devopsdays Amsterdam 2023

To see our schedule with full functionality, like timezone conversion and personal scheduling, please enable JavaScript and go here.
09:00
09:00
45min
Anatomy of a Mattermonster: How I Created an Open Source Developer Demo
Andrew Zigler

Abstract

Creating an engaging demo to teach developers is a unique challenge in the engineering world that benefits from tapping into a creative process. Often bridging the gap between engineering and community, developer demos offer perspectives into your projects, demonstrate what matters to your organization, and pave the road for future collaboration. From the perspective of a classroom teacher, this presentation will dig into the elements of one such project: Mattermonsters! We’ll cover what makes for a good developer demo (spoiler: make it fun!) and how to engage both new and seasoned developers within the same context. Working in a remote cloud environment, we will quickly create our own monster using the demo and then spend most of the time exploring how it teaches technical lessons to the user. We’ll also dive into the open source technologies that make the demo possible and identify the smartest ways to use those tools in future projects. By the end of the presentation, you’ll have a sense of best practices and starting points for unleashing your next developer demo into the wild.

Studio
09:00
180min
Become A Person Of Influence
Julia Sullivan

If you want to become successful in the business world, you will need a lot more than technical knowledge. Whether your career stagnates or takes off depends on whether you learn to become a person of influence.

Why do some people get noticed as high potentials and why do others not? What makes some people good at getting support for their ideas, and others not? How come some people are taken more seriously than others in meetings? The answer lies in your ability to capture the trust and respect of those you are talking to.

Many people view charisma, personal leadership and people skills as something you were either born with or not. But that’s not true. In this workshop you will become acquainted with the 5 aspects that make a charismatic leader. Each aspect contains a specific series of skills, and in the workshop you will find out that anyone who is interested can learn and master them.

In this interactive and thought-provoking 3 hour workshop you will learn how to capture the attention of the person or people you are talking to so they see you as a serious partner.

IJ Zaal
09:00
90min
Improving your team performance by upgrading your (team) positive intelligence quotient (PQ)
René de Leijer

Do you want better collaboration, less conflicts, a higher morale and more innovation within your team, join this workshop and make a start on improving your (team) positive intelligence quotient (PQ) and discover your mind's saboteurs.
By continuously improving your mental fitness and cultivating a positive team culture, teams can become more productive, motivated, and effective.

Off course you (as a DevOps engineer) are curious, so, check the assessment of PQ or saboteurs now.

Expo 2
09:00
120min
Peer Code Review Best Practices
Luben Alexandrov

In this workshop we will dive into one of the most broadly adopted software engineering practices - peer code review.

Following a brief motivation why do we need code reviews in the first place, Luben will present his set of best practices for both the reviewer and the reviewee.

After that we will discuss some common pitfalls and techniques how to avoid them. At the very end we will perform two live code reviews and see how the presented ideas can be applied in practice.

There will be breaks for Q&A and room-discussions throughout the workshop.

Expo 1
10:00
10:00
120min
Domain Driven DevOps
Andrew Clay Shafer

For over a decade organizations have invested in various DevOps initiatives with a mix of success and confusion. Despite significant effort, few organizations have achieved their desired outcomes and some initiatives may have caused more harm than good. Add Continuous Delivery, Microservices, SRE, and Platform Engineering to the pile, like Agile and other transformation movements before, many organizations check an oversimplified box and then move on to the next wave, adopting practices without understanding or worse, adopting new vocabulary without changing anything.

Join us for an interactive workshop on the principles that enable progressive and effective organizational alignment to make all the other marketing buzzwords possible. We will guide you through the process of understanding the flow of work through an organization and strategies for aligning business goals with technical capabilities. Using that understanding, we’ll identify constraints and opportunities to focus on the right work at the right time.

We’ll share frameworks for organizing clear and appropriate responsibilities for software, platform and infrastructure with respect to leadership, product, development, architecture and operations. We’ll examine these capabilities through classic framing of Culture, Automation, Lean, Metrics and Sharing. You'll leave with a deeper understanding of the principles and preconditions that connect efforts to outcomes with actionable strategies you can apply even in traditional and highly regulated environments.

