Episodes

  • Open Source Tools & The DevOps Evolution
    Dec 17 2021

    Speaker: Brian Dawson

    Last episode of Season 2 wraps up with a bit of history behind the DevOps movement and it's connection to open source and finishes with predictions on where the DevOps movement is heading in 2022.

    Support the show
    Show More Show Less
    36 mins
  • Four Keys Metrics to Measure Your DevOps Performance
    Dec 10 2021

    Speakers: Dina Graves Portman and Henrik Rexed

    Through six years of research, the DevOps Research and Assessment (DORA) team has identified four key metrics that indicate the performance of a software development team: 

    • Deployment Frequency—How often an organization successfully releases to production
    • Lead Time for Changes—The amount of time it takes a commit to get into production
    • Change Failure Rate—The percentage of deployments causing a failure in production
    • Time to Restore Service—How long it takes an organization to recover from a failure in production
    Support the show
    Show More Show Less
    35 mins
  • Finding Your Way: A Survey of Supply Chains
    Nov 19 2021

    Speaker: Aeva Black

    With the explosion of interest in SBOMs, it's likely that you've just heard of a few projects for the first time -- even if those projects aren't new, they may be new to you, and you might be asking yourself, "how is X different from Y?" You might also be wondering which projects you should select in order to satisfy the requirements of the Executive Order!

    As when starting out on any journey, before entering unfamiliar territory, it is important to understand the lay of the land, pack the right supplies, and get to know your traveling companions.

    In this talk, a few maps of the open source supply chain landscape will be shared. Attendees will gain a sense of both the breadth and depth of the challenges ahead, and learn to identify a few essential types of tools for their journey.


    Support the show
    Show More Show Less
    16 mins
  • Designing for Reliability in Production
    Nov 12 2021

    Speaker: Ayelet Sachto

    Learn the considerations and strategies that can make designing for reliability in production more intentional; going beyond infrastructure into operational practices and best practices for application design and operational readiness when designing an application for production.  In this episode learn more about why & what of reliability, antipatterns and principles that about building reliable systems. 

    Support the show
    Show More Show Less
    15 mins
  • Site Reliability Engineering Adoptions: Setting up the Fundamentals
    Oct 29 2021

    Speaker: Spyridon Maniotis

    The session aims to provide an overview of the fundamental elements that foster a successful SRE adoption. Core to an SRE adoption elements such as; operating model, tenets, process engineering, skillset, technological capabilities/tactics, reconciliation with DevOps and ITSM, as well mechanisms such as "error budget" & "engagement models" will be outlined. All in relation to an "adoption at relevance". Concluding a set of lessons learned will be presented, along with key considerations to be taken when adopting, sustaining, and scaling.


    Support the show
    Show More Show Less
    19 mins
  • How SolarWinds is Using Open Source to Secure Their Supply Chain
    Oct 22 2021

    Speaker: Trevor Rosen

    As you're no doubt aware, SolarWinds was hit in December 2020 with a sophisticated supply chain attack perpetrated by nation state actors. In the months since, they've been working to create an entirely new build system based on a number of CNCF and CDF projects. In this talk, you'll learn about what they're building, why it's necessary, and what it's like to be on the inside when the unthinkable happens.


    Support the show
    Show More Show Less
    23 mins
  • Supply Chain Security Con
    Oct 8 2021

    Speaker: Dan Lorenc 

    SupplyChainSecurityCon is a new, vendor-neutral conference for security practitioners, open source developers and those interested in software supply chain security hosted by CNCF + CDF. Due to the uptick in supply chain attacks, this event is to bring the community together to discuss supply chain threats, best practices, mitigation tactics including up and coming frameworks and specifications. 

    Who Should Attend
    All developers and leaders interested in securing the software supply chain.
    https://events.linuxfoundation.org/supplychainsecuritycon-north-america/

    Support the show
    Show More Show Less
    12 mins
  • Dev Loves CI/CD: Efficient Sec and Ops Pipelines
    Oct 1 2021

    Speaker: Michael Friedrich

    Continuous integration and delivery/deployment helps speed up development and review workflows. Developers can focus on code reliably tested in different environments. At some point, the operations team gets paged on broken pipelines and jobs being stuck. On top, the security audit unveiled plain text secret exposure and dependency exploits. The next horror story: The software cannot be deployed anymore because package dependencies are broken. In this talk we hear stories on making CI/CD pipelines more reliable and secure. Automated deployments and package/container repositories can help avoid redundant cycles and extra work hours. Monitoring/observability combined with automation ensures to sleep in busy on-call times. Learn how Dev meets Sec and Ops in the pipelines and hear best practices on efficiency, iteration and insights.

    Support the show
    Show More Show Less
    29 mins