocityConf
@lxt And also ethics of experimentation!

"just collect data and figure out later how you'll use it" doesn't work any more. #VelocityConf
We used to be optimistic before we ruined everything.

Mozilla also used to not collect data, and only had data on number of downloads, but its market share went down because they weren't measuring user satisfaction and actual usage. #VelocityConf
Read 25 tweets
Next up is @mrb_bk on why marketing matters. #VelocityConf
@mrb_bk Hypothesis: marketing >> code in terms of software adoption. [ed: and this is why I became a developer advocate!] #VelocityConf
You need to consider community early when developing a product.

Always ask, "Why do people matter?" "Why does adoption matter?" #VelocityConf
Read 17 tweets
Next up is @rogerm on O'Reilly's insights into trends with Radar. #VelocityConf
@rogerm They look at changes in search terms year on year; the two largest increases are k8s and blockchain. #VelocityConf
People are becoming less interested in broader topics and more interested in specific technologies e.g. pytorch. #VelocityConf
Read 5 tweets
Next is my colleague @rakyll on distributed tracing!! #VelocityConf
@rakyll In a big city, you learn to deal with large scale and navigating your way around, in an environment that has a lot of chaos and data.

And sometimes things don't go according to plan if you encounter construction, etc. along the way. #VelocityConf
It doesn't matter where the error happened, from a user's perspective, it's a failure to them.

Maybe we're doing better at @GCPcloud, but there are lots of opportunities to improve still, says @rakyll. #VelocityConf
Read 20 tweets
First up at #VelocityConf this morning: @tammybutow on chaos engineering to increase resilience!
@tammybutow She's been doing chaos engineering since 2009. But she wants to encourage people to do Chaos Days the same way that they do Hack Days - to build resilience into teams and products. #VelocityConf
Chaos isn't about going rogue and setting everything on fire; instead, it's much more scientific and collaborative.

You need to do thoughtful, planned experiments to reveal weaknesses. #VelocityConf
Read 19 tweets
I'm excited to see @alicegoldfuss's talk on container operations for the first time! #VelocityConf
@alicegoldfuss She's telling us about the idyllic picture painted by advertisements (for instance, for cars) with the fancy 0-60 numbers... vs. the tiny small words "laboratory setting" or "test track". #VelocityConf
That's how @alicegoldfuss feels about container talks. Presenter comes out and says "BAM, I will revolutionize your infrastructure? What's that? Run more than one container? No problem! [with shipping container images overlaid on cars]" #VelocityConf
Read 29 tweets
Final speaker of morning keynotes: @kavya719 on real-world data to analyze performance of systems and end user experience without breaking the bank. #VelocityConf
@kavya719 Think about performance and capacity: you can use the "YOLO" method, or do load simulation; but the better approach is performance modeling.

Represent your system by a theoretical modelj, get results, and translate back to your system. #VelocityConf
First example: we have a response time SLA for a client to webserver to database system. [ed: I'd call that a SLI, not a SLO or SLA].

Assume that requests come into a queue. #VelocityConf
Read 16 tweets
Next up is my colleague @drensin on why #SRE and #DevOps are friends! (likely quoting me and @sethvargo a bunch) #VelocityConf
@drensin @sethvargo [ed: full disclosure, this is a sponsored talk.]

How many people have heard of SRE? like 80% of people. But 3 years ago, it was crickets. #VelocityConf
"Obviously in the age of Twitter, they must fight, right? But no, they actually reinforce each other."

And you should look at @lizthegrey and @sethvargo's video series for more details.

But the key message is: they developed independently but landed in same place #VelocityConf
Read 7 tweets
Next up is @francesc [ed: <3 <3 <3 my former colleagues!] on why machine learning will make programming better! #VelocityConf
@francesc Is software eating the world? The number of LOC is increasing dramatically -- tens of millions of LOC for Chrome, Windows, etc.