Studio
10:30
10:30
90min
How to run production like Google (An SRE Approach)
Rushil Sharma

This is an SRE Jumpstart workshop where I will talk about how Google keeps to run services like Search and Gmail all the time with almost no downtime.

I will discuss on what SRE is and how it related and diffrenciates from DevOps and introduce the audience to concepts like SLA,SLO,SLI, Error Budgets, Risk Management, Incident Management, and how to work with the SRE culture and psychological safety and how a companyś culture is extremely important in running huge servers.

I will also talk about how Developers and DevOps go hand in hand in the SRE culture and how streamlined the process can become once we have some mathematical formulae and numbers for our server´s uptimes.

Expo 2
11:15
11:15
45min
Choose Your Own Adventure: The Treacherous Trek to Production
Viktor Farcic, Whitney Lee

From the moment of their inception as source code on the developer’s laptop, our hero knows that they are destined for great things. They long to be a real, running application, living in production, serving end users! But the epic journey to production is an arduous one, filled with cascading choices—choices concerning app design, testing, security, container image building, deployment strategy, and observability, to name a few. And who knows what other unseen forces lurk in the shadows! One wrong step could be catastrophic.

It is up to us, the audience, to guide our hero; and to help them grow from source code to container image, to their final form as a running application in production. In this ‘Choose Your Own Adventure’-style journey, Whitney and Viktor will present a linear view of all of the choices that an anthropomorphized application must make as they try to find their way to the fabled land of production. Throughout the trek, the audience will vote to choose which path our hero application will take. Can we navigate CNCF projects and avoid pitfalls and dead-ends to get our application to production?

Expo 1
11:15
45min
Stress Management for Developers
Jessica Rose, Ritah Nabukalu

A more thorough to Stress Management for Developers will be posted soon

Grote Zaal
12:00
12:00
60min
Lunch
Grote Zaal
12:00
60min
Lunch
Expo 1
12:00
60min
Lunch
Expo 2
12:00
60min
Lunch
Studio
12:00
60min
Lunch
IJ Zaal
13:00
13:00
90min
Come and play! Learn how to deal with resistance!
Mark Heistek

Resistance is everywhere. It's within your team, it's with your manager, it's within your relationship, and everywhere you look, there's always some kind of resistance.
Now, this isn't perse a bad thing, resistance is just one phase of change. Insecurity, resistance, anger, joy, and happiness are all part of the change.
It just depends on where someone is in that change process and that will determine the emotion.

We've created a serious game that lets you experience the different phases of change. To go from a fixed mindset (resistance) to a growth mindset (motivated and joyful) in less than an hour.
And we'll also give you some background theory about the different phases of resistance.

IJ Zaal
13:00
90min
Dude, where's my data [in k8s]?
Andrew Hill

Has Kubernetes become your new best friend for stateless apps, but when it comes to data, you’re still stuck in the quagmire of legacy environments? It’s time to step into the future, and we’ve got just the workshop to get you there! We’re talking HA, DR, and Backup – the holy trinity of data management. We’ll show you how to make your data-driven apps and stateless apps work together in a Kubernetes cluster. You’ll see how your data is highly available within your cluster using open source tools. You’ll perform DR failovers across clusters and get hands-on experience with backup tools for managing backup/restore across your entire Kubernetes estate.

So bring along your trusty laptop and we'll bring the clusters!

Studio
13:00
90min
First Steps to Full Lifecycle Security in your DevOps pipeline with Open Source Tools
Anais Urlichs

A key element of successfully integrating security into the DevOps lifecycle is embedding it right from the start. Helping developers and operators build security controls in from day one with easy-to-use open source tooling can make that a reality. This workshop will take a hands-on approach to demonstrate how to install, configure and customize open source security tools to be used throughout the DevOps process. The workshop will focus on a couple of core tools. Firstly understanding how Trivy, and similar security scanners, can be used to help secure filesystems, repositories, container images, Dockerfiles, Kubernetes manifests and IaC code such as Terraform. Then the workshop will move on to operationalizing security controls in your deployment pipeline, providing continuous security assurance of workloads.

