Devops Chat

At the speed of DevOps, automated testing is essential for QA to maintain pace with that of software creation. Automated testing is ripe for innovation too. How do we know we are performing the most relevant tests, that new functions in the software aren’t being missed or overlooked, or that highly dynamic applications aren’t outpacing static test cases and logic? Functionize aims to bring innovation to achieve autonomous testing, making testing, the creation, and maintenance of tests more efficient. Founder and CEO Tamas Cser joins us on this episode of DevOps Chat to share several innovations his company brings to DevOps teams. Join us as we discuss how writing test cases in English help capture intent and result in less brittle tests over time, and about the ability to reach into Functionize during run time and programmatically change object models and internals. Learn how AI improves visual detection of web pages and changes in web page behavior. And how AI can root out test cases that may no longer be

Dr Mik Kersten always brings a fresh perspective on what is happening in the world of DevOps and value stream management. He is beyond bright, but explains things in a way that everyone can understand. I had a chance to catch up with Mik and find out what was the latest with Tasktop. Have a listen to this great interview

On a project to move one of Google’s Fortune 500 customers to Google Cloud, Google Kubernetes Engine (GKE), and Spinnaker open source, our DevOps Chat guest ran into the message “hang tight". No scripts or documentation. Not to be delayed, Miles Matthias, Google Cloud Consultant with Container Heroes, filled the gap and contributed his work back to the Spinnaker community. This episode of DevOps Chats features a preview of Mile’s talk, “Monitoring Spinnaker with Prometheus Operator on GKE” he is is giving on Saturday, November 16th, 3:45 pm PT, at Spinnaker Summit 2019. Miles also talks quite a bit about Canary testing in this episode.

ZeroNorth has from its founding been focused on bringing a DevSecOps solution to market that was unique and effective. They have brought on industry veteran, John Worrall as the CEO to join Chairman and Founder, Ernest DiGiambattista and the rest of the team to help organizations with DevSecOps. They have also recently raised $10m in funding to help the cause. In this DevOps Chat we sit down with Ernest and John and talk about the new course that ZeroNorth is charting

Many organizations want to implement the latest DevOps/SRE practices, but many struggle with transforming the existing processes over to new streamlined processes. How does an organization transform from 0 automated deploys to 100s/1000s a month? Most importantly, how do you show the value of Spinnaker to your business as a whole? November’s Spinnaker Summit 2019 in San Diego allows us an opportunity to hear and learn from DevOps engineers, developers, and partitioners using Spinnaker open source software. Joel Vasallo, Manager, Cloud DevOps at Redbox, shares with us a preview of his talk where he shares his experience about using Spinnaker open source to increase the number of deploys into production. Joel found Spinnaker so useful because it is very extensible, covers AWS well, strong support for Kubernetes, different deployment types, and has the automation to create the software delivery platform that fits the need. Joel's talk, Transforming Software Delivery using Spinnaker, is on November 17, 12:30 p

After Akamai acquired his company, Haseeb Budhani decided to take on his next challenge and start Rafay. Rafay, focuses on the complexity and repetitive aspects of deploying and managing Kubernetes applications. Rafay addresses complexity by providing application abstraction, cluster blueprinting, and enterprise-ready integration, making Rafay a great candidate for multi-region, multi-cloud, hybrid, and edge/MEC adoption. Join us on this episode of DevOps Chats where Haseeb shares some of the experiences and challenges that led him to found Rafay, and how to accelerate your path to Kubernetes and multi-cloud applications.

There are many interviews you do as part of the role as editor in chief of DevOps.com. Then there are some that make it all worthwhile. Anytime I have the pleasure of speaking with Dr Nicole Forsgren, it makes all of the other things I do worthwhile. She has a clarity of vision borne from the foundation of verifiable metrics she has measured and surveyed over the last six years. Just about every DevOps presentation you will see has some reference to her Accelerate: State of DevOps Report. And for good reason. It has become the "authority" on DevOps metrics. We sat down with Nicole to go over what she thinks are some of the key findings in this years report. Have a listen and enjoy.

