Introduction to Serverless through Architectural Patterns
1 like261 views
Presenting Serverless to Master1 Computer Sciences students Showing typical patterns and use cases Demo of the Serverless Framework
1 of 18
Download to read offline
Ad
Recommended
Securing Serverless Systems
Securing Serverless SystemsVincent Lau Wondering what is serverless (or FaaS) and how it impacts security risk? We will start with understanding how serverless is being used, the serverless architecture for IoT & AI, and examples of serverless applications. After which, we will go through the security impact of going serverless, then conclude with the top 10 serverless security risks and measures to mitigate them.
Securing serverless system
Securing serverless systemNUS-ISS by Mr. Vincent Lau, CTO, Voyager Innovations Singapore, at NUS-ISS SkillsFuture Series Seminar: Secured IoTs and Secured Cloud – Partners in ensuring a Secured Smart Nation Seminar (3 Oct)
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation Cisco DevNet Fast innovation requires Fast IT: the new model for IT that transforms the way we deliver new business application capabilities to our clients.
Cisco IT has created solutions that enable automated provisioning of environments and fast deployment of cloud applications through “Software Development-as-a-Service”.
In this session, we’ll provide a hands-on experience of how application teams use an automated toolset to combine quality and agility, while reducing operational expense. We’ll also provide a view of the key technologies that enable this solution.
Finally, there’s a quick glimpse into what’s next: containerization and IOE Application Enablement.
Automate Your Container Deployments Securely
Automate Your Container Deployments SecurelyDevOps.com Operations seeking to make their apps and APIs both performant and available to their users must bake effective application security tooling into their processes and infrastructure configurations. How can development and operations teams release at increasing velocity with app protection built into their CI/CD pipeline?
A true next-generation, holistic web application and API protection platform does just that: operations teams can integrate security into their workflows and ensure new infrastructure and app code released to production is both effective and secure in any environment from cloud using containers to datacenters to a hybrid of these.
Join application security expert Aneel Dadani from Signal Sciences to learn how your team can automate, deploy at scale safely while gaining layer 7 visibility in production environments.
Attendees will learn:
What constitutes effective application security within the context of cloud adoption and an ever expanding threat landscape
How development teams can gain visibility into how their apps and APIs are being used in production and what vulnerabilities may exist that they overlooked
How DevOps teams can scale their application footprint to meet demand while securing your codebase in production
How to inspect request traffic at the API gateway or the ingress
Network Bandwidth management - Mumbai Seminar
Network Bandwidth management - Mumbai SeminarManageEngine, Zoho Corporation This document discusses how NetFlow Analyzer can help with bandwidth monitoring and management challenges. It provides an overview of NetFlow Analyzer's capabilities for gaining visibility into network traffic, managing traffic across LAN, WAN and wireless networks, identifying and resolving network issues faster, controlling unnecessary bandwidth usage, and preventing security threats. Key benefits highlighted include real-time and historical traffic monitoring and reporting, troubleshooting capabilities, traffic grouping and analysis, alerting, and affordable pricing starting at $595 for 10 interfaces. A case study is also presented on how NetFlow Analyzer helped a large healthcare organization address network downtime issues and reduce bandwidth costs.
Hybrid cloud monitoring - Mumbai seminar
Hybrid cloud monitoring - Mumbai seminarManageEngine, Zoho Corporation This document discusses how IT operations teams can monitor and troubleshoot hybrid cloud infrastructures using ManageEngine Applications Manager. It provides an overview of the benefits of hybrid cloud models and the management challenges they pose. It then describes how Applications Manager offers integrated monitoring of on-premises and cloud environments from a single console, supports over 100 applications out of the box, maps application dependencies, helps find issues faster with alarms and diagnostics, and automates corrective actions.
Optimize application performance - Mumbai Seminar
Optimize application performance - Mumbai Seminar ManageEngine, Zoho Corporation - The document discusses how Applications Manager can help optimize application performance for an e-commerce site experiencing issues during a flash sale, including slow page loads, errors, and site unavailability.
- It describes how Applications Manager can monitor site availability, end user experience, web application performance, reverse proxies, and detect website defacement using tools like HTTP monitors, real browser monitoring, APM Insight, JVM monitoring, and website content monitoring.
- The goal is to provide visibility into the user journey, transaction performance, errors, and system components to troubleshoot and optimize the application.
Application Gateways for Industry 4.0
Application Gateways for Industry 4.0Anne Nevin Smart gateways are critical to Industry 4.0. They can react locally if the network is down, add security functions, reduce latency and minimize traffic. Applications running on intelligent gateways are hard to program, since they need to interact concurrently with many other devices and interfaces, be monitored remotely, and work reliably all the time, while working autonomously
Cloud design pattern
Cloud design patternAreeba jabeen The document discusses two cloud design patterns: the Circuit Breaker pattern and the Gatekeeper pattern. The Circuit Breaker pattern provides a way to protect applications from faulty external systems by routing requests through a circuit breaker that can open, closing, or half-open the circuit. The Gatekeeper pattern decouples the code that exposes public endpoints from the code that processes requests and accesses data to minimize access to sensitive information and services.
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectCloudPassage Software-Defined Security Bestows Simplicity
By:
Carson Sweet
CEO & Co-founder
CloudPassage
Once an over-hyped buzzword, software-defined security is now a high-value strategy seeing adoption by large enterprises across industries. Hear real implementations of solutions spanning multiple private, public and hybrid infrastructures.
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago Vitaliy Shtym from Trend Micro discusses pragmatic container security. He outlines six key areas to focus on: (1) the container host, (2) the network, (3) the management stack, (4) the build pipeline, (5) the application foundation, and (6) the application. Specific security best practices are provided for securing containers within each of these areas, such as hardening the container host operating system, using intrusion prevention controls, and scanning container images for vulnerabilities before deployment. The goal is to implement defense in depth across the entire container environment.
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com This document discusses runtime security on Azure Kubernetes Service (AKS). It begins by introducing AKS and how it simplifies Kubernetes deployment and management. It then discusses the security concerns with containers and the need for runtime security. Runtime security involves monitoring activity within containers to detect unwanted behaviors. The document outlines how Sysdig provides runtime security for AKS through its agents that collect syscall data and Kubernetes audit logs. It analyzes this data using policies to detect anomalies and threats across containers, hosts, and Kubernetes clusters. Sysdig also integrates with other tools like Falco and Anchore to provide breadth and depth of security.