Expo 1
13:00
45min
Introduction to Application Security via instrumentation & observability
Pieter Reekers

Traditional SAST & DAST security tools typically struggle with the speed of DevOps. Organisations need to shift to developer-centric application security based on instrumentation & observability. This reduces the level of noise and delays of the traditional approaches. IAST uses instrumentation to help developers and QA teams find vulnerabilities early and by providing a full dataflow the fix is fast too.

If you are interested in security this is the right workshop for you!

In this workshop you'll get hands-on experience with IAST, SCA & RASP. We help you onboard an application, find vulnerabilities, review the results and (if you feel adventurous) exploit them and see how RASP defends against it.

After the session you maintain access to the Community Edition of the platform and you can use it for your own application.

Expo 2
13:00
90min
Measure Twice, Cut Once: Dive Into Network Foundations For All!
Marino Wijay

Networks are the foundation of distributed apps, especially in cloud-native ecosystems. Awareness of how data moves between applications is critical for understanding their performance, security, and efficiency.

As many apps are built and deployed onto container systems like Kubernetes, it’s key to understand where traffic goes, how to communicate with your applications, and how to decipher network protocols and transactions.

Cloud-native application networking tools offer many advantages, but require a deep understanding of the Linux networking stack.

This workshop prepares DevOps Engineers to navigate networks and develop expertise in networking technologies. By using the Linux operating system, this workshop helps you to answer the questions:
- What does a packet look like?
- How does it flow into your microservices?
- How do you trace network & API communications?
- Why do you need DNS?
- How does Service mesh help with microservices?
- How can eBPF improve our network performance?

Grote Zaal
13:50
13:50
45min
Practical Guide to Distributed Tracing with Jaeger
Dotan Horovits

The dynamic and highly distributed nature of modern systems renders it impossible to keep track of the web of interconnecting services and of the flow of requests through that web. Distributed tracing provides the missing telemetry to understand the service dependencies in a microservice (or any highly distributed) system and identify critical paths and latency sources in the application.

Distributed tracing has been gaining a lot of attention, with 38% percent increase in DevOps using it year over year. The leading tool in that space is Jaeger, the popular open source project which was developed at Uber, and is now a graduated project under the Cloud Native Computing Foundation.

This workshop will introduce basic concepts and terms such as code instrumentation, spans and sampling rates. Then through live demo on Jaeger you will learn how to effectively use it to monitor your microservices architecture.

This is a practical and fun workshop, that will give you the feel of distributed tracing and how it can help you to troubleshoot performance issues in production, using the popular Jaeger OSS.

Expo 2
14:35
14:35
30min
Break
Grote Zaal
14:35
30min
Break
Expo 1
14:35
30min
Break
Expo 2
14:35
30min
Break
Studio
14:35
30min
Break
IJ Zaal
15:10
15:10
90min
Building Your Platform on Multi-Cluster Kubernetes
Derik Evangelista, Winna Bridgewater

Multi-cluster topologies are a key part of Kubernetes. Organisations gain many benefits using multiple clusters, such as increased scale, bespoke APIs, blast radius reduction and more. However, multi-cluster deployments also increase complexity.

With multiple clusters comes increased building and maintenance complexity for the platform team. Answers to questions like which cluster to install certain tools into, how to provision newly created clusters in a standard way, and whether to provide ephemeral cluster environments, are becoming more important. These answers often come with a whole host of technologies as baggage.

This workshop will explore how to use a higher level framework to encapsulate your platform offerings. And with these now packaged offerings, you can automate their availability according to business requirements across both existing and future clusters to build a powerful platform that supports engineering productivity and business requirements.

Expo 2
15:10
120min
HTTP Fundamentals - Workshop
Michael Arenzon

HTTP is the de-facto standard protocol of the internet and heavily used in almost all systems - in depth understanding of HTTP is crucial for design, performance scaling and day to day operations.

