PurePerformance

Software security is about securing websites against malicious attacks or using firewalls to prevent hackers entering your enterprise network. While this is part of software security there is much more that needs to be done – especially as more organizations are developing critical software it is important to protect the whole software delivery lifecycle from any malicious attacks along the supply chain.In this episode we have Michael Plank, Technical Product Manager at Dynatrace, talk about his latest blog post titled How Dynatrace protects its software development and delivery life cycle against supply chain attacks. We learn about attack vectors from development workstation until production deployment. He covers the strategies ranging from static to dynamic code analysis, vulnerability detection or code signatures. Tune in and learn that building secure software is more than ensuring your users have hard to crack passwords!https://www.dynatrace.com/news/blog/how-dynatrace-protects-its-software-development-and-delivery-life-cycle-against-supply-chain-attacks/

If you are not a gamer you may have never heard about Cyberpunk 2077. If you are – you may know about the challenges during their latest release.Dave Farley (@davefarley77), Co-Author of best seller Continuous Delivery, has been an engineering large and complex systems for decades. His work helped elevate our industry around Continuous Delivery and DevOps. In this episode he shares his learnings from failed projects like Cyberpunk as well as his own latest experiences around that picking the latest technology might be fashionable but is not always the smartest choice.To learn more about Dave check out Continuous Delivery website that also links to his YouTube Channel hosting some of the episodes he was referencing in the podcast.https://twitter.com/davefarley77https://www.amazon.com/Continuous-Delivery-Deployment-Automation-Addison-Wesley/dp/0321601912#ace-g9859629705https://www.continuous-delivery.co.uk/https://www.youtube.com/channel/UCCfqyGl3nq_V0bo64CjZh8g

Nobody has foreseen the global pandemic that put a lot of chaos in all our lives recently. Let’s just hope we learn from 2020 to better prepare on what might be next.The same preparation and learning also goes for Chaos in our distributed systems that power our digital lives. And to learn from those stories and better prepare for common resiliency issues we brought back Ana Medina (@ana_m_medina), Chaos Engineer at Gremlin. As a follow up to our previous podcast with Ana, she is now sharing several stories from her chaos engineering engagements across different industries such as finance, eCommerce or travel. Definitely worth listening in as Chaos Engineering was also put into the Top 5 Technologies to look into 2021 by CNCF.https://twitter.com/Ana_M_Medinahttps://www.spreaker.com/user/pureperformance/why-you-should-look-into-chaos-engineerihttps://twitter.com/CloudNativeFdn/status/1329863326428499971

When moving to microservice architectures its time to re-think continuous delivery. Just as many software services rely on a core data analytics engine to make better automated decisions we need to apply the same for continuous delivery. We can assess the risk of every microservice deployment based on data from production and the desired change of configuration. We can assess the potential blast radius and mitigate it through modern delivery options such as blue/green, canaries or feature flags.Tracy Ragan, Creator & CEO of DeployHub, CDF board member and DevOps Institute Ambassador shares her thoughts on why we need to move to smarter data-driven delivery pipelines. Tracy (@TracyRagan) gives us insights into why not every microservice is created equal and what approaches we can take to better control updates that contain multiple microservice updates.Also make sure to check out their latest project Ortelius and take Tracy up on a virtual coffee chat as discussed in our podcast!https://www.linkedin.com/in/tracy-ragan-oms/https://twitter.com/TracyRaganhttps://github.com/orteliushttps://go.oncehub.com/15-30MinuteVirtualCoffeeWithTracy

K8s enables organizations to more easily deploy their containerized solutions as it takes away a lot of the operational tasks which are built-into k8s. This in theory means that you can run your software anywhere and provide it as SaaS offering or deploy it behind corporate firewalls for those customers that demand an on-premise installation.In this episode we have Marc Campbell, Founder and CTO of Replicated, where they help the k8s community to deliver and manage apps on k8s anywhere. For anyone looking into running their apps on k8s you will learn the challenges of Day 1 (delivery, install) and Day 2 (operation, monitoring, troubleshooting) operations. Marc shares common performance and scalability challenges and how to prepare for them during development.In this episode we have Marc Campbell, Founder and CTO of Replicated, where they help the k8s community to deliver and manage apps on k8s anywhere. For anyone looking into running their apps on k8s you will learn the challenges of Day 1 (delivery, install) and Day 2 (operation, monitoring, troubleshooting) operations. Marc shares common performance and scalability challenges and how to prepare for them during development.https://www.linkedin.com/in/campbe79/https://www.replicated.com/https://www.heavybit.com/library/podcasts/the-kubelist-podcast/ep-7-keptn-with-andreas-grabner-of-dynatrace/https://troubleshoot.sh/https://kots.io/