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec Presenter: David Zahn, PAS
Industrial control systems represent the brass ring for hackers who want to disrupt plant operations and negatively impact safety and productivity. The problem for cybersecurity professionals is that plants have highly vulnerable proprietary control systems where configuration data is not visible via standard WMI or SNMP calls. Yet, it is this same configuration data, such as I/O cards, firmware, installed software, and more, that hackers work hard to attain as it aids them in gaining control over industrial systems within plants.
As the saying goes, “you can’t manage what you can’t measure.” Taking inventory of this hidden configuration data and doing so for all control assets is difficult. Plants as a result fall short of achieving centralized, automated inventory – a cybersecurity best practice and a necessary precursor to effective change management. So how do you address change management when important security data is kept locked within each vendor’s distributed control systems, programmable logic controllers, and remote terminal units?
In this session, we’ll explore the types of inventory data that comprise a best practices cyber security plan. Next, we will dive into cost effective, accurate automation opportunities for inventory discovery and maintenance of heterogeneous proprietary and non-proprietary control assets. Finally, we’ll present a case study for implementing best practices for hardening ICS cyber security and automating management of change.
Agenda:
Building and Maintaining an Accurate ICS Inventory
Best Practices in Inventory Automation
Case Study
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloudPassage Enterprises today cannot get by without a clear strategy for cloud security. Whether the organization’s adoption of cloud environments (private, public or hybrid) is mandated by business strategy or by unsanctioned employee use, CISOs and their security teams need to be prepared for this inevitable infrastructure shift.
Attend and learn how to build a cloud security strategy that makes your CISO successful. Join Rich Mogull, lead analyst at Securosis, and Nick Piagentini, Solution Architect at CloudPassage as they discuss the following topics:
-Cloud is Different, But Not the Way You Think
-Adapting Security for Cloud Computing Principles
-Getting Started: Practical Applications
-CISO Cloud Security Checklist
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage This document discusses security challenges for enterprise cloud infrastructure and different approaches to addressing them. It summarizes common cloud use cases like ITaaS, development/testing in public clouds, and big data analytics. It then outlines challenges like virtualized networks and lack of hardware controls. Next-generation approaches like virtual appliances, in-hypervisor controls, and workload-based security are presented along with pros and cons. The document focuses on CloudPassage's workload-based security agent Halo, which provides automated security and compliance controls that scale across cloud environments.
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Lucy Huh Kerner In this slide deck of my 2017 Red Hat Summit talk, you'll learn how to easily provision a security-compliant host and quickly detect and remediate security and compliance issues in physical, virtual, cloud, and container environments. We’ll discuss possible compliance challenges and show how a combination of Red Hat CloudForms, Red Hat Satellite, and Ansible Tower by Red Hat can help you quickly achieve compliance, automate security , and complete remediation. You’ll learn how you can integrate Red Hat CloudForms with Red Hat Satellite and Ansible Tower by Red Hat, as well as use the OpenSCAP integration in Red Hat Satellite, to perform audit scans and remediations at the push of a button on your systems and automate security to ensure compliance against various profiles, such as:
The U.S. Government Configuration Baseline (USGCB).
The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG).
The Centralized Supercomputing Facility (CSCF) baseline.
The U.S. Government Commercial Cloud Services (C2S) baseline.
The Certified Cloud and Service Provider (CCSP) baseline.
Center for Internet Security (CIS) Benchmarks.
The Payment Card Industry Data Security Standard (PCI DSS) Custom policies.
You'll also learn how you can use the control and policy engine in Red Hat CloudForms to detect and fix vulnerabilities, such as Shellshock, and learn how to do proactive security and automated risk management with Red Hat Insights.
To see the video replay of this talk, please visit: https://www.youtube.com/watch?v=8V1iDgOTWFA&t=1s
DevOps Underground - Microservices Monitoring
DevOps Underground - Microservices Monitoringkloia This document discusses monitoring strategies for microservices architectures. It begins by introducing the speaker and their company ClearScore, which aims to solve financial problems by presenting user data beautifully. The document then discusses why companies adopt microservices and the challenges of monitoring them compared to traditional applications. It explores using various open source and third party tools like StatsD, Grafana, and Instana. It emphasizes the importance of a culture where delivery teams own their services and monitoring. Finally, it outlines the company's plans to transition to Kubernetes and consider serverless and CD platforms to scale their global operations.
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage Presentation slides from Black Hat 2016. Presented by Sami Laine, Principal Technologist at CloudPassage & Aaron McKeown, Lead Security Architect of Xero.
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsCloudPassage Adoption of cloud resources by development teams has created a security problem. The self-service and on-demand nature of the cloud increases the company attack surface in unknown ways. How can security operations teams ensure the DevOps teams maintain their needed agility while also being compliant to company security requirements?
Presented by Andrew Storms and Eric Hoffman at RSAC 2014
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the CloudCloudPassage Join CloudPassage CEO, Carson Sweet and Sumo Logic Founding VP of Product & Strategy, Bruno Kurtic, for a webinar on “45 minutes to PCI Compliance in the Cloud”.
What You Will Learn:
-Understand the typical challenges faced by enterprises for achieving PCI on cloud infrastructure
-Learn how purpose-built SaaS-based cloud security solutions can save you tens of thousands in audit costs by speeding your time to compliance
-Get a quick demo of the CloudPassage Halo and Sumo Logic solutions that provide the telemetry and query/reporting engines respectively for cloud PCI
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudCloudPassage There are three main types of cloud services discussed in the document:
1) Infrastructure as a Service (IaaS) requires technologies to verify workload integrity, alert to unauthorized changes, and track incidents as the provider cannot do this. Point solutions and broader providers offer these controls.
2) Software as a Service (SaaS) presents risks if providers mishandle sensitive data or have authentication/application weaknesses exploited. Users should control access and encrypt data.
3) Governance is needed to track cloud service use, as without it companies lack visibility into how data is used and exposed. Technologies help monitor usage and set policies to mitigate risks and protect data.
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectThousandEyes Steve Lerner presents at ThousandEyes Connect on how eBay measures and optimizes web performance, CDNs and DNS infrastructure.
Claudit (cloud asset auditing)
Claudit (cloud asset auditing)Angelos Karageorgiou Claudit is a cloud-based IT auditing solution that logs user sessions on cloud servers and mobile devices. It runs an agent that captures screenshots, keyboard inputs, and application status during user sessions and logs this securely to Claudit's cloud servers. Authorized users can then replay complete session recordings and search session contents for auditing purposes. The solution aims to provide IT administrators visibility into user activity across dispersed teams and devices.
Practical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourceBlack Duck by Synopsys This session examines how Legal Counsel can help software development teams create an automated compliance process to make daily decisions related to open source licenses.
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetPerforce The intellectual property stored in your SCM system comprises your company’s most valuable assets. How do you keep those assets safe from threats inside and outside your organization?
