Start of main content

2 offline days

September 17–18 10:00–19:30 (UTC+3)

Offline: Hotel MonArch, Leningrad Avenue, 31А, building 1, Moscow, Russian Federation

Online broadcast

Why It’s Worth Going

  • Talk in person

    To see old friends. To discuss current problems. To come up with new ideas. To debate and just chat.
  • Switch the format to offline

    To have a change of scenery, to distract and have a good time. To gain fresh impressions and new acquaintances.

Broadcast

There will be a broadcast on the offline part of the conference, which is available to participants with any ticket. If you want to meet and interact with the speakers and other participants live, we are waiting for you at the venue. And if you are not ready to get to the venue, recordings of all the talks and activities will be waiting for you on this website.

Program

  1. September 17

    • Watch recording

      Talk type: Talk

      Demystifying Serverless: Transforming Development Processes and Culture

      The concept of serverless and a lot of "new" products based on this approach have formed a lot of myths in development, which prevent a sober look at serverless-development. In the process of demystification we will clarify, examine and untangle the main myths associated with serverless development applications. Once again, we will clarify how a serverless development approach works. We will review the basic principles and components of serverless architecture and event-driven approach. Let's understand which software development processes are subject to transformations in the process of adapting to the serverless approach. Clarify how the role of developers is changing. What DevOps practices are taking root, and whether a culture of collaboration is germinating in serverless-approach teams.

    • Watch recording

      Talk type: Talk

      Cultivate or Implant? A Practical Guide to Growing Safe Development Policies

      As safe development practices emerge or increase in an organization, the question often arises: “So how do you build and configure policies so that no one gets hurt?” This talk is about how to keep developers from getting hurt and at the same time keep doing their job without being distracted by arguments and unnecessary reactions. What incidents can be avoided and how much time can be saved if you do it right.

    • Watch recording

      Talk type: Talk

      Hiding Kubernetes: Configuration Approaches

      Kubernetes is an excellent orchestrator, solving many problems gracefully. However, interacting with it directly with developers can cause problems and even lead to degradation. Let's discuss what approaches there are to configuring and building the release cycle.

    • Watch recording

      Talk type: Talk

      How We Wanted to Automate Vault CE and What We Ended Up Turning It Into

      The talk describes the company's experience in customizing the Community Edition (CE) HashiCorp Vault to automate access management for more than 400 teams with different types of employees. It describes the implementation of access rights differentiation, two-factor authentication, log analysis for security, and plans for future development of CE Vault.

    • Watch recording

      Talk type: Talk

      Efficient Cloud Infrastructure Management

      Infrastructure development is an integral part of any infrastructure platform. Let's talk about how it can be organized, how to work in a team with infra-code. We will discuss good practices and consider non-obvious features of infra-development.

    • Watch recording

      Talk type: Partner’s talk

      Investment Business Platform. Monitoring. How We Designed Solutions and Started to Monitor Them

      The speaker will talk about the architecture and technology stack of the platform: he will review its compound modules and key technologies, as well as provide a more detailed explanation of the architecture and purpose of one of the basic modules (audit). We will discuss the workflow and key metrics of technical and business monitoring, connectivity and troubleshooting processes.

      Denis will also share their plans for solution development, such as increasing the maturity of the platform and tools for tracking metrics.

    • Watch recording

      Talk type: Talk

      Nexus Repository Manager. Love and Hate

      The speaker will share his experience of operating and administering NXRM in its free version.  You will learn what it has pluses, what it's good for and who can benefit from it. And in the second part you will hear about its disadvantages, problems and pitfalls.

    • Watch recording

      Talk type: Talk

      SRE and Performance, or When Performance Matters

      A talk on how service performance work is decomposed into individual tasks. The topic includes not only performance testing, profiling, and benchmarks, but also designing service metrics, linking to SLOs, failure analysis, the process of working on performance optimization, and automation in CI/CD.

    • Watch recording

      Talk type: Talk

      Our Way: Choosing and Adopting APIM Gravitee

      Nikita will tell their story of implementing the Gravitee API Managment platform. In 2022, they needed an API Gateway system. The task was to analyze the available solutions and implement one of them. He will share the conclusions from the analysis and what they encountered in the deployment. Infrastructure, architecture, processes, pitfalls, plans — all stages of developing their understanding of the platform.

    • Watch recording

      Talk type: Battle

      One-Cloud vs K8s: Take Off-the-Shelf or Write the Cloud Yourself?

      An entertaining battle talk on a topic that is important nowadays. We will discuss the topic of clouds in the context of comparing Kubernetes and VK's own One-cloud solution. We will discuss whether you need to write your own products or it is better to use open source, what risks and difficulties await you on each path.