Stefan Frandl, Development Director, has a single digit employee number at Dynatrace and therefore seen a lot of agile transformation over the past 15 years – growing from a startup in Linz, Austria to now 800+ engineers across globally distributed labs. A visit to several “unicorns” such as Google, Facebook and Slack triggered the latest agile transformation.In this episode Stefan walks us through the implementation of the changes we discussed with Andrea Holl in her episode on “Scaling Agile at Dynatrace”. He shares the challenges around growing responsibilities of team leads, work left half-finished, overhead on hand-over and cross team collaboration. He then introduces us to the current structure and processes at Dynatrace such as Team Captains, Product Owners and Agile Advocates as well as Dev Directors and Lead Product Engineers. While Dynatrace has seen many benefits already, the journey is still ongoing as Dynatrace is continuously rethinking and improving the way we work and provide value to our customers!https://www.linkedin.com/in/stefan-frandl-aa86723/https://www.spreaker.com/user/pureperformance/scaling-agile-at-dynatrace-with-andrea-h

SAFE, LESS or the Spotify Model? Which scaled agile method to apply for your transformation? Or are you unique enough like 44% of organizations based on a European research that are defining their own scaled agile approach to transform successfully?In this episode we sit down with Andrea Holl, Agile Coach at Dynatrace, and let her walk us through the different scaled agile frameworks. She discusses the pros and cons and why many organizations – including Dynatrace – are coming up with their own approaches. For Dynatrace it was about taking the best from the proven frameworks but adapting them to allow us continue or core cultural values such as full autonomy to teams and flexibility of tools and processes.If you are on the brink of a transformation make sure to listen to Andrea and how she and her teams have approached that transformational project!https://www.linkedin.com/in/andrea-elisabeth-holl-b2255a112/https://www.scaledagileframework.com/https://less.works/https://blog.crisp.se/wp-content/uploads/2012/11/SpotifyScaling.pdf

Daylight savings can bring chaos to systems such as rogue processes consuming CPU or memory and therefore impact your critical systems. The question is: how do you systems react to this chaos? How can you test for this? And how can you make your systems more resilient against this chaos?In this episode we talk with Ana Margarita Medina, Chaos Engineer at Gremlin. In her previous job, Ana (@Ana_M_Medina) was a Site Reliability Engineer at Uber where she helped coping with the “chaos” on New Years Eve or Halloween. Ana gives us great insights into the discipline of Chaos Engineering, that its really about running controlled experiment and that everyone can get started that has an interest in contributing to more resilient systems.Here the additional links we promised during the recording: Drift into failure, Chaos Engineering Community, Chaos Engineering and System Resilience in Practice.https://www.linkedin.com/in/anammedina/https://twitter.com/Ana_M_Medinahttps://eng.uber.com/nye/https://www.amazon.com/Drift-into-Failure-Sidney-Dekker/dp/1409422216https://www.gremlin.com/community/https://www.amazon.com/Chaos-Engineering-System-Resiliency-Practice/dp/1492043869

We are sitting down with Sebastian Scheele (@sscheele), CEO and co-founder of Kubermatic, to discuss the challenges organizations have as they are moving their workloads to k8s and realize that managing, scaling and operating k8s is not getting easier the more k8s clusters you allow your application teams to spin up or down. We learn more about the Kubermatic Kubernetes Platform, the Open Source Project, which centrally manages the global automation of thousands of Kubernetes clusters across multi-cloud, on-prem and edge with unparalleled density and resilience.Thanks Sebastian for answering all the questions we threw at you – questions we have received from many organizations that are moving to k8s but get surprised about the complexity as it comes to properly operating and managing k8s.Sebastian Scheele Twitterhttps://twitter.com/sscheeleKubermatic Kubernetes Platformhttps://github.com/kubermatic/kubermatic

Keptn is now a CNCF sandbox project bringing a new event-driven approach to continuous delivery and operations. While many are just hearing about Keptn the first time, it is interesting to learn more about how it started, which challenges the team ran into, what they learned about K8s, and running an open-source project. We therefore invited Johannes Braeuer (@braeuer_j) and Andreas Grimmer (@grimmer_andreas) – both Keptn project maintainers and contributors – who have been working on the Keptn project since its inception.Especially for groups that want to start open-source projects or are on the brink of deciding pro or con Kubernetes should listen until the end as Johannes and Andreas tell us what they would do differently now if they would start today based on the learnings from the past 18 months.If you want to join the Keptn community, make sure to star our GitHub project, join the Slack channel, and join our regular community meetings!Keptnhttps://keptn.sh/Johannes Bräuer on Twitterhttps://twitter.com/braeuer_jAndreas Grimmer on Twitterhttps://twitter.com/grimmer_andreasKeptn Githubhttps://github.com/keptn/keptnKeptn Slackhttps://keptn.slack.com/Keptn Communityhttps://github.com/keptn/community