2 offline days

Talking about schedules, sessions and sharing information. Come to the auditorium or connect online to find out what's coming up for you!

The concept of serverless and a lot of "new" products based on this approach have formed a lot of myths in development, which prevent a sober look at serverless-development. In the process of demystification we will clarify, examine and untangle the main myths associated with serverless development applications. Once again, we will clarify how a serverless development approach works. We will review the basic principles and components of serverless architecture and event-driven approach. Let's understand which software development processes are subject to transformations in the process of adapting to the serverless approach. Clarify how the role of developers is changing. What DevOps practices are taking root, and whether a culture of collaboration is germinating in serverless-approach teams.

Let's make our own Helm Chart Repository with testing and documentation for free and without SMS.

As safe development practices emerge or increase in an organization, the question often arises: “So how do you build and configure policies so that no one gets hurt?” This talk is about how to keep developers from getting hurt and at the same time keep doing their job without being distracted by arguments and unnecessary reactions. What incidents can be avoided and how much time can be saved if you do it right.

Kubernetes is an excellent orchestrator, solving many problems gracefully. However, interacting with it directly with developers can cause problems and even lead to degradation. Let's discuss what approaches there are to configuring and building the release cycle.

The talk describes the company's experience in customizing the Community Edition (CE) HashiCorp Vault to automate access management for more than 400 teams with different types of employees. It describes the implementation of access rights differentiation, two-factor authentication, log analysis for security, and plans for future development of CE Vault.

Infrastructure development is an integral part of any infrastructure platform. Let's talk about how it can be organized, how to work in a team with infra-code. We will discuss good practices and consider non-obvious features of infra-development.

The speaker will talk about the architecture and technology stack of the platform: he will review its compound modules and key technologies, as well as provide a more detailed explanation of the architecture and purpose of one of the basic modules (audit). We will discuss the workflow and key metrics of technical and business monitoring, connectivity and troubleshooting processes.

Denis will also share their plans for solution development, such as increasing the maturity of the platform and tools for tracking metrics.

The speaker will talk about the Russian analogue of the repository management product – Sfera.Distributions and Licences: what problems it solves and what security has to do with it.

Consider DevOps as a professional movement.

The speaker will share his experience of operating and administering NXRM in its free version.  You will learn what it has pluses, what it's good for and who can benefit from it. And in the second part you will hear about its disadvantages, problems and pitfalls.

Migrating to Yandex Cloud. How to make the migration painless, obvious benefits of the cloud and solved cases of possible problems.

A talk on how service performance work is decomposed into individual tasks. The topic includes not only performance testing, profiling, and benchmarks, but also designing service metrics, linking to SLOs, failure analysis, the process of working on performance optimization, and automation in CI/CD.

Let's talk about the problems and challenges of growing a large multitenant system in terms of automation.

Nikita will tell their story of implementing the Gravitee API Managment platform. In 2022, they needed an API Gateway system. The task was to analyze the available solutions and implement one of them. He will share the conclusions from the analysis and what they encountered in the deployment. Infrastructure, architecture, processes, pitfalls, plans — all stages of developing their understanding of the platform.

An entertaining battle talk on a topic that is important nowadays. We will discuss the topic of clouds in the context of comparing Kubernetes and VK's own One-cloud solution. We will discuss whether you need to write your own products or it is better to use open source, what risks and difficulties await you on each path.

Daniel will talk about the challenges they faced in the topic of reliability of mobile banking, Tinkoff's main app. He will share what SRE practices helped to make it more reliable, and tell how and what technical metrics they monitor.

The talk will provide an overview of the main causes of Supply Chain Attack and the methods and approaches often used to combat them. We will discuss why it is not only related to development and code, but also to Operations Security. As part of the presentation, life stories will be demonstrated with examples of "real-life" Supply Chain Attack simulations.

Round table with participants from Rosbank, Sber and MTS. We will discuss the experience of applying Chaos Engineering in each company. We will analyze popular questions. Share insights and useful materials.

Tired of thinking during reports? Then we invite you to think at the creative quiz! Together with the Indigo League, we will organize an intellectual quiz, where you can test your intelligence and erudition and relax in the company of other conference participants.

At the DevOops Meetup he talked about how he sees modern DevOps. This time, developing the thought, will talk about how they transform with the DevOps profile, what models work, how to effectively allocate people to projects with a strong/weak matrix, etc.

Alexey will describe the path from the idea to getting the right Cassandra database on the button. Why they chose a Kubernetes-based solution and what problems they encountered. What they got in the end and what they failed to realize. He will tell you how they wrote the wrapper and why they had to write their own operator. You will learn why the service is not just about getting a base by a button, but a whole set of activities.