And *cars* have hundreds of millions of LOC. #VelocityConf
He works at @sourcedtech but also runs @justforfunc.

So how can ML on source code help us? It's related to doing natural language processing and data mining. #VelocityConf
Read 10 tweets
Next talk at #VelocityConf is a sponsored talk by @beevek on moving fast without breaking things.

How do you decide when to measure and make course corrections?
@beevek If you make it cheaper and less risky to measure where you are and where you're going, then you'll be more efficient about accomplishing your goals and managing risks.

Reduce the scope of potential failures by checking them with the real world as soon as possible. #VelocityConf
How do we decide what to invest in? There's always more tests, metrics, and automation to write.

Prioritize where cost of failure and change velocity is the highest for your observability and risk management. #VelocityConf
Read 3 tweets
Next #VelocityConf speaker is @jessicamckellar on ending mass incarceration. She spends a lot of time in prisons, including San Quentin.
@jessicamckellar 800 people on death row; the largest death row in the Western Hemisphere.

She works on "The Last Mile" project, which prepares incarcerated individuals for successful re-entry into society with job/skills training. #VelocityConf
She teaches people technology skills. Without internet access, just thumb drives and PDFs.

And she had rich discussions with incarcerated men about everything from software to software and predictive policing to demographics of tech. #VelocityConf
Read 13 tweets
Next up at #VelocityConf is @laurentgil [sponsored talk] about the audience vs. the Internet and security risks.
@laurentgil Prefix advertisement/hijacking attacks for DNS servers; falsified resolver results being returned for a phishing Ukrainian server. [ed: doesn't SSL save us from this?] #VelocityConf
Additionally, multiple hour TTL propagation delay prevented quick repair/recovery.

Another case study: an anonymous Dyn customer that sounds a lot like ZocDoc who got attacked by a botnet. #VelocityConf
Read 6 tweets
Leading off: @anildash at #VelocityConf, who is "from the internet." He wants to start with reminding us that technology isn't just a dumpster fire, that it can be used for good as well. But that the problems we're causing are getting worse.
@anildash "How did this happen?" asks @anildash. "We mostly mean well; there aren't many mustache-twirling villains except for Thiel who drinks the blood of young people." #VelocityConf
Who was making technology? We started off with the goal of democratizing technology, and initially lots of different people were participating and were leading (c.f. myspace, neopets, etc.)! #VelocityConf
Read 14 tweets
Hbr is Twitter for executives #velocityconf @nicolefv
In 2003 hbr published an article that said IT doesn't matter. In 2009 Flickr demonstrated the opposite. @nicolefv has the research now showing DevOps investment makes business performant #velocityconf
Our intuition told us this was true and now we have the data to back it up. #VelocityConf
Read 13 tweets
Next up at #velocityconf its the one and only @jaqx0r - Google SRE extraordinaire on how best to monitor with SLO’s
The cost of maintenance of a system must scale sublinearly with the growth of the service - #velocityconf

At Google, Ops work needs to be less than 50% of the total work done by SRE
Once you have an SLO that’s really not an SLO since the users have come to expect better, then you’re unable to take any risks. Systems that are *too* reliable can become problematic too. #VelocityConf
Read 9 tweets
The distributed real time telemetry challenge at NS1

- 5-700K data points per sec
- avg of 200K data points per second (terabytes per day)
- why an OpenTSDB approach failed (DDOS attack mitigation required more granular telemetry and per packet inspection)
- why ELK made sense
“Given all the problems we had, we decided that we needed to pick a tool that had a solid community behind it. We wanted to gain from a flourishing community and wanted to contribute back” - why ELk was chosen as a long term time series database at @NS1
openTSDB still wins hands down for analytics purposes but NS1 didn’t need that. OpenTSDB requires deep operational expertise to tune, scale and run which NS1 didn’t want to invest in.

The used the beats ecosystem (beats is the oss project from eBay, iirc)
Read 10 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!