Part 1 (~1h) HTTP Overview - History and Concepts

  1. Where is HTTP in the protocol stack, re-cap of HTTP versions, overview of well-known web servers (Apache/Nginx)
  2. Concepts - URI, method type, status code, header, etc.
  3. Advanced topics - Virtual hosting, Reverse/Forward proxies, TLS, protocol extensions, load-balancer, CDN.
  4. HTTP/2

Part 2 (~2h) [Hands On] Writing a web server

  1. Creating a basic HTTP server from scratch (URL and headers parsing, req/res flow)
  2. Implementing virtual hosting and dynamic routing
  3. Improving client handling with cache, compression, timeouts and keepalive.

Part 3 (~1h) [Hands On] Implementing advanced features

  1. Reverse proxy, SSE, SNI-based routing (TLS)
  2. HTTP pipelining (/multiplexing) and head-of-line blocking
Expo 1
15:10
120min
How To Build A Production Ready Kubernetes
Engin DIri, Ringo De Smet

Let's Build A Production Ready Kubernetes!

Our goal: Deploy a containerized full-stack (Golang & JavaScript) application to a AKS Kubernetes cluster, expose it to the internet and have a GitOps mechanism in place.

During the workshop, we will discover infrastructure as code (IaC) and create a AKS Kubernetes cluster using Pulumi as Infrastructure as code tool. In the second part of the workshop, we will talk about the fundamentals of GitOps and setup a GitOps pipeline using FluxCD

The workshop will add some stretch goals like secret management, monitoring, ingress controller and security.

IJ Zaal
15:10
120min
Let's Improve - Leverage DORA to Improve Your Team's Software Delivery and Operations Performance
Nathen Harvey, Amanda Lewis

Technology drives value and innovation in every organization. At Google Cloud, we have learned a lot about what it takes to build and scale high-performing technology teams. Our own lived experience combined with a multi-year research program led by the DevOps Research and Assessment (DORA) team can be used to help you and your team transform into a high-performing technology team.

This workshop will help you put the insights of the research framework into practice. Participants will:

  1. Describe your team’s current software delivery process
  2. Set baseline performance metrics
  3. Compare your performance with your peers in the industry
  4. Use DORA’s predictive analysis to identify where to make your next improvement
  5. Set some goals

By the end of this workshop you will have one improvement story to add to your backlog as you take the next step toward becoming an elite performing team. And, you’ll be able to repeat the process with your own team in your quest to getting better at getting better!

Grote Zaal
15:10
120min
To the Left, to the Left: All your Security Shifted to the Left
Jamie Lee Coleman

Secure software development is one of the highest demanded skills in 2023. Secure CI/CD pipelines. Writing secure code. Securing supply chains. Being aware of the myriad vulnerabilities within our codebase is becoming more and more important for developers to understand in our “shift-left” world. The OWASP Top 10 vulnerabilities haven’t changed in a long time, because none of us seem to get it right. In this workshop we will take a journey through the entire SDLC with a critical eye on security.
We’ll look at how to implement secure coding practices, and then move on to discuss the ins and outs of modern continuous integration. After we lock down our CI pipelines, we’ll look at how to find vulnerabilities in our dependencies. Armed with that information we’ll learn how to properly triage threats, exploits, vulnerabilities that affect our software, and how to streamline code improvements. Before we’re done, we’ll investigate modern processes for continuous deployment, including secure infrastructure as code development and how to lock down our CD pipelines.
This workshop will get hands-on with a simple, streamlined approach to deploying code to the cloud while diving deep into essential concepts related to software security.

Studio
16:45
16:45
45min
Machine learning 101: Where to begin?
Lutske de Leeuw

In this presentation, we will explore the fundamentals of machine learning and provide guidance on how to get started with building machine learning models. We will start by introducing machine learning and its applications, and then discuss the different types of machine learning algorithms.

We will then dive into the key steps involved in building a machine learning model, starting with defining the problem and collecting and preprocessing the data. We will discuss how to choose the right algorithm for the problem and optimize it for the best performance through model selection and training.