This session by Charlie McLouth, Director of Technical Sales at Perforce, and Mark Bennett, Vice President at Interset, will give you a deep dive into how Perforce Helix keeps your assets safe, including real-world scenarios of Interset's Threat Detection. You’ll hear how Interset Threat Detection applies advanced behavioral analytics to user activities to proactively surface threats to the IP stored in the Helix Versioning Engine.
You’ll also hear how Helix’s fine-grained permissions model provides unified security policies that govern access-control based on LDAP authentication and contextual information such as IP address of the client or file paths.
Dynatrace FreeTrial Test Drive
Dynatrace FreeTrial Test DriveJerry Tan The document outlines an agenda for a Dynatrace free trial test drive. It includes an overview of Dynatrace application monitoring, what activities will be done during the test drive, and useful resources. The architecture of the Dynatrace solution is shown, with the Dynatrace server processing data and the frontend server supporting user analysis. Screenshots of the Dynatrace user interface are provided to demonstrate transaction flows, hotspots identification, and performance analysis.
10 Tips for Your Journey to the Public Cloud
10 Tips for Your Journey to the Public CloudIntuit Inc. 1. The document provides 10 tips for migrating to the public cloud from Mint's experience. Key tips included establishing load balancing, securing sensitive customer data with encryption, and maintaining low latency through metrics and code tuning.
2. When migrating large amounts of data, Mint shipped over 50TB of encrypted data on physical drives rather than over the network.
3. For high availability and disaster recovery, Mint implemented multi-availability zones and regions while balancing recovery objectives against increased costs and complexity.
IBM QRadar BB & Rules
IBM QRadar BB & RulesMuhammad Abdel Aal in this presentation we will discuss the IBM QRradar BB & Rules and how its work.
use and share the slide as you want all data are from IBM KnowledgeBase
Serverless Node.js
Serverless Node.jsThe Software House Mariusz Richtscheid: Architektura typu serverless wraz z terminem "Function as a Service" zyskują coraz większą popularność. To całkiem odmienne podejście do tworzenia aplikacji oraz ich wdrażania ma wiele zalet, ale musimy być też świadomi problemów, jakie się z nim wiążą. W trakcie prezentacji pokażę, w jaki sposób można zmodyfikować istniejącą aplikację Node.js tak, by wykorzystać zalety tej architektury.
Building Serverless Microservices Using Serverless Framework on the Cloud
Building Serverless Microservices Using Serverless Framework on the CloudSrini Karlekar Presentation that provides an overview of Serverless computing model, differentiates between Serverless Architectures, FaaS, PaaS and the Serverless Framework. It drills down the idea by helping you build a compelling example of 'Shazam for Celebrities' using the Serverless Framework, AWS Lambda, AWS Rekognition, Twilio and IMDb. It uses the user's mobile SMS/MMS for the presentation tier, Twilio in the middle-tier to bridge the SMS world and AWS Gateway and a set of AWS Lambda functions written in Python making use of AWS Rekognition for image processing. The code is at http://bit.ly/FaCeS-Sls
More Related Content
What's hot (20)
Cloud design pattern
Cloud design patternAreeba jabeen The document discusses two cloud design patterns: the Circuit Breaker pattern and the Gatekeeper pattern. The Circuit Breaker pattern provides a way to protect applications from faulty external systems by routing requests through a circuit breaker that can open, closing, or half-open the circuit. The Gatekeeper pattern decouples the code that exposes public endpoints from the code that processes requests and accesses data to minimize access to sensitive information and services.
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectCloudPassage Software-Defined Security Bestows Simplicity
By:
Carson Sweet
CEO & Co-founder
CloudPassage
Once an over-hyped buzzword, software-defined security is now a high-value strategy seeing adoption by large enterprises across industries. Hear real implementations of solutions spanning multiple private, public and hybrid infrastructures.
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago Vitaliy Shtym from Trend Micro discusses pragmatic container security. He outlines six key areas to focus on: (1) the container host, (2) the network, (3) the management stack, (4) the build pipeline, (5) the application foundation, and (6) the application. Specific security best practices are provided for securing containers within each of these areas, such as hardening the container host operating system, using intrusion prevention controls, and scanning container images for vulnerabilities before deployment. The goal is to implement defense in depth across the entire container environment.
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com This document discusses runtime security on Azure Kubernetes Service (AKS). It begins by introducing AKS and how it simplifies Kubernetes deployment and management. It then discusses the security concerns with containers and the need for runtime security. Runtime security involves monitoring activity within containers to detect unwanted behaviors. The document outlines how Sysdig provides runtime security for AKS through its agents that collect syscall data and Kubernetes audit logs. It analyzes this data using policies to detect anomalies and threats across containers, hosts, and Kubernetes clusters. Sysdig also integrates with other tools like Falco and Anchore to provide breadth and depth of security.
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec Presenter: David Zahn, PAS
Industrial control systems represent the brass ring for hackers who want to disrupt plant operations and negatively impact safety and productivity. The problem for cybersecurity professionals is that plants have highly vulnerable proprietary control systems where configuration data is not visible via standard WMI or SNMP calls. Yet, it is this same configuration data, such as I/O cards, firmware, installed software, and more, that hackers work hard to attain as it aids them in gaining control over industrial systems within plants.
As the saying goes, “you can’t manage what you can’t measure.” Taking inventory of this hidden configuration data and doing so for all control assets is difficult. Plants as a result fall short of achieving centralized, automated inventory – a cybersecurity best practice and a necessary precursor to effective change management. So how do you address change management when important security data is kept locked within each vendor’s distributed control systems, programmable logic controllers, and remote terminal units?
In this session, we’ll explore the types of inventory data that comprise a best practices cyber security plan. Next, we will dive into cost effective, accurate automation opportunities for inventory discovery and maintenance of heterogeneous proprietary and non-proprietary control assets. Finally, we’ll present a case study for implementing best practices for hardening ICS cyber security and automating management of change.
Agenda:
Building and Maintaining an Accurate ICS Inventory
Best Practices in Inventory Automation
Case Study
Cloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloudPassage Enterprises today cannot get by without a clear strategy for cloud security. Whether the organization’s adoption of cloud environments (private, public or hybrid) is mandated by business strategy or by unsanctioned employee use, CISOs and their security teams need to be prepared for this inevitable infrastructure shift.