Ilya will tell you what Airflow is and how this tool will help you automate routine processes. He will share step-by-step instructions on how to deploy Aiflow in your company and do it beautifully.

We are all used to containers as a convenient and secure way to run applications. So accustomed that we forget that we are actually working in a host OS. Which can be accessed from inside the container under certain conditions. Let's see and demonstrate live the ways of leaving the container and accessing the host system. Namespaces, CGROUPS, proper delimitation of privileges and all that.

At some point every developer realizes that you can't rely on the reliability of external systems. Anything can start working in an unexpected way, and we need to put some straw in the firewall. Then various mechanisms appear in the application to insure against dependency failures: retries, caches, reservations and load balancing. But, all of a sudden, the very implementation of these patterns may not only fail to help during a failure, but also worsen it. The speaker will tell you how it happens and what you can do to make sure that the straw doesn't turn out to be a pile of bricks.

The speaker will talk about why it is necessary for developers to write Network Policy for their microservices. And also how to declare, quickly and conveniently, adhering to the GitOps approach, roll out and distribute resources between departments — IT and IS.

With experts from Positive Technologies, Kaspersky Lab and Luntry, we will discuss container security in a cluster. We will consider whether "general-purpose" security tools are effective for clusters and whether specialised tools are required.

We'll consider the most popular questions from companies that are tackling cluster security, as well as discuss the risks and biases of working with containers in the public cloud.

Moderator: Roman Ermakov, Product Manager of Security Services, VK / VK Cloud. 

During a technical talk, the speaker will cover:

• Ansible's convenient and efficient repository structure;
• Ansible projects: a gathering point for roles and inventory to run scripts;
• Ansible roles: atomic functionality with code quality checks, as well as versioning and documentation rules;
• Ansible's collections: low-level Python modules and ready-made playbooks;
• repository templates for a quick start;
• uniform rules for using and formatting Ansible code;
• support tools: ghorg, pre-commit, ansible-lint. 

In our work, we often encounter challenges in applying some SRE practices. The speaker will talk about how they deal with these challenges. We'll talk about the problems with duty rosters and how we solved them. We'll discuss routines and optimizing approaches to identifying them. We'll deal with the chaos of handling incidents and learn how to take advantage of them.

The speaker will talk about the unusual use of the Helm tool to deploy microservices without directly developing Helm charts. This approach will help you run complex and reusable configurations without diving into the details of Go patterns.

Comprehensive and unified IaC: GitOps + Kubernetes operators.

A Dev Container is a tool that allows you to create and use an environment in which all the toolchains you need for your project are located. This customized environment is useful for both team development and third-party review of the project.

The story of how to make storing network policies simple and easy. How to start managing chaos.

The speaker will outline the basic concepts of the Team Topologies Agile framework, using practical examples to show how to apply it to boost security and solve inter-team conflicts.

Last year, a new wave of protestware broke out in open source projects.

I will talk about the history of the emergence of toxic repositories and the current situation with them. We will also discuss trends and steps to neutralize the protest movement in open source.

And we will also separately touch on the history of the creation of the toxic-repos project.

The speaker will talk about their experiences with DBMS in K8s using pgSQL, ClickHouse, Cassandra, Elasticsearch, Kafka, VictoriaMetrics as examples. Particular emphasis will be placed on the types of stores in K8s and the specifics of working with each of them. What your DBMS or applications should be prepared for when working in K8s and in which cases it is better to think twice before stopping by K8s.

Kirill will talk about the main mistakes when building Observability for systems. He will define the concept of anti-pattern and give examples of anti-patterns in Observability, such as "Too many metrics", "Too many logs", "Too many alerts". The speaker will explain how these anti-patterns can overload the system and make it difficult to analyze the data. He will also give tips on how to avoid this.

Let's look at the types of attacks on a cluster, what the main typical vulnerabilities are, how to deal with them, and what Admission Controller has to do with it. How to configure security policies so that you don't prohibit everything around and don't allow something unnecessary. Technologies: Kyverno, Kubernetes, network and network protocols, pentest.

Daniil will talk about the experience of implementing SLO in their product and share the results. He will show the resulting graphs and talk about the challenges encountered along the way.

The speaker will explain how it is possible to implement a maturity matrix on the example of a product, how long it can take and what results it can lead to.

We summarize the results of the conference, recall the highlights and talk about future plans. Come to the auditorium or join the broadcast to make sure you don't miss a thing!