DevOps Conference Agenda AUCKLAND 2023 | DevOps Talks

AGENDA DOTC 2023 IN NZ

Reception and Openning

Welcome & Opening Remarks

Scott Shaw CTO Asia Pacific Thoughtworks

Scott Shaw - CTO Asia Pacific at Thoughtworks

«Platforms in Practice»

Platforms are everywhere. Multiple forces have converged in recent years to put internal technical platforms in the spotlight for digital businesses. Platform teams have become commonplace in engineering departments. Gartner even lists “Platform Engineering'' as one of its top 10 technology trends for 2023. Done right, these platforms can align application delivery to common standards, make engineers more productive, optimize cloud usage, and improve the resilience and security of custom-built applications. But the features, architectures, delivery methodologies and operating models for engineering platforms vary widely from business to business. Given the level of investment required to make these platforms successful, very few organizations have the luxury of trying different approaches to see what works best. Moreover, if the value of the platform isn’t clearly articulated, it’s hard to even say what success is. Fortunately, Thoughtworks has extensive experience building internal technical platforms for clients all over the world. Along the way, we’ve identified some patterns, practices, tools and metrics that improve the chances of success in a platform building endeavour. In this talk I’ll share some of the lessons we’ve learned and offer up some speculation about where platform work is going in the not too distant future.

Chitra Kapoor Solutions Architect LaunchDarkly

Chitra Kapoor - Solutions Architect at LaunchDarkly

«How to Use Feature Flags with LaunchDarkly to Drive Business Value: Use Cases, Risk Mitigation, Targeting, Integrations, and More.»

What is the value of software deployment and how can seamless migration improve your workflow? Chitra will explore how organizations such as IBM, Atlassian, Loom, and TrueCar have vastly improved productivity using LaunchDarkly's platform. Feature flags empower teams to roll out new features and updates gradually while reducing risk and ensuring a smoother user experience. This strategic tool can foster innovation, reduce development headaches, and drive greater customer satisfaction and business success across many industries.

Kelvin Mun Senior Systems Engineer, Kasten by Veeam – APJ KASTEN

Kelvin Mun - Senior Systems Engineer, Kasten by Veeam – APJ at KASTEN

«Effortless Kubernetes Application Aware Data Protection»

The developer-driven nature of Kubernetes has led to increased adoption of open-source tools. Cloud-native applications comprise various components including data services, storage systems, and related Kubernetes objects. Each component requires its own data protection tools, strategy, and domain expertise. A robust solution aligned with business requirements often involves complex workflows. What if there was a way to coordinate the implementation of these workflows while optimizing how backups are moved into storage?

Regardless of the source of data protection tools, it is critical to have the features and capabilities needed for creating and managing Kubernetes application data protection services at scale. During this talk, Kelvin will talk about the pitfalls to avoid within DIY data protection approaches. He will then demonstrate how two open-source tools, Kanister and Kopia, work together to optimize backup and recovery for Kubernetes applications and data services.

Lunch

Scott Shaw

CTO Asia Pacific

Deb Costello

Domain Chapter Lead Release and Test Automation

James Bannan

Principal Consultant

Pannel Discussion

1. Digital Transformation in your organisation
2. Cyber Security threats and opportunities
3. Role of automation in development 

Rosie Kelly Agile Team Lead BCITO

Rosie Kelly

Agile Team Lead

«Innovating at the Speed of DevOps: A Roadmap to Product Ops Excellence»

• BCITO Digital Product Ops and DevOps Journey • How the fusion of Product Ops and DevOps can accelerate innovation in technology teams. • Building a collaborative culture / mindset + product centric thinking and cross-functional teams aka the innovation ecosystem • DevOps for Product Ops (automation/continuous delivery/customer feedback) • Empowering teams, navigating challenges together • Future forward perspectives (exploring AI and machine learning e.g. AIOps)

Norie Ape Enterprise Applications Lead SolarZero

Norie Ape

Enterprise Applications Lead

Break

Deb Costello Domain Chapter Lead Release and Test Automation Spark

Deb Costello

Domain Chapter Lead Release and Test Automation

«Path forward to Test Automation»

The journey to test automation requires us to rethink how we determine what we automate and how we automate. At Spark we created Principles first: • Automation First • Continuous Testing • Shift Left • Release when Ready Spark New Zealand has fundamentally changed how they approached the build, test and release lifecycle through an automation-first approach. Releases are now measured against a collection of system, integration and end-to-end tests, all automated through a JavaScript + Playwright codebase. Hundreds of regression and progression test cases can now be written once and run again and again across environments and in parallel through our pipeline (built with Azure DevOps and Docker). Starting with a group of curious Testers and through a series of hands-on workshops and training, they grew to become Test Engineers. This included the technical skills but also the software engineering and DevOps practices of version control, trunk development, post-mortems, pull requests, feature flags, continuous testing and more.

Justin Vos Test Engineer Spark

Justin Vos

Test Engineer

Dave Hall Managing Director Skwashd Services

Dave Hall - Managing Director at Skwashd Services

«Proactive Ops: Event Driven IT Operations»

Traditional IT operations is overwhelmingly reactive - humans respond to incidents and tickets. There is so much noise! Alerts, tickets, audits, chat threads. What if ops could catch the small things before they turn into big problems? What if we could use events and serverless to remediate issues? Engineering teams are adopting event driven architectures with herds of serverless microservices. Why can’t Ops play buzzword bingo too? Most significant issues in productions start off as small problems that are overlooked or ignored. These small problems are usually can be captured via events. Those events can be routed to handlers than can react and remediate the issues. During this session we will explore what “proactive ops” platform can look like. Areas covered in this session will include capturing events from SaaS products, event routing, building reusable composable components, and the different approaches to deal with policy violations. By then end of session an attendee should be able to start building their own serverless, event driven, proactive ops platform.