Attend and learn how to build a cloud security strategy that makes your CISO successful. Join Rich Mogull, lead analyst at Securosis, and Nick Piagentini, Solution Architect at CloudPassage as they discuss the following topics:
-Cloud is Different, But Not the Way You Think
-Adapting Security for Cloud Computing Principles
-Getting Started: Practical Applications
-CISO Cloud Security Checklist
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage This document discusses security challenges for enterprise cloud infrastructure and different approaches to addressing them. It summarizes common cloud use cases like ITaaS, development/testing in public clouds, and big data analytics. It then outlines challenges like virtualized networks and lack of hardware controls. Next-generation approaches like virtual appliances, in-hypervisor controls, and workload-based security are presented along with pros and cons. The document focuses on CloudPassage's workload-based security agent Halo, which provides automated security and compliance controls that scale across cloud environments.
Automating security compliance for physical, virtual, cloud, and container en...
Automating security compliance for physical, virtual, cloud, and container en...Lucy Huh Kerner In this slide deck of my 2017 Red Hat Summit talk, you'll learn how to easily provision a security-compliant host and quickly detect and remediate security and compliance issues in physical, virtual, cloud, and container environments. We’ll discuss possible compliance challenges and show how a combination of Red Hat CloudForms, Red Hat Satellite, and Ansible Tower by Red Hat can help you quickly achieve compliance, automate security , and complete remediation. You’ll learn how you can integrate Red Hat CloudForms with Red Hat Satellite and Ansible Tower by Red Hat, as well as use the OpenSCAP integration in Red Hat Satellite, to perform audit scans and remediations at the push of a button on your systems and automate security to ensure compliance against various profiles, such as:
The U.S. Government Configuration Baseline (USGCB).
The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG).
The Centralized Supercomputing Facility (CSCF) baseline.
The U.S. Government Commercial Cloud Services (C2S) baseline.
The Certified Cloud and Service Provider (CCSP) baseline.
Center for Internet Security (CIS) Benchmarks.
The Payment Card Industry Data Security Standard (PCI DSS) Custom policies.
You'll also learn how you can use the control and policy engine in Red Hat CloudForms to detect and fix vulnerabilities, such as Shellshock, and learn how to do proactive security and automated risk management with Red Hat Insights.
To see the video replay of this talk, please visit: https://www.youtube.com/watch?v=8V1iDgOTWFA&t=1s
DevOps Underground - Microservices Monitoring
DevOps Underground - Microservices Monitoringkloia This document discusses monitoring strategies for microservices architectures. It begins by introducing the speaker and their company ClearScore, which aims to solve financial problems by presenting user data beautifully. The document then discusses why companies adopt microservices and the challenges of monitoring them compared to traditional applications. It explores using various open source and third party tools like StatsD, Grafana, and Instana. It emphasizes the importance of a culture where delivery teams own their services and monitoring. Finally, it outlines the company's plans to transition to Kubernetes and consider serverless and CD platforms to scale their global operations.
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage Presentation slides from Black Hat 2016. Presented by Sami Laine, Principal Technologist at CloudPassage & Aaron McKeown, Lead Security Architect of Xero.
Secure Cloud Development Resources with DevOps
Secure Cloud Development Resources with DevOpsCloudPassage Adoption of cloud resources by development teams has created a security problem. The self-service and on-demand nature of the cloud increases the company attack surface in unknown ways. How can security operations teams ensure the DevOps teams maintain their needed agility while also being compliant to company security requirements?
Presented by Andrew Storms and Eric Hoffman at RSAC 2014
45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the CloudCloudPassage Join CloudPassage CEO, Carson Sweet and Sumo Logic Founding VP of Product & Strategy, Bruno Kurtic, for a webinar on “45 minutes to PCI Compliance in the Cloud”.
What You Will Learn:
-Understand the typical challenges faced by enterprises for achieving PCI on cloud infrastructure
-Learn how purpose-built SaaS-based cloud security solutions can save you tens of thousands in audit costs by speeding your time to compliance
-Get a quick demo of the CloudPassage Halo and Sumo Logic solutions that provide the telemetry and query/reporting engines respectively for cloud PCI
Technologies You Need to Safely Use the Cloud
Technologies You Need to Safely Use the CloudCloudPassage There are three main types of cloud services discussed in the document:
1) Infrastructure as a Service (IaaS) requires technologies to verify workload integrity, alert to unauthorized changes, and track incidents as the provider cannot do this. Point solutions and broader providers offer these controls.
2) Software as a Service (SaaS) presents risks if providers mishandle sensitive data or have authentication/application weaknesses exploited. Users should control access and encrypt data.
3) Governance is needed to track cloud service use, as without it companies lack visibility into how data is used and exposed. Technologies help monitor usage and set policies to mitigate risks and protect data.
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectThousandEyes Steve Lerner presents at ThousandEyes Connect on how eBay measures and optimizes web performance, CDNs and DNS infrastructure.
Claudit (cloud asset auditing)
Claudit (cloud asset auditing)Angelos Karageorgiou Claudit is a cloud-based IT auditing solution that logs user sessions on cloud servers and mobile devices. It runs an agent that captures screenshots, keyboard inputs, and application status during user sessions and logs this securely to Claudit's cloud servers. Authorized users can then replay complete session recordings and search session contents for auditing purposes. The solution aims to provide IT administrators visibility into user activity across dispersed teams and devices.
Practical Steps to Scale Legal Support for Open Source
Practical Steps to Scale Legal Support for Open SourceBlack Duck by Synopsys This session examines how Legal Counsel can help software development teams create an automated compliance process to make daily decisions related to open source licenses.
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetPerforce The intellectual property stored in your SCM system comprises your company’s most valuable assets. How do you keep those assets safe from threats inside and outside your organization?
This session by Charlie McLouth, Director of Technical Sales at Perforce, and Mark Bennett, Vice President at Interset, will give you a deep dive into how Perforce Helix keeps your assets safe, including real-world scenarios of Interset's Threat Detection. You’ll hear how Interset Threat Detection applies advanced behavioral analytics to user activities to proactively surface threats to the IP stored in the Helix Versioning Engine.
You’ll also hear how Helix’s fine-grained permissions model provides unified security policies that govern access-control based on LDAP authentication and contextual information such as IP address of the client or file paths.
Dynatrace FreeTrial Test Drive
Dynatrace FreeTrial Test DriveJerry Tan The document outlines an agenda for a Dynatrace free trial test drive. It includes an overview of Dynatrace application monitoring, what activities will be done during the test drive, and useful resources. The architecture of the Dynatrace solution is shown, with the Dynatrace server processing data and the frontend server supporting user analysis. Screenshots of the Dynatrace user interface are provided to demonstrate transaction flows, hotspots identification, and performance analysis.