    • Watch recording

      Talk type: Talk

      (Non-)Standard Approach to Modeling Supply Chain Attack

      The talk will provide an overview of the main causes of Supply Chain Attack and the methods and approaches often used to combat them. We will discuss why it is not only related to development and code, but also to Operations Security. As part of the presentation, life stories will be demonstrated with examples of "real-life" Supply Chain Attack simulations.

    • No record

      Talk type: BOF-session

      Chaos Engineering Implementation Practice

      Round table with participants from Rosbank, Sber and MTS. We will discuss the experience of applying Chaos Engineering in each company. We will analyze popular questions. Share insights and useful materials.

    • No record

      Talk type: Game

      Quiz

      Tired of thinking during reports? Then we invite you to think at the creative quiz! Together with the Indigo League, we will organize an intellectual quiz, where you can test your intelligence and erudition and relax in the company of other conference participants.

  2. September 18

    • Watch recording

      Talk type: Talk

      Cassandra as a Service at Tinkoff, or How We Build a Reliable and Fault-Tolerant Solution Based on Cassandra

      Alexey will describe the path from the idea to getting the right Cassandra database on the button. Why they chose a Kubernetes-based solution and what problems they encountered. What they got in the end and what they failed to realize. He will tell you how they wrote the wrapper and why they had to write their own operator. You will learn why the service is not just about getting a base by a button, but a whole set of activities.

    • Watch recording

      Talk type: Talk

      Airflow in the Bloody Enterprise

      Ilya will tell you what Airflow is and how this tool will help you automate routine processes. He will share step-by-step instructions on how to deploy Aiflow in your company and do it beautifully.

    • Watch recording

      Talk type: Talk

      Escape from the Container

      We are all used to containers as a convenient and secure way to run applications. So accustomed that we forget that we are actually working in a host OS. Which can be accessed from inside the container under certain conditions. Let's see and demonstrate live the ways of leaving the container and accessing the host system. Namespaces, CGROUPS, proper delimitation of privileges and all that.

    • Watch recording

      Talk type: Talk

      SRE. Unobvious Ways to Shoot Yourself in the Knee in Attempts to Make an Application More Reliable

      At some point every developer realizes that you can't rely on the reliability of external systems. Anything can start working in an unexpected way, and we need to put some straw in the firewall. Then various mechanisms appear in the application to insure against dependency failures: retries, caches, reservations and load balancing. But, all of a sudden, the very implementation of these patterns may not only fail to help during a failure, but also worsen it. The speaker will tell you how it happens and what you can do to make sure that the straw doesn't turn out to be a pile of bricks.

    • Watch recording

      Talk type: Talk

      Network Policy for Developers: How and Why

      The speaker will talk about why it is necessary for developers to write Network Policy for their microservices. And also how to declare, quickly and conveniently, adhering to the GitOps approach, roll out and distribute resources between departments — IT and IS.

    • Watch recording

      Talk type: Partner’s conversation

      Container Security in 2023. Trend or Necessity?

      With experts from Positive Technologies, Kaspersky Lab and Luntry, we will discuss container security in a cluster. We will consider whether "general-purpose" security tools are effective for clusters and whether specialised tools are required.

      We'll consider the most popular questions from companies that are tackling cluster security, as well as discuss the risks and biases of working with containers in the public cloud.

      Moderator: Roman Ermakov, Product Manager of Security Services, VK / VK Cloud. 

    • Watch recording

      Talk type: Partner’s talk

      Convenient Ansible

      During a technical talk, the speaker will cover:

      • Ansible's convenient and efficient repository structure;
      • Ansible projects: a gathering point for roles and inventory to run scripts;
      • Ansible roles: atomic functionality with code quality checks, as well as versioning and documentation rules;
      • Ansible's collections: low-level Python modules and ready-made playbooks;
      • repository templates for a quick start;
      • uniform rules for using and formatting Ansible code;
      • support tools: ghorg, pre-commit, ansible-lint. 
    • Watch recording

      Talk type: Talk

      SRE Tools and Practices that Help You Get Out of Routines and Make Systems Run Smoothly

      In our work, we often encounter challenges in applying some SRE practices. The speaker will talk about how they deal with these challenges. We'll talk about the problems with duty rosters and how we solved them. We'll discuss routines and optimizing approaches to identifying them. We'll deal with the chaos of handling incidents and learn how to take advantage of them.

    • Watch recording

      Talk type: Talk

      Using Helm Without Writing Helm Charts

      The speaker will talk about the unusual use of the Helm tool to deploy microservices without directly developing Helm charts. This approach will help you run complex and reusable configurations without diving into the details of Go patterns.

    • Watch recording

      Talk type: Talk

      Practical Application of Dev Containers

      A Dev Container is a tool that allows you to create and use an environment in which all the toolchains you need for your project are located. This customized environment is useful for both team development and third-party review of the project.