Throughout the presentation, we will provide examples of real-world applications of machine learning to help the audience understand the practical implications of this technology. We will conclude by summarizing the key takeaways from the presentation and offering resources for further learning.

By the end of the presentation, the audience should have a good understanding of the basics of machine learning and the key steps involved in building an effective machine learning model. They will also have resources at their disposal to continue learning and exploring this exciting field.

Expo 2
09:15
09:15
40min
Long live the imposter syndrome!
Julia Sullivan

It’s time to rethink the imposter syndrome, urges Julia Sullivan, author of Geeks Guide To Work*, because it has wrongly been given a bad name.

These days it’s common to talk about the fear of not keeping up or living up to expectations as if it is a stressful and lonely condition we need to be cured of. But when we admit that fear and uncertainty are at the very core of being a human being we can use them as a powerful source to move and excite us and create strong and meaningful connections with others.

In a light-hearted journey through popular and less popular culture, Julia examines the thinking flaws that lead us into self doubt and loneliness. While most people spend years studying “hard” skills, Julia shows that the key to a successful, happy and fulfilled life lies in learning how to get better at maintain nourishing and resilient relationships. Above all with ourselves.

Grote Zaal
10:00
10:00
25min
The Art of Turning Incidents into Opportunities
Busra Koken

Incidents are an inevitable part of our daily work, but they are often viewed as unpleasant disruptions to our routine. The very definition of an incident includes the words "unplanned" and "disruptive" in many places, which doesn't exactly make them sound like a barrel of laughs. But what if we could change our perspective and see incidents as exciting opportunities for building resilience?

Let's explore how incidents can help us not only improve our systems but also build more resilient organizations and become better engineers. How can we build resilience through outages? How can we support our teams in responding to incidents? How can we ensure that the learnings stick around in our organization for the long haul? My hope is to provide you with a fresh perspective on these questions and give you a renewed sense of excitement for the opportunities these events present.

Grote Zaal
10:30
10:30
15min
Break
Grote Zaal
10:50
10:50
25min
Learn Sociotechnical Systems The Hard Way
Andrew Clay Shafer

Sociotechnical system theory emerged in the 1950s studying the impact of rapid changes in technology and social organization on British coal mining. The theory considers the interdependence of social and technical factors in the work and proposes that optimal organizational performance can only be achieved by systems that account for both. The research showed that considerable investments in automation did not necessarily result in increased productivity and often decreased both safety and morale. The empirical results showed that cross functional teams integrated and aligned with technology investments were more productive, more safe and more happy. And then what happened? This presentation will present a chronicle of research and anecdotes from British coal in the 50s to Serverless platforms of today highlighting how generations relearn and forget the same basic lessons about capabilities, incentives, autonomy and agency. The audience should gain an increased understanding of the impact of work design on organizational performance with a focus on the complex and dynamic challenges of delivering software in the modern workplace.

Grote Zaal
11:25
11:25
25min
Planet Earth as our Stakeholder
Marjolein Pilon

Objectives

This talk is about my journey as a Scrum Master towards creating sustainable DevOps teams. I will share my learnings and inspire the audience to raise awareness on sustainability in their own teams and organizations.

Background

Climate change is a significant threat to the future of life on earth and as I was looking for ways to become more sustainable, the idea started to grow that at work, in my own DevOps teams, we could also take the sustainability perspective. I dove into the subject of sustainable IT and started with a ‘Planet as a Stakeholder Retrospective’ for my Scrum Team in which we went over the Principles of Green Software Engineering. We discussed what steps our team could take to reduce the carbon footprint of our services.

Taking the sustainability perspective was a new approach for the team, but everyone agreed on its importance. During that session, the team estimated that optimizing our landscape and decommissioning legacy components could reduce our footprint by a significant percentage!

Just imagine: what if all DevOps would do that? I started to give workshops about ‘the Planet as a Stakeholder’, in which I help teams to look at their IT services through the sustainability lens and let them define the first steps forward.

In this talk I will share my experiences: failures, challenges, successes, and examples of practical steps that teams have already taken to reduce their carbon footprint.