10 Tips for Your Journey to the Public Cloud
10 Tips for Your Journey to the Public CloudIntuit Inc. 1. The document provides 10 tips for migrating to the public cloud from Mint's experience. Key tips included establishing load balancing, securing sensitive customer data with encryption, and maintaining low latency through metrics and code tuning.
2. When migrating large amounts of data, Mint shipped over 50TB of encrypted data on physical drives rather than over the network.
3. For high availability and disaster recovery, Mint implemented multi-availability zones and regions while balancing recovery objectives against increased costs and complexity.
IBM QRadar BB & Rules
IBM QRadar BB & RulesMuhammad Abdel Aal in this presentation we will discuss the IBM QRradar BB & Rules and how its work.
use and share the slide as you want all data are from IBM KnowledgeBase
Similar to Introduction to Serverless through Architectural Patterns (20)
Serverless Node.js
Serverless Node.jsThe Software House Mariusz Richtscheid: Architektura typu serverless wraz z terminem "Function as a Service" zyskują coraz większą popularność. To całkiem odmienne podejście do tworzenia aplikacji oraz ich wdrażania ma wiele zalet, ale musimy być też świadomi problemów, jakie się z nim wiążą. W trakcie prezentacji pokażę, w jaki sposób można zmodyfikować istniejącą aplikację Node.js tak, by wykorzystać zalety tej architektury.
Building Serverless Microservices Using Serverless Framework on the Cloud
Building Serverless Microservices Using Serverless Framework on the CloudSrini Karlekar Presentation that provides an overview of Serverless computing model, differentiates between Serverless Architectures, FaaS, PaaS and the Serverless Framework. It drills down the idea by helping you build a compelling example of 'Shazam for Celebrities' using the Serverless Framework, AWS Lambda, AWS Rekognition, Twilio and IMDb. It uses the user's mobile SMS/MMS for the presentation tier, Twilio in the middle-tier to bridge the SMS world and AWS Gateway and a set of AWS Lambda functions written in Python making use of AWS Rekognition for image processing. The code is at http://bit.ly/FaCeS-Sls
Serverless Pune meetup 3
Serverless Pune meetup 3Vishal Biyani In the 3rd meetup of Serverless Pune, we go over basics of Serverless architecture and demo Funktion from Fabric8!
Building Cross-Cloud Platform Cognitive Microservices Using Serverless Archit...
Building Cross-Cloud Platform Cognitive Microservices Using Serverless Archit...Srini Karlekar In this presentation, I walk-through the process of building, deploying & orchestrating Microservices across cloud providers. Specifically, I demonstrate building an intelligent Slackbot using AWS StepFunctions, AWS Rekognition and Google Vision that will recognize celebrities, landmarks and extract text from images using 100% Serverless architecture. Code is at: http://bit.ly/chehara
State of serverless
State of serverlessAnurag Saran Serverless/Frugal Architecture describes the benefits of serverless computing including continuous scaling, developer productivity, and fully managed operations. It discusses AWS Lambda's programming model of handlers, contexts, events, and asynchronous exceptions. Lambda supports various languages and has resource limits. Serverless computing is gaining adoption with Amazon Lambda as the pioneer, and other cloud providers like IBM, Microsoft, and Google developing their own serverless offerings. Challenges of serverless include testing, state management, and lack of observability. Open source projects are also emerging in this space like OpenWhisk.
What is Serverless Computing?
What is Serverless Computing?AIMDek Technologies Serverless computing is an emerging cloud computing model where the cloud provider manages resources and scales applications automatically in response to demand. With serverless, developers focus on writing code for independent, stateless functions rather than worrying about servers. Serverless platforms support automatic scaling, pay-per-use pricing, and event-driven computing using functions as the basic unit. While serverless offers benefits like reduced costs and management overhead, it also presents drawbacks like vendor lock-in and lack of debugging access.
Montréal AWS Users United: Let's go Serverless!
Montréal AWS Users United: Let's go Serverless!Daniel Zivkovic The document summarizes an upcoming meetup on serverless computing hosted by an AWS user group. The meetup will include introductions, a presentation on serverless computing by Daniel ZivKovic, and time for discussion and networking. TriNimbus, Daniel's employer, sponsors AWS meetups across Canada. The presentation agenda covers definitions of serverless, functions-as-a-service, popular use cases, and tools for building serverless applications.
Serverless: A love hate relationship
Serverless: A love hate relationshipJürgen Brüder A presentation on the advantages and disadvantages of using the "serverless" methodology in software development.
The future will be Serverless (FrontConf Munich 2017)
The future will be Serverless (FrontConf Munich 2017)Luciano Mammino Software development is on the verge of a new revolution that will change the rules of the Cloud Computing game... again! The new wind of change is called "Serverless" and you should definitely get ready for it! In this talk I will illustrate why I believe Serverless will be a game changer in the industry, how did we get to have Serverless and how to get started with it to build real products.
From Serverless to InterCloud
From Serverless to InterCloudWayne Scarano Serverless is a misnomer because there are servers. We will discuss what Serverless is, how it is part of an evolving abstraction, and what's on the horizon - InterCloud.
Serverless Toronto User Group - Let's go Serverless!
Serverless Toronto User Group - Let's go Serverless!Daniel Zivkovic Presentation slides from the first Toronto Kickoff Meetup. Topics covered:
1. Debunking Serverless Myths
2. How did we get here? Serverless past, present and the future
3. Serverless vs. FaaS vs. BaaS
4. Products Landscape
5. Popular Use Cases & Design Patterns
6. How to leverage The Serverless Framework to start building cloud-native applications!
7. Serverless forecast: How big will serverless be?
8. Learning Serverless & Serverless Tips
9. Adopting Serverless in your organization
10. Planning Serverless Toronto next steps...
Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn ...
Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn ...Frank Munz Serverless Presentation from Devoxx 2017 Casablanca (AWS Lambda / FaaS / Fn Project).
I did another presentation with the same slides at DOAG Nürnberg.
Skillenza Build with Serverless Challenge - Advanced Serverless Concepts
Skillenza Build with Serverless Challenge - Advanced Serverless ConceptsDhaval Nagar Skillenza is back with another game-changing virtual hackathon for you. Seize this amazing opportunity to create projects on serverless architecture. For those of you who are not acquainted with it, serverless architectures are system designs that use third-party services to build and run applications.
As developers, this helps you to gain better scalability and flexibility without needing any administration to manage infrastructure. So you can build quicker and at a reduced cost as well.
https://skillenza.com/challenge/build-with-serverless-online-hackathon-aws
NDev Talk - Serverless Design Patterns
NDev Talk - Serverless Design PatternsRyan Green This document summarizes serverless design patterns and tools. It begins with a brief history of cloud computing and an introduction to serverless computing. Common serverless use cases like event-driven applications and stream processing are described. Several serverless patterns are then outlined, such as hosting a static website or REST API using AWS Lambda and API Gateway. Finally, the document demonstrates a serverless application and discusses future directions for serverless technologies.
