Holy cow, I learned so much since The Phoenix Project came out in 2013. In this talk, I will share my top learnings while co-authoring The DevOps Handbook with Jez Humble, Patrick Debois, and John Willis. I’ll talk about the latest findings from the State of DevOps Report, the true importance of deployment lead times, how DevOps truly transforms the lives of Dev and Ops, what I learned about Conway’s Law, and how DevOps is a subset of dynamic learning organizations, of which Toyota is the most famous. This project was one of the most fun and rewarding adventures of my life, and I want to share some of my biggest a-ha moments
Working technology for a political campaign involves the shortest timelines, tightest deadlines, and highest stakes you will likely ever encounter in a technology career. Come hear a tale of two political campaigns - a state measure campaign and a presidential campaign - and the application of both DevOps technologies and culture to move fast, pivot quickly, and hopefully win. One of the key challenges of politics - as well as DevOps in general - is harnessing automation without losing the critical human touch which moves hearts and changes minds. Learn how to find the line where too much automation (yes, there is such a thing) is counterproductive and you need to pull back to maintain a personal connection with voters, customers, employees, and more. You will also walk away knowing how to take the lessons and experience learned to future campaigns and projects - especially when your candidate, product, etc. does not end up winning. There is value - sometimes more value - in a loss as well as a win. Learn how to take what you can, iterate, and refine it for a future application.
This talk will revisit Columbia's DevOps journey within a Microsoft Enterprise with specific emphasis on 4 themes:
1) Etsy Day 1 Deploy
3) Learning Labs
4) Building a High Performance Learning Organization
ChatOps is being used at Columbia as a transformative technique to gain more participation, enthusiasm, and buy-in.
Similar to learnchef.io, this talk will explore the use of "learning labs" to develop intuition, confidence, and skills for both new hires and internal teams newish to DevOps at Columbia. One example of a lab is to increase resources on existing Servers, create new servers, and tear down servers using Infrastructure as Code and CI pipelines.
We are using regularly scheduled weekly learning reviews to review outages, near misses, and successes from the prior week while also rotating facilitators to develop new capabilities within engineers.
* Although DevOps is becoming increasingly mainstream in enterprises, examples of DevOps applied to traditional 3-tier Windows Architecture on premises scenarios are not as prevalent (Although Linux examples are numerous). Microsoft implementations typically focus on e-commerce scenarios and/or simple IIS demonstrations. The cultural challenges at Microsoft enterprises are unique and can be more difficult to overcome as the engineers/administrators are much more accustomed to the GUI and “right clicking”.
This is the bittersweet story of Continuous Integration. CI is practice that we fell in love with, embraced and then never fully committed to. I’ll share with you the current state of CI, what we think we are doing when we say CI and what we are really doing in terms of CI. Then I’ll remind us all why we fell in love with CI in the first place and make some suggestions on how to get back to the good stuff.
Sharing. It's one of the four pillars of CAMS. We consume so much shared content but have we ever thought about sharing from the point of view of the Sharer? Why should I share? If I'm constantly sharing information what do I get out of it? What's in it for me!?
This ignite talk looks at sharing through the eyes of a Sharer. What benefits do they receive out of sharing? What cultural or psychological benefits are there?
The more I learned about DevOps the more I realized how these principles could be applied outside of work, especially in my role as a parent. If you are a parent, thinking of becoming a parent or have parents learn how DevOps principles such as collaboration, communication and retrospectives can be applied to your relationships. This talk will frame some of the challenges of parenting through a DevOps lens.
Incidents happen and most of the time they get handled quickly by an individual or through an automation system. But sometimes none of that works and you need to call in the crisis team. Any highly functional team will need a leader. It's not optional, especially in crisis. Decisions need to be made quickly and someone needs to coordinate efforts rather than getting knee-deep in technical issues.
When should you choose a leader, and when everyone is busy putting out the big fire, what should the leader actually be doing? This talk will explore exactly these questions and what it means to be a leader during crisis response.
Chuck Norris gets his ATO fast because paper works for him. But the rest of us need automated compliance tools to escape the time-sucking, traditional audit process. This ignite talk pairs Chuck Norris IT facts with cool new tools for DevOps-compatible high-velocity compliance including: OpenControl, ComplianceMasonry, InSpec, GovReady, OpenSCAP, and SecureCI.
Day 2 operations of cloud-native systems such as DC/OS or Kubernetes cover a wide range of activities, from monitoring & logging to upgrades and backup/restoring the platform as well as individual services. We will cover typical requirements and tooling available to devops to successfully perform day 2 operations, discuss good practices in this area and give a live demo of selected topics, such as monitoring with Prometheus and backup/restore with burry.
Since the Continuous Delivery book came out in 2010, it’s gone from being a controversial idea to a commonplace… until you consider that many people who say they are doing it aren’t really, and there are still plenty of places that consider it crazy talk. In this session Jez will present some of the highlights and lowlights of the past six years listening to people explain why continuous delivery won’t work, and what he learned in the process.