Grote Zaal
12:00
12:00
60min
Lunch
Grote Zaal
13:05
13:05
25min
The Next Generation of IT: Harnessing the Potential of Trainees
Iris De Haas

Does your organization aim to increase productivity, decrease time to market and become more efficient? Then you need engineers with the right skills to improve productivity and strengthen the engineering culture. However, it can be difficult to find experienced engineers to fill the gaps. Over the past few years, we at ING have found that hiring (external) trainees with little to no IT experience and investing in their development is a great way of meeting our talent needs.

During this talk, attendees will learn (from a former trainee!) about the benefits we have experienced of hiring trainees. They will discover why investing in the development of these new workers can also help their organization to:

  1. Meet their talent needs: by hiring trainees, organizations can build their own talent pipeline and reduce their reliance on external sources. This can help ensure they have the right people in place to meet their current and future needs.

  2. Foster innovation: IT trainees bring fresh ideas and perspectives to the workplace. By investing in their development, teams can create a culture of innovation that drives growth and success.

  3. Develop a positive, learning-oriented culture: Hiring IT trainees and investing in their development can create a positive culture that attracts other skilled workers. This can help to build a high-performing and productive technology team that drives business success. We’ve found that our trainees are energetic, motivated, and eager to grow and improve. This in turn has a positive impact on the culture in our teams.

This session is for you if:
- You’re interested in learning more about the advantages of hiring trainees
- Your team has had vacancies open for months and you’re open to new solutions
- You have some doubts, concerns, or questions about hiring trainees that you would like to see addressed by someone with practical experience

Grote Zaal
13:40
13:40
5min
"SOS, please someone help me!" - Using Shiny Object Syndrome to your advantage
Daniel Bodky

From Wikipedia: "Shiny object syndrome is the situation where people focus undue attention on an idea that is new and trendy, yet drop this as soon as something new takes its place."

I battle(d) with it all the time when first entering the cloud-native ecosystem and struggled a lot, being disappointed in myself and frustrated with the little progress I made.

Over time, I managed to turn the situation around and capitalize on SOS by finding a more focused, disciplined, and organized approach.

In this ignite, I will share my experiences, perspective, and steps to mitigate 'tool fatigue' caused by SOS.

Grote Zaal
13:45
13:45
5min
Accessibility for everyone
Laura Kalbag

What is accessibility and who benefits from it? Laura’s session will explore how to approach accessibility, how we can create products that are better for everyone, and how we can improve accessibility for our teams too. You’ll leave knowing why accessibility is so important, and top tips for how you can make improvements as soon as you’re back to work.

Grote Zaal
13:50
13:50
5min
Circling back to the foundation - from CALMS to KALMS
Thiago de Faria

One of the most overlooked advantages of the devops movement is its cultural aspects. Blameless, joint ownership, knowledge-sharing... things we all consider common-sense.

But I see less discussions around burnout, humanops and the "people side" of devops at the expense of more and more discussions around platform teams, SRE, Observability, Helm Charts, Decentralization...

Do we need to circle back and refresh the foundational aspect of devops?

After COVID, I've seen more and more cases of isolation, burnout, layoffs and uncertainty. So I'd like to revisit the Culture part of CALMS and bring how Kindness should be the active common sense.

Grote Zaal
13:55
13:55
5min
Developing a pipeline is like raising chickens
Hans Broeckx

After visiting some DevOps-oriented conferences, it turns out there are quite a few chicken enthusiasts. This light talk tries to draw some connections between developing a pipeline and raising chickens.

Grote Zaal
14:00
14:00
5min
GitHopes and Terrorforms 😱
Mike Long

Everything as code! Code all the things! Build, test, deploy, infra, sec - it’s all code. Then we have no problems? Sure! This slapstick comedy in 21 slides shows how githopes and terrorforms have taken hold of our dreams and realities.

Grote Zaal
14:10
14:10
50min
Open Spaces Planning
Grote Zaal
15:05
15:05
25min
Three value-inhibiting dysfunctions of enterprise software development
Stefan Holdermans

Have you ever been part of a corporate software undertaking that, on paper, ticked all the right boxes, but somehow never was able to make a dent in the world?