As application functions get smaller, are containerized, become microservices, combine into service meshes, a new set of challenges crop up. What functions does each service perform? What state constitutes services in trouble? What are the dependencies between services across a complex service mesh? How can we instrument observability, tracing, between the service interactions? Constance Caramanolis, Software Engineer at Omnition, joined us on DevOps Chats, recorded just before Splunk's acquisition announcement. After working a Microsoft, Constance joined Lyft, in part to work with Envoy, open source created by Lyft that brings upstream and downstream tracing across a service mesh. Constance recently joined Omnition, while still in stealth, to help "flip tracing on its head." It's genuinely a fascination conversation and gives us a window into the challenges and solutions to managing a service mesh at scale. Listeners should also check out our DevOps Chats episode talking about the Splunk's acquisition of

With claims of Internet traffic encryption levels at 95% and cloud communications up to 100%, it's increasingly difficult to see malicious activities happening on our networks. Encryption is a good thing, of course, until it hides nefarious network traffic and payloads. Then we want to know about it, be able to diagnose it, and take appropriate action. Encryption can be a double-edged sword. Steve Perkins, CMO of Nubeva, joins us on DevOps Chats to talk about Nubeva's solution for out-of-band decryption of next-generation TLS communications. It makes sense that cybersecurity teams desire this new level of visibility, and DevOps teams working with APIs and cloud encrypted communications also want the option of taking an "outside-in" view for troubleshooting, addressing compound performance problems, etc. We explore with Steve the benefits and use cases for Nubeva, how it works, and how Nubeva provides this level of visibility while maintaining the integrity and security of TLS communications. Join us as we

So much happening on shifting security left, but what about shift right? Jeff Williams, CTO of Contrast Security gives us a great update on the state of DevSecOps, shift left, shift right and appsec, as well as DataOps. Jeff is one of the sharpest people in the cyberworld, so this is worth your time to hear what he is thinking.

More than ever, application security is a top priority. Beyond secure coding practices, a holistic app security strategy addresses the full application and infrastructure stack. This includes containers, microservices, orchestration, infrastructure software, and the cloud. Bolting on the next security tool may not be the answer. Kamal Shah, StackRox CEO, joins us on this episode of DevOps Chats, diving into the need for a systemic security approach across the lifecycle of cloud-native, even "Kubenative", applications. We explore how Kubernetes and cloud-native apps bring access to rich configuration information, usage visibility, runtime context, inherent security controls, and compliance. It's a fascinating conversation that will open up new paths to secure Kubernetes and cloud-native applications.

Cockroach Labs the folks behind CockroachDB recently announced another round of funding as they continue their mission to allow you to scale your data without complexity. We spoke with CEO Spencer Kimball about their plans and how Cockroach Labs shall inherit the DB world

Stateless application architecture is the current de facto approach, right? Not necessarily. Stateful applications communicating over TCP sockets can and are successfully built even in today’s age of cloud-native applications. Our guest on this episode of DevOps Chat is Chris McCord, creator of the Phoenix open source software, and architectural engineer at DockYard. Chris came up as a developer using PHP, Java, and Ruby. When he learned that WhatsApp was built using Elixir, running on the Erlang VMs, Chris was intrigued. What’s needed is a developer-friendly web framework for creating web and mobile applications. Chris started the development of the Phoenix Framework in 2011 and saw adoption pick up in 2014/15. Fast forward to today, Chris is an integral part of a vibrant community of developers using Phoenix to create web-oriented, mobile, embedded, and real-time applications that can support large transaction server volumes with less code. Join us as we talk with Chris McCord about Phoenix, why he cre

As the velocity of software creation, testing, and deployment increase rapidly, security at the app level is gaining ever more scrutiny. Code vulnerability scanners, automated security test tools, test libraries for containers are just a few of the security testing approaches broadly in use. Many of these approaches fall under a DAST (dynamic application security testing) or SAST (static application security testing.) As velocity increases, so does that amount of code we're creating, placing even great importance on testing, test automation, and application security testing. Creator of Seeker IAST (Interactive Application Security Testing), Ofer Maor, Director of Solutions Management at Synopsys, joins DevOps Chat. We talk about the value of IAST, maximizing testing automation, integration of testing technologies into the workflow, security testing built into containers, application security testing orchestration, and more.