Dhaval Nagar - ServerlessDays Bengaluru 2023
Dhaval Nagar - ServerlessDays Bengaluru 2023Dhaval Nagar This presentation was done at the ServerlessDays Bengaluru 2023.
Serverless brewbox
Serverless brewboxLino Telera Lino Telera gave a presentation on serverless computing. He began with introductions and background. The presentation covered serverless concepts like Function as a Service, demonstrated building a simple microservice using AWS Lambda that interacts with S3, and discussed integrating functions with services like S3 using Boto. It also showed how functions can be called from devices using skills and discussed running serverless on-premise using OpenFaaS or Pivotal Container Service. The presentation concluded with a Q&A and thanks to sponsors.
Serverless-Computing-The-Future-of-Backend-Development
Serverless-Computing-The-Future-of-Backend-DevelopmentOzias Rondon Explore the revolutionary shift towards serverless computing and how it is transforming backend development. Learn about its benefits, challenges, use cases, and the leading platforms that enable developers to build scalable, cost-efficient applications without managing infrastructure.
Microservices and Serverless for Mega Startups - DevOps IL Meetup
Microservices and Serverless for Mega Startups - DevOps IL MeetupBoaz Ziniman 1) The document discusses best practices for running microservices at scale, including breaking monolithic architectures into loosely coupled microservices, using the right tools for each job, securing services, focusing on organizational transformation, and automating everything.
2) Five principles for running microservices are outlined: microservices only rely on each other's public APIs, using the right tool for the job, securing services with defense-in-depth, focusing on cross-functional teams for alignment, and automating everything.
3) Examples of event-driven serverless architectures using AWS Lambda and other AWS services are provided.
Learning Serverless Design Develop and Deploy with Confidence 1st Edition Jas...
Learning Serverless Design Develop and Deploy with Confidence 1st Edition Jas...hilsttrettpl Learning Serverless Design Develop and Deploy with Confidence 1st Edition Jason Katzer
Learning Serverless Design Develop and Deploy with Confidence 1st Edition Jason Katzer
Learning Serverless Design Develop and Deploy with Confidence 1st Edition Jason Katzer
Why Serverless?
Why Serverless?Ridwan Fadjar This document provides an overview of serverless computing. It defines serverless computing as a cloud computing model where the cloud provider dynamically manages machine resources and customers pay based on usage rather than pre-purchased capacity. It discusses how serverless applications rely on backend services (BaaS) and custom code run in ephemeral containers (FaaS). The document also outlines some pros and cons of serverless computing such as reduced costs and complexity but also vendor lock-in risks. It provides examples of serverless use cases and tools for development, infrastructure-as-code, emulation, and pricing calculators.
Ad
Recently uploaded (20)
Generative Artificial Intelligence and its Applications
Generative Artificial Intelligence and its ApplicationsSandeepKS52 The exploration of generative AI begins with an overview of its fundamental concepts, highlighting how these technologies create new content and ideas by learning from existing data. Following this, the focus shifts to the processes involved in training and fine-tuning models, which are essential for enhancing their performance and ensuring they meet specific needs. Finally, the importance of responsible AI practices is emphasized, addressing ethical considerations and the impact of AI on society, which are crucial for developing systems that are not only effective but also beneficial and fair.
Best Inbound Call Tracking Software for Small Businesses
Best Inbound Call Tracking Software for Small BusinessesTheTelephony The best inbound call tracking software for small businesses offers features like call recording, real-time analytics, lead attribution, and CRM integration. It helps track marketing campaign performance, improve customer service, and manage leads efficiently. Look for solutions with user-friendly dashboards, customizable reporting, and scalable pricing plans tailored for small teams. Choosing the right tool can significantly enhance communication and boost overall business growth.
Software Engineering Process, Notation & Tools Introduction - Part 4
Software Engineering Process, Notation & Tools Introduction - Part 4Gaurav Sharma Software Engineering Process, Notation & Tools Introduction
Scaling FME Flow on Demand with Kubernetes: A Case Study At Cadac Group SaaS ...
Scaling FME Flow on Demand with Kubernetes: A Case Study At Cadac Group SaaS ...Safe Software In today’s data-driven world, efficiency is key. For Cadac, a Dutch leading provider of SaaS solutions and Autodesk Platinum partner, ensuring that customers can process data on demand is crucial to delivering a seamless experience. However, with fluctuating user demand, a challenge emerged: How do we scale FME Flow to meet on-the-fly processing needs without over-investing in infrastructure? Enter Kubernetes and KEDA (Kubernetes Event-Driven Autoscaling). In this presentation, we will explore how these cutting-edge technologies helped dynamically scale FME Flow engines based on real-time demand, without wasting resources. Instead of relying on the standard Kubernetes autoscaling based on CPU and RAM metrics, which can lead to ineffective scaling, KEDA can integrate directly with the FME Flow REST API. This allowed autoscaling based on the actual number and type of jobs in the queue. Now, whenever demand spikes, Kubernetes automatically spins up additional machines tailored to the type of workload—whether it’s CPU-intensive tasks or memory-heavy processes—ensuring optimal performance and cost-efficiency. While afterwards also autoscaling to zero, to reduce costs. Join us as we dive into how this approach helped Cadac scale on demand, reduce infrastructure costs, and provide a better experience for their customers. This session will feature both a technical walkthrough and insights on the real-world impact and value this solution has delivered to their platform and client.
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...
Build Smarter, Deliver Faster with Choreo - An AI Native Internal Developer P...WSO2 Enterprises must deliver intelligent, cloud native applications quickly—without compromising governance or scalability. This session explores how an internal developer platform increases productivity via AI for code and accelerates AI-native app delivery via code for AI. Learn practical techniques for embedding AI in the software lifecycle, automating governance with AI agents, and applying a cell-based architecture for modularity and scalability. Real-world examples and proven patterns will illustrate how to simplify delivery, enhance developer productivity, and drive measurable outcomes.