Agile, Lean, and DevOps are hardly controversial anymore in today's enterprise setting. Almost every self-respecting larger-scale business organisation by now considers itself—at least partly—a software company and has embraced modern ways of developing, delivering, and running software. Digital transformations have happened or are well underway.

And so now seems to be a good moment to pause for a while, to take a deep breathe, to have a good look around, and to marvel at all the value all of this has brought. Wait—what do you mean with that, value? Yes, value. Because, wasn't that the promise? By becoming software companies and by adopting novel but proven ways of "doing" software, enterprises would thrive: they would delight their customers, become more competitive, and be less vulnerable to disruption.

Reality is different, though. A closer look at what's going on in these brand new enterprise-embedded software companies reveals that they are hardly delivering on the promise and that creating value is often far from top of mind. In this talk, I will zero in on three organisational dysfunctions that stand in the way of enterprises being successful with software: Struggling with Staffing, Abdication of Accountability, and Deceleration by Drag.

Having been made aware of these roadblocks, practioners will see them everywhere in corporate digitalisation programmes and will be better equipped to fight them.

Grote Zaal
15:40
15:40
25min
Security vs. Dev Experience: Threat … or Opportunity?
Christoph Hartmann

As companies grow, they face the challenge of balancing security and developer experience (DX) while building platforms. There is often a conflict of priorities between developers and security. While platform engineers focus on building a secure foundation for future work, product engineers are closer to customer-facing deadlines and feel the need to cut corners on things like testing and security to meet deadlines. This can negatively impact the application, platform or business security.

We will look at how modern security teams implement a culture of a continuous approach to security, integrate with development, and achieve better results than traditional methods.

Striking a balance between engineering and security requirements is crucial to the long-term viability of a software product, and everyone should work together to achieve this balance.

Grote Zaal
16:15
16:15
25min
Modern Governance and the Service Mesh
John Willis

As part of Gene Kim's IT Revolution Forum papers project, we wrote a paper entitled DevOps Automated Governance Reference Architecture. This paper aimed to create an architecture that could reduce the toil and increase the effectiveness of enterprise risk and internal audit. When we finished writing the second version in 2021, we turned it into a bestselling novel called Investments Unlimited. (IUI). IUI describes what happens when an investment bank fails an audit and how they respond. As a result, we are calling this Modern Governance. We will discuss the genesis of the IUI story, then examine some of the new risk opportunities with cloud native implementations like Service Mesh, ISTIO, and Envoy. L7 proxies are replacing traditional L3 traffic management primates, which are controlled by APIs and simple configuration files. In addition, NIST has been actively documenting these potential risks (see NIST 800-204). In order to take advantage of these new opportunities, enterprises must become better, faster, and safer.

Grote Zaal
09:15
09:15
40min
There are no soft skills: making empathy actionable
Sharon Steed

Communicating confidently and effectively; working collaboratively; solving complex problems; time management - all of these are considered soft skills, and none of them come naturally. Excelling at any of these "soft" skills could taking courses to learn more about the tools, asking a mentor to guide you when you feel overwhelmed, and engaging in a ton of trial and error when it matters the most.

Soft skills are anything but soft; they are competencies. We must consistently and actively work at developing these abilities so we can be successful teammates, managers, leaders and coworkers. And there's one skill above all that can get you there faster: empathy.

This talk will teach you to turn empathy into a behavior. We will determine empathy's importance in a corporate as well as team setting. We'll define how empathy impacts team performance and productivity. And we'll break down the framework that turns empathy from an idea to an action.

Grote Zaal
10:00
10:00
25min
Stop Chasing Unicorns and Rainbows: The Dangers of Survivorship Bias in Tech
Louëlla Creemers

Behind every successful tech unicorn are failed ventures, burned out IT professionals, and unseen struggles. However, that’s not what’s seen from the outside. It’s easy to get caught up in the promise of these tech companies’ high valuations and overnight success - the unicorns and rainbows - but this kind of thinking leads to the dangers of survivorship bias.