Value Stream Management (VSM) is a term we hear with higher frequency. DevOps, Agile, Lean, and contemporary application development are very dynamic. These rapid, dynamic approaches can make the software development process opaque to the broader organization. It’s early in this part of the market, but it’s born out the need for quantifying the business value coming from our investments in software development. Steve Boone, Head of Product Management at HCL UrbanCode, joins us on this episode of DevOps Chat to talk about the state of this emerging market. Steve shares valuable insights about how organizations are working together, where DevOps and Agile are making a measurable difference, and what management can do to provide teams with tools to manage their VSM.

Data and database technologies are experiencing disruption. The volume of data collected is exploding, creating new potential for disruptive services and new companies. Data is distributed across locations in the cloud and the data center. Also, cloud technologies bring a plethora of database types, distribution options, analytics capabilities, and AI/ML processing. Any company not leveraging data to the benefit of its customers and business are just asking to be the next victim of disruption. Nikita Shamgunov, memSQL Co-CEO / Co-Founder, joins DevOps Chat to discuss how these disruptive factors changed how containerized and cloud-native applications approach data collection and storage. Speed, high volume data collection, distributed design, and scale are all challenges Nikita sees as vital for cloud-native applications of today and the future.

Red Hat Linux is a staple of most enterprise IT organization's software diets. Developers and IT leaders all over the world took notice when IBM acquired Red Hat. Will IBM Red Hat change? Will Red Hat continue to operate as it does today or will it be subsumed and disappear into some IBM business unit? Will IBM Red Hat still contribute to projects and tools like Kubernetes, JBoss, Fuse, OpenJDK, Eclipse IDE, and many others (https://redhatofficial.github.io/#!/main)? All are important questions. Brad Micklea, Lead of the Developer Program and Tools at IBM, joins DevOps Chat to talk about the future of Red Hat as part of IBM. Brad sends a strong message that Red Hat will remain focused on the developer community and tools for Linux, Kubernetes, Java, DevOps, and others. Join us as we talk with Brad about the future of Red Hat, DevOps, and open source developer tools.

Swiftly after announcing their acquisition of SignalFx, Splunk vaults into microservices tracing by announcing its intention to acquire Omnition. Tech companies are rapidly making acquisitions to strengthen their position in the DevOps and contemporary cloud-native software stack. Rick Fitz, SVP and GM of Splunk's IT Markets Group, joins DevOps Chat to share with us the drivers behind Splunk's move into microservices and service mesh tracing. Information about Omnition is in short supply as Omnition's been in stealth, racing to develop a product to address the observability needs of DevOps teams. Omnition has received some notice through its contributions to OpenCensus open source, now being merged into OpenTracing. In addition to this episode of DevOps Chat, check out Mike Vizard's article about the Omnition announcement at https://devops.com/splunk-adds-omnition-to-devops-portfolio/.

The software development tool needs of a 2-3 person team can be much different than those of a large enterprise. CI/CD is a common approach nearly all software teams establish. But what needs of a larger software organization to you adopt early on and which simply adds more complexity than benefit? Rob Zuber, CTO of CircleCI, began tackling this problem in the mobile space and then moved to CircleCI to help create what is now a well established SaaS-based CI/CD offering to software teams of all sizes. Join us on this episode of DevOps Chat and take away some valuable CI/CD lessons for your organization.

Doing anything at enterprise scale call brings with it a whole new set of requirements. With potentially thousands of requirements across hundreds of applications and releases, it can be a daunting challenge to pull together all the DevOps activities across a large enterprise. This has given rise to the new term Value Stream Management (VSM.) Like Salesforce for managing the sales pipeline, Value Stream Management is about IT seeing across all its initiatives, teams and projects. Are high-value requirements making it into production systems? Is DevOps making the expected impact at enterprise scale? Are VSM tools well integrated into the DevOps toolchain or are teams slowed by extra or unnecessary work. You must keep a handle on it all but we don't want the medicine to be worse than the disease. In this episode of DevOps Chat, we explore VSM with our guest Bob Davis, CMO at Plutora. Plutora tackles the VSM challenge at some of the largest banks, financial institutions, telecom and mobile carriers, insurance