The on-going journey of a transition from quarterly batched releases and teams working in silos to our target state of a mature DevOps organization from two points of view. Suzanne is our long term employee and Application Development Manager. Sarah is a new employee to Starbucks working daily with the teams as a scrum master and transformation coach on this DevOps journey. We have a team with a deep need for increased agility, closer connection to their customer and move away from tribal knowledge to building it up instead. This team is one who prior to a year ago had no experience with Agile or DevOps and many of our team members have a 10+ year tenure within our group. We will share the experience of starting with Scrum and the transition to flow we are currently in the throes of. Our methods and learning along the way to understand our value stream, remove waste, educate our team by living the Starbucks mission and executing these through a lenses of humanity.
This talk is an outline of some of the technical and non-technical things that Operation team members can do to continue to make themselves more valuable in their organization. The idea came to me when I was talking with someone who was new to the field that felt Operations work wouldn't exist or it's value would be diminished in the coming years. But there are plenty of things that internal OPS teams can do that will be difficult to commoditize by the likes of Amazon and Google.
Your team started using Kanban boards and visualizing your work a while back and, though everyone is happy about the increased visibility, your team is nowhere near the utopia other teams say they’ve achieved. Even worse, you don’t know why or how to get there!
Many teams hit this same plateau and stop, falling tragically short of the value that can be achieved with deeper Kanban implementations. Julia Wester will share tangible steps to take to help transform shallow kanban implementations into systems focused on flow and continuous improvement.
Ever been to a conference, get inspired, try to bring what you learned back to the office, only to be stymied by co-workers who aren't interested in rocking the status quo? It turns out that people tend to resist change in patterns, and like any pattern they can be overcome by using other people's experiences with those skeptics. This session will teach you how to identify the skeptics, how to counter them, and give you a strategic framework to convince your whole office.
Traditional testing has generally meant a siloed activity, charged with ensuring shippable product quality. It has also been synonymous with words like ReleaseBlocker, ShipStopper and looked upon as a required time drain in product deployment life cycle. In most cases, without the proper process and cultural thinking in place, testing is still thought of as a blocker to shipping code.
In the DevOps world of modern micro-service based architecture and cloud based apps, this traditional thinking has long since been replaced with faster and more fluid testing practices. But what if testing is reimagined as a service that can be harnessed by other product services to ship higher quality code. Since the beginning of SignalFx, Testing-as-a-service has been the core to how we build, test, and deploy production-ready code. In this talk, I outline the thinking behind this concept and highlight how we've successfully embraced TaaS.
T-Mobile is on a journey to becoming a world-class digital company. The entire company is looking at how they work and finding ways to make what they do radically simple and delivering a fantastic mobile first customer experience.
The Enterprise Information Technology team is going through a Digital Transformation focusing on six core areas; Digital Architecture, Iterative Design, Agile Coaching and Training, Enterprise Delivery Pipeline, Continuous Testing, and Delivery Management.
Over the last year, the Development Automation team has focused on providing an automated, simplified, predictable and compliant path to production for all development team.
We would like to present the changes to our delivery pipeline to support our development teams. Specifically, how we automated and standardized processes, while increasing quality with the mantra of faster, better, cheaper.
It seems that nearly everyone in tech is addicted to coffee. But do you ever wonder how we went from commodity coffee in big tin cans to artisanal coffee that’s become an integral part of some people’s lifestyle? I’ll share the modern history of coffee and lessons from the explosive growth of coffee culture that we can apply to DevOps.
Public speaking is hard and this talk is about how I overcome that fear. I avoided public speaking for years. Whenever I speak, people compare me to Gordon Ramsay: I can’t not sound angry even though I’m not. But I had a recent breakthrough and I want to share this journey with you. There’s a lesson for everyone in this talk as we examine the role of women in tech, challenges of travel, tech conferences, the DevOps community, and more.
Security State of Mind: Compliance and Vulnerability Audits for Containers
Data breaches are on the rise and placing increased pressure on Enterprise IT to protect the business. With the rise of DevOps and as hackers takes advantage of known vulnerabilities on unpatched or misconfigured systems, Enterprise IT increasingly needs to automate vulnerability management, security management, and compliance checking. OpenSCAP is an opensource tool for automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.
In this presentation, you’ll learn about:
How Containers enable DevOps, Container Technology, and the security risks with deploying containers in the enterprise
Security vulnerability (CVEs) and Configuration issues (CCEs) notifications and checks
Automating vulnerability management, security management, and compliance checking with OpenSCAP
Scanning online and offline Containers and Virtual Machines with OpenSCAP
Generating and understanding OpenSCAP audit reports
Customizing OpenSCAP profiles
Join Chris Van Tuin, Chief Technologist, West at Red Hat, as he walks through the inherent security risks of deploying containers in the enterprise and how OpenSCAP can help protect and secure the business.