In this talk, we'll explore the ways in which survivorship bias can distort our perceptions of what it takes to succeed in tech and discuss strategies for overcoming it. We'll delve into the role that luck and external factors can play in success, and how to take a more realisticview of the path to success.

Whether you're an entrepreneur, tech professional, or just a dreamer, this talk will provide valuable insights to avoid the pitfalls of survivorship bias. Don't get caught chasing unicorns and rainbows – join me to learn how to navigate the tech industry with an unbiased perspective.

Grote Zaal
10:30
10:30
15min
Break
Grote Zaal
10:50
10:50
25min
How we use Data to Ignite Action
Julie Starling

Are you tired of having the same conversations, delivering "late" and being put under pressure for decisions you didn't even make? In this session, I'll walk through how we managed to flip the script in a highly regulated, risk-averse, financial institution by introducing probabilistic forecasting and flow metrics as well as ditching wasteful estimations.
I'll cover what you need to get started (very little!) and we'll explore things I wish we knew when we started our journey, including what is involved in making the mindset shift at an organisational level. I'll also be sharing some of the success stories we've seen, which include teams improving their ways of working based on data as well as critical decisions being made by stakeholders at the earliest possible opportunity rather than when we've missed a deadline.
Probabilistic forecasting has helped move our risk-averse stakeholders away from traditional and comfortable but ultimately higher-risk ways of working… however, we're still on our journey and there is so much more to come, so I'll also cover where we are going next and how we are using this alongside DORA metrics.

Grote Zaal
11:25
11:25
25min
Giving for your own good: How volunteering improves your career and well-being
Ivan Milchev

As our work continues to grow more demanding, burnout and work-related mental health problems increase as well. It might surprise you to learn how Ivan has successfully fought the negative effects of work stress: volunteering. In this talk, Ivan will recount his experience building a Kickstarter-like platform for a Bulgarian NPO. He'll share lessons he learned, how he improved his emotional well-being, and misconceptions about getting involved with open source projects.

Grote Zaal
12:00
12:00
60min
Lunch
Grote Zaal
13:05
13:05
25min
Psychologically Safe Reliability Management
Lesley Cordero

Psychological safety is particularly important for teams that manage service reliability. The vulnerability that comes with mitigating failures in production requires principles of trust, transparency, and inclusion that can only come from cultures that minimize harm and enable empowerment.

Cultivating this kind of culture requires leaders to think proactively about how to build processes and systems that enable teams to be healthy, productive, and effective, while being adequately prepared for situations when failure inevitably happens.

We’ll review the cultural consequences of chronic issues and the strategies we can use as leaders to align with our shared goal of building excellent teams. We’ll touch upon themes of privilege, power, and accountability.

Grote Zaal
13:40
13:40
5min
Home Lab for fun & profit?
Carlos León

Back in 2021, as my work & personal laptop was giving up on me and the prospects of going back to the office were nowhere to be seen, I decided to built a desktop for about the same budget that a top-of-the-line work laptop would get me. I ended up with a mean development machine that I could also game on.

Three doritos later my PC has become instrumental in regaining control over my data.

The server is provisioned with Ansible; runs containers with Nomad; service discovery is with Consul; secrets are stored in Vault; Load balancing and certificate management is done with Caddy.

A few of the services that I run in the server for my family and me are:
- Nextcloud
- Pihole
- Plex
- Home Assistant
- Vaultwarden
- n8n
- MonicaHQ
- Photoprism
And a lot more!
Most of these services are backed by PostgreSQL, my favorite database server.

The storage layer is a combination of a RADI1 2x 4TB HDD with ZFS and 1x 1TB NVMe SSD for running the OS, storing service configurations and caching as well.

This is a story on how a home lab slowly but steadily not only became the backbone my home entertainment but also my source of joy and learning.

Grote Zaal
13:45
13:45
5min
How To Get Nothing Done
Ben Madley

Plenty of people will give you advice about getting things done, but precious few