Learn more: https://wso2.com/choreo
Bonk coin airdrop_ Everything You Need to Know.pdf
Bonk coin airdrop_ Everything You Need to Know.pdfHerond Labs The Bonk airdrop, one of the largest in Solana’s history, distributed 50% of its total supply to community members, significantly boosting its popularity and Solana’s network activity. Below is everything you need to know about the Bonk coin airdrop, including its history, eligibility, how to claim tokens, risks, and current status.
https://blog.herond.org/bonk-coin-airdrop/
Integrating Survey123 and R&H Data Using FME
Integrating Survey123 and R&H Data Using FMESafe Software West Virginia Department of Transportation (WVDOT) actively engages in several field data collection initiatives using Collector and Survey 123. A critical component for effective asset management and enhanced analytical capabilities is the integration of Geographic Information System (GIS) data with Linear Referencing System (LRS) data. Currently, RouteID and Measures are not captured in Survey 123. However, we can bridge this gap through FME Flow automation. When a survey is submitted through Survey 123 for ArcGIS Portal (10.8.1), it triggers FME Flow automation. This process uses a customized workbench that interacts with a modified version of Esri's Geometry to Measure API. The result is a JSON response that includes RouteID and Measures, which are then applied to the feature service record.
OpenTelemetry 101 Cloud Native Barcelona
OpenTelemetry 101 Cloud Native BarcelonaImma Valls Bernaus A brief introduction to OpenTelemetry, with a practical example of auto-instrumenting a Java web application with the Grafana stack (Loki, Grafana, Tempo, and Mimir).
Eliminate the complexities of Event-Driven Architecture with Domain-Driven De...
Eliminate the complexities of Event-Driven Architecture with Domain-Driven De...SheenBrisals The distributed nature of modern applications and their architectures brings a great level of complexity to engineering teams. Though API contracts, asynchronous communication patterns, and event-driven architecture offer assistance, not all enterprise teams fully utilize them. While adopting cloud and modern technologies, teams are often hurried to produce outcomes without spending time in upfront thinking. This leads to building tangled applications and distributed monoliths. For those organizations, it is hard to recover from such costly mistakes.
In this talk, Sheen will explain how enterprises should decompose by starting at the organizational level, applying Domain-Driven Design, and distilling to a level where teams can operate within a boundary, ownership, and autonomy. He will provide organizational, team, and design patterns and practices to make the best use of event-driven architecture by understanding the types of events, event structure, and design choices to keep the domain model pure by guarding against corruption and complexity.
AI and Deep Learning with NVIDIA Technologies
AI and Deep Learning with NVIDIA TechnologiesSandeepKS52 Artificial intelligence and deep learning are transforming various fields by enabling machines to learn from data and make decisions. Understanding how to prepare data effectively is crucial, as it lays the foundation for training models that can recognize patterns and improve over time. Once models are trained, the focus shifts to deployment, where these intelligent systems are integrated into real-world applications, allowing them to perform tasks and provide insights based on new information. This exploration of AI encompasses the entire process from initial concepts to practical implementation, highlighting the importance of each stage in creating effective and reliable AI solutions.
Plooma is a writing platform to plan, write, and shape books your way
Plooma is a writing platform to plan, write, and shape books your wayPlooma Plooma is your all in one writing companion, designed to support authors at every twist and turn of the book creation journey. Whether you're sketching out your story's blueprint, breathing life into characters, or crafting chapters, Plooma provides a seamless space to organize all your ideas and materials without the overwhelm. Its intuitive interface makes building rich narratives and immersive worlds feel effortless.
Packed with powerful story and character organization tools, Plooma lets you track character development and manage world building details with ease. When it’s time to write, the distraction-free mode offers a clean, minimal environment to help you dive deep and write consistently. Plus, built-in editing tools catch grammar slips and style quirks in real-time, polishing your story so you don’t have to juggle multiple apps.
What really sets Plooma apart is its smart AI assistant - analyzing chapters for continuity, helping you generate character portraits, and flagging inconsistencies to keep your story tight and cohesive. This clever support saves you time and builds confidence, especially during those complex, detail packed projects.
Getting started is simple: outline your story’s structure and key characters with Plooma’s user-friendly planning tools, then write your chapters in the focused editor, using analytics to shape your words. Throughout your journey, Plooma’s AI offers helpful feedback and suggestions, guiding you toward a polished, well-crafted book ready to share with the world.
With Plooma by your side, you get a powerful toolkit that simplifies the creative process, boosts your productivity, and elevates your writing - making the path from idea to finished book smoother, more fun, and totally doable.
Get Started here: https://www.plooma.ink/
Design by Contract - Building Robust Software with Contract-First Development
Design by Contract - Building Robust Software with Contract-First DevelopmentPar-Tec S.p.A. In the fast-paced world of software development, code quality and reliability are paramount. This SlideShare deck, presented at PyCon Italia 2025 by Antonio Spadaro, DevOps Engineer at Par-Tec, introduces the “Design by Contract” (DbC) philosophy and demonstrates how a Contract-First Development approach can elevate your projects.
Beginning with core DbC principles—preconditions, postconditions, and invariants—these slides define how formal “contracts” between classes and components lead to clearer, more maintainable code. You’ll explore:
The fundamental concepts of Design by Contract and why they matter.
How to write and enforce interface contracts to catch errors early.
Real-world examples showcasing how Contract-First Development improves error handling, documentation, and testability.
Practical Python demonstrations using libraries and tools that streamline DbC adoption in your workflow.
iOS Developer Resume 2025 | Pramod Kumar
iOS Developer Resume 2025 | Pramod KumarPramod Kumar Explore the professional resume of Pramod Kumar, a skilled iOS developer with extensive experience in Swift, SwiftUI, and mobile app development. This portfolio highlights key projects, technical skills, and achievements in app design and development, showcasing expertise in creating intuitive, high-performance iOS applications. Ideal for recruiters and tech managers seeking a talented iOS engineer for their team.
Leveraging Foundation Models to Infer Intents
Leveraging Foundation Models to Infer IntentsKeheliya Gallaba Invited Talk at RAISE 2025: Requirements engineering for AI-powered SoftwarE Workshop co-located with ICSE, the IEEE/ACM International Conference on Software Engineering.
Abstract: Foundation Models (FMs) have shown remarkable capabilities in various natural language tasks. However, their ability to accurately capture stakeholder requirements remains a significant challenge for using FMs for software development. This paper introduces a novel approach that leverages an FM-powered multi-agent system called AlignMind to address this issue. By having a cognitive architecture that enhances FMs with Theory-of-Mind capabilities, our approach considers the mental states and perspectives of software makers. This allows our solution to iteratively clarify the beliefs, desires, and intentions of stakeholders, translating these into a set of refined requirements and a corresponding actionable natural language workflow in the often-overlooked requirements refinement phase of software engineering, which is crucial after initial elicitation. Through a multifaceted evaluation covering 150 diverse use cases, we demonstrate that our approach can accurately capture the intents and requirements of stakeholders, articulating them as both specifications and a step-by-step plan of action. Our findings suggest that the potential for significant improvements in the software development process justifies these investments. Our work lays the groundwork for future innovation in building intent-first development environments, where software makers can seamlessly collaborate with AIs to create software that truly meets their needs.
Agile Software Engineering Methodologies
Agile Software Engineering MethodologiesGaurav Sharma Software Engineering Process, Notation & Tools Introduction
DevOps for AI: running LLMs in production with Kubernetes and KubeFlow
DevOps for AI: running LLMs in production with Kubernetes and KubeFlowAarno Aukia Presented by Aarno Aukia on June 4th, 2025, at Kubernetes Community Days KCD New York
The rise of e-commerce has redefined how retailers operate—and reconciliation...
The rise of e-commerce has redefined how retailers operate—and reconciliation...Prachi Desai As payment flows grow more fragmented, the complexity of reconciliation and revenue recognition increases. The result? Mounting operational costs, silent revenue leakages, and avoidable financial risk.
Spot the inefficiencies. Automate what’s slowing you down.
https://www.taxilla.com/ecommerce-reconciliation
14 Years of Developing nCine - An Open Source 2D Game Framework
14 Years of Developing nCine - An Open Source 2D Game FrameworkAngelo Theodorou A 14-year journey developing nCine, an open-source 2D game framework.
This talk covers its origins, the challenges of staying motivated over the long term, and the hurdles of open-sourcing a personal project while working in the game industry.
Along the way, it’s packed with juicy technical pills to whet the appetite of the most curious developers.
Ad
Introduction to Serverless through Architectural Patterns
- 1. 31 May 2017 - at EPITA Introduction to Serverless through Architectural Patterns 1/18
- 2. Who am I? DevOps @CloudScreener EPITA 2015 Specialised in Systems, Networks and Security Cloud Systems Engineer @Axiad IDS, 2015-2016 Passion for creating products, while learning new technologies @MathieuMailhos Cloud & Ops Enthousiast 2/18
- 3. Context & Introduction I/ Introducing Serverless II/ Architectural Patterns III/ Serverless Framework Demo IV/ Overall Benefits and Drawbacks Conclusion Agenda 3/18
- 4. Adopt the lean startup methodology: Business Hypothesis needs to be validated Only invest time and money on non-risky projects If you fail, fail fast. Then learn and retry. We need less overhead in our development Focus on building the product: Remove the boring and hard part around managing your infrastructure Timing is a major key of success 4/18
- 5. Internet based systems where application process rely on: 1. A combination of 3rd party services: Backend As A Service 2. Remote procedure calls: Function As A Service 3. Rich client-side logic Basically, write scalable code without having to think about details of the container, operating system or infrastructure that run the program Only pay for what you use Connecting APIs to avoid hosting and managing servers Introducing Serverless 5/18
- 6. Provide Hardware by abstracting physical environment Deploy in Months Live for Years Provide OS through Virtual Machines Deploy in minutes Live for weeks Provide Application Environment through Containers Deploy in seconds Live for hours Provide completely abstracted environment through Functions Deploy in milliseconds Live for seconds Infrastructure Abstraction Evolution Datacenter IaaS PaaS FaaS 6/18
- 7. Function As A Service Multiple Providers: AWS Lambda, Google Cloud Functions, MS Azure Functions, IBM OpenWhisk, Twilio Functions, iron.io (on-premise), Galactic Fog (on-premise) Or build your own: http://blog.alexellis.io/functions-as-a-service/ Unit of deployment: A Function Stateless: Running in an ephemeral containers Pricing Model: Pay per execution count and length Scaling & High Availability: Automatic Execute code, without managing servers, based on direct invocations or events Use your own language Zip and upload. Choose the amount of memory you need. RAM, Disk and Processes are not persistent. Do not count on them! Usually, pay per 100ms. Direct consequences of running optimised code Each vendor has its own limits. However, there is no SLA guaranteed (yet). 7/18
- 8. We can find all we need to build our product out there APIs are the new libraries Database, Storage Authentication, Analytics, Messaging, Tooling (Logging, Monitoring…), Artificial Intelligence, As A Service Backend As A Service 8/18
- 9. Standard Web App, All the logic is on the servers Serverless: More logic in the client. Use of multiple services. Implies the need to manage monitoring and security on each component. Web Application Pattern AWS API Gateway / Google Cloud Endpoints: Gateway/Proxy for HTTP Calls. Manage authentication, caching, monitoring, throttling. Update requests on the fly 9/18
- 10. Recurring Jobs: Log analysis, SSL Checks, Backups… Use of a scheduler / source of trigger Multiple notifications channels, log file Automations Event Driven: Processing files upload, Reacting to database key change, New created user… 10/18
- 11. Presenting the Fan Out Pattern Batch Processing Process huge volume of data on a regular basis Non-interactive background job Apply the MapReduce programming model to serverless Speed depends on the number of invoked concurrent functions Save state in any storage / database depending on your data structure 11/18
- 12. Stream Processing Process non-interrupted stream of data in near real-time Handle spiky traffic and message ordering Use of Kinesis or a Message Queueing Service to store data Beware of poisoning messages & be prepared for Lambda failures (DLQ) Then process those data subsets by calling functions concurrently Tune your functions capacities and concurrent calls to keep up with ingest rate 12/18
- 13. Demo Write and deploy your entire serverless infrastructure using only configuration files and functions Handle multiple vendors Serverless Framework https://github.com/serverless/serverless 13/18
- 15. Custom OAuth Authentication Typical use case where 2 functions make you avoid provisioning a server, setting up the system and the development environment, its security, installing a reverse proxy, monitoring it and managing it over time… 15/18
- 16. Overall Benefits and Drawbacks Benefits Costs: Don’t pay for idle, overall less Ops work Scale: Managed by the vendor, no over-provisioning anymore High-Availability: automatic availability zones redundancy Ops: Easy to maintain and deploy Time: focus on code only Greener: shared environment Drawbacks Beware of Vendor lock-in: migrations won’t be easy Multi tenancy problems: security, robustness, performances More front-end development required Stateless changes the way to code, might require additional component Startup latency and network dependencies Debugging, Versioning, Testing and Monitoring can be tricky: need more tools 16/18
- 17. Conclusion Serverless is not a correct approach for every problem since it still has major drawbacks: latency, vendor lock-in… But it is awesome when applied to lean methodology: deliver fast, get feedbacks quickly. Easy to get started: take advantage of the “free tier” plan provided by vendors. Bring huge opportunities for engineers with both infrastructure and development skills. 17/18
- 18. Thank You Question Time! @MathieuMailhos linkedin.com/in/mathieumailhos github.com/MathieuMailhos 18/18