    • Watch recording

      Talk type: Talk

      Toxic Repositories. What Is Happening to Open Source Now?

      Last year, a new wave of protestware broke out in open source projects.

      I will talk about the history of the emergence of toxic repositories and the current situation with them. We will also discuss trends and steps to neutralize the protest movement in open source.

      And we will also separately touch on the history of the creation of the toxic-repos project.

    • Watch recording

      Talk type: Talk

      Stateful in K8s That We Are Afraid Of

      The speaker will talk about their experiences with DBMS in K8s using pgSQL, ClickHouse, Cassandra, Elasticsearch, Kafka, VictoriaMetrics as examples. Particular emphasis will be placed on the types of stores in K8s and the specifics of working with each of them. What your DBMS or applications should be prepared for when working in K8s and in which cases it is better to think twice before stopping by K8s.

    • Watch recording

      Talk type: Talk

      Observability Antipatterns

      Kirill will talk about the main mistakes when building Observability for systems. He will define the concept of anti-pattern and give examples of anti-patterns in Observability, such as "Too many metrics", "Too many logs", "Too many alerts". The speaker will explain how these anti-patterns can overload the system and make it difficult to analyze the data. He will also give tips on how to avoid this.

    • Watch recording

      Talk type: Talk

      How to Break and Protect K8s

      Let's look at the types of attacks on a cluster, what the main typical vulnerabilities are, how to deal with them, and what Admission Controller has to do with it. How to configure security policies so that you don't prohibit everything around and don't allow something unnecessary. Technologies: Kyverno, Kubernetes, network and network protocols, pentest.

    • Watch recording

      Talk type: Talk

      How To Implement SLO and Benefit From It

      Daniil will talk about the experience of implementing SLO in their product and share the results. He will show the resulting graphs and talk about the challenges encountered along the way.

    • Watch recording

      Talk type: Talk

      DevOps Governance in Product Audit

      The speaker will explain how it is possible to implement a maturity matrix on the example of a product, how long it can take and what results it can lead to.

  • Discussions

    Live conversation with speakers between activities. No recording and no time limit.
  • BoF

    Informal conversations without hosts or speakers. This is where new ideas are born.
  • Round tables

    Speakers and experts discuss current industry issues.

Bonus

  • Coffee and lunch breaks

    Buffet and beverages of your choosing. If you have food restrictions, write to our support team. We’ll find a solution.
  • Networking and Afterparty

    Informal atmosphere, networking for all participants, speakers, and experts. Heart-to-heart talks and an afterparty at the end of the first offline day.

FAQ

  • Where will the offline part of the conference be held?
    Offline part will be held on September 17–18 at the following address: Hotel MonArch: Leningrad Avenue, 31А, building 1, Moscow, Russian Federation.
  • When will the program and time for the offline part of the conference be known?
    We begin publishing the program in batches on the conference website one month in advance.
  • What activities will be included on the offline part of the conference?

    There will be on the offline part:

    • talks;
    • roundtables;
    • BoF-sessions: meetings of interest without a scheduled schedule;
    • discussions with offline and online speakers who will come to the site;
    • Afterparty for participants at the end of the first offline day.
  • Will there be an online broadcast of the offline part of the conference?

    We will broadcast live most of the activities of the offline part: talks, roundtables, etc.

    Discussions and BoF-sessions will not be broadcast or recorded.

  • Offline was so long ago that I no longer remember what the procedure was for offline conferences.
    Don’t worry, before the conference we will send you a participant’s memo. It will contain all the necessary information.
  • Can I buy a ticket only for the offline part of the conference?
    To attend the offline part, you must purchase an ONLINE + OFFLINE ticket. It entitles you to attend the offline part of the conference and lifetime access to the recordings of the online part.
  • How do I get into offline part if I have a ONLINE ticket?
    If you already have a ticket for the online part of the conference, you can upgrade it to ONLINE + OFFLINE. To do so, email our support team at support@devoops.ru
  • How do I get to the offline part if the company only paid for my ONLINE ticket?
    If the company that paid for your ticket is not willing to upgrade to ONLINE + OFFLINE, you can do it yourself at a discount. The discount is given for taking the survey after the online part of the conference ends.
  • Is there a limit to the number of tickets for the offline part?

    The number of tickets is limited to the capacity of the conference venue.

    So it is better to buy tickets in advance while they are available.

  • Are there any restrictions on going to an offline conference?

    There will be no COVID restrictions on site visits. You don’t need QR codes or PCR tests to enter the venue. For your safety a qualified medical worker is constantly on duty at the site.

    However, if you’re feeling unwell, it’s best to refrain from going offline. You will be able to participate in the offline part remotely or watch the performances in the recording.