Closing Remarks

Open Space Discussions, Beer, Fingerfood

Reception and Openning

Welcome & Opening Remarks

Peter Goodman VP of Engineering Pushpay

Peter Goodman - VP of Engineering at Pushpay

«How we actually built and maintained a successful blameless culture.»

At Pushpay we started implementing our blameless culture in 2014 and over the years we learned that your engineering culture doesn't just maintain itself - you have to feed it and maintain it. This is the story of how we implemented the principles of a blameless culture and how we maintained it over the course of a 9 year journey.

Will Velida Lead Software Engineer Azenix

Will Velida - Lead Software Engineer at Azenix

«Implementing secure and reliable CI/CD pipelines for cloud infrastructure deployments»

Using CICD pipelines and practices for our application code has been around for a while now, but we can also apply these practices to our cloud Infrastructure-as-code (IaC). In this talk, we will discuss how we can apply CI/CD practices to deploying our cloud infrastructure, how our IaC tool of choice impacts the way we can deploy our infrastructure, how we can implement tests in our CI/CD pipelines to ensure that what we want to deploy will be deployed, apply security checks in our pipelines to ensure that our infrastructure deployments don't violate any security or governance that might be in place, and much more. There are numerous IaC and CI/CD tools out there, but this talk will focus on Terraform, Bicep, CloudFormation, Pulumi, GitHub Actions, Azure DevOps and Octopus Deploy. Each tool is a little different, so we'll explore how our choice of IaC tool affects the way we deploy our infrastructure.

Shikha Mishra Senior DevOps Engineer at Jarden jarden

Shikha Mishra - Senior DevOps Engineer at Jarden at jarden

«Building DevOps practices in Fintech: A Look Back with Honesty»

Join us for an open and honest journey through Jarden's experience with technology, practices, and processes. We will share our successes and admit our mistakes. At Jarden, we've always been quick to try new tech and ways to work more efficiently. But let's face it, not every decision turned out perfectly. We've stumbled a few times along the way, and we're not afraid to talk about it. So, let's dive in and see how we've learned from those stumbles, how we've grown and gotten better over time. We'll also give you a peek at what's coming next for us. #A Tale of Learning, Growing, and Looking Ahead

Lunch

Peter Goodman

VP of Engineering

Craig Dickson

Software Delivery & Operations Lead

Kelvin Mun

Senior Systems Engineer, Kasten by Veeam – APJ

Pannel Discussion

1. AI in your organization today and tomorrow (expectations in future)
2. Cloud and adoption of new technologies. Expectations and reality
3. Key strategical investment areas

James McLean Head of Platforms Stuff Limited

James McLean - Head of Platforms at Stuff Limited

«Platform and DevOps at Stuff»

The evolution of the stuff.co.nz platform, challenges faced along the way and the link to our DevOps journey supporting our ambitions as a media company.

Break

James Bannan Principal Consultant CyberCX

James Bannan - Principal Consultant at CyberCX

«Beyond Buzzword Bingo: DevSecOps as Commercial Reality»

Security is something we are all supposed to care about. But for some businesses and industries, demonstrable adherence to security frameworks is the key which unlocks commercial opportunities. What if you want to do business with defence, military research, or have critical M&A conversations away from the corporate network, all using public cloud services? In this session, we will look at CyberCX's approach to leveraging DevSecOps culture, practises and tools in the development and delivery of highly secure enterprise landing zones built on Microsoft Azure.

Craig Dickson Software Delivery & Operations Lead Google Cloud

Craig Dickson - Software Delivery & Operations Lead at Google Cloud

«AI All The Way Down»

Are you feeling a bit of AI burnout? It’s hard to escape it right now, it is literally everywhere - it's at work, it's in our homes, it's on our devices, it's in the games we play and the videos we watch. And as fellow travellers in the IT industry you may also be feeling some AI induced anxiety right now, because there are a lot of scary unanswered questions floating around for you - questions like will I even have a job in a few years. It's time to stop worrying and learn to love AI. In this presentation we will take a look at how to leverage state of the art AI capabilities to architect, develop, deliver and operate your applications.

Closing Remarks

Networking, Discussions

WORKSHOPS
20-Nov-2023

Securing Software Supply Chains w/ Google Cloud's Software Delivery Shield

Software Delivery Shield is a fully managed, end-to-end software supply chain security solution. It provides a comprehensive and modular set of capabilities and tools across Google Cloud products that developers, DevOps, and security teams can use to improve the security posture of the software supply chain.


Software Delivery Shield consists of:

  • Google Cloud products and features that incorporate security best practices for development, build, test, scan, deployment, and policy enforcement.
  • Dashboards in the Google Cloud console that surfaces security information about source, builds, artifacts, deployments, and runtime. This information includes vulnerabilities in build artifacts, build provenance, and Software Bill of Materials (SBOM) dependency list.
  • Information identifying the maturity level of your software supply chain security using the Supply chain Levels for Software Artifacts (SLSA) framework.

Get hands-on with Software Delivery Shield!

This workshop will provide you with the hands-on experience you need to secure your software supply chain with Google Cloud Software Delivery Shield. You will learn how to:

  • Use Software Delivery Shield to scan your software dependencies for vulnerabilities.
  • Remediate vulnerabilities in your software dependencies.
  • Monitor your software supply chain for new vulnerabilities.
  • Automate your software supply chain security processes.

The workshop will include a mix of presentations and hands-on labs. In the labs, you will use Software Delivery Shield to secure a sample software project.

Audience: Software engineers, security engineers, DevOps engineers, and anyone interested in learning about software supply chain security.

Prerequisites: A basic knowledge of software development and some experience with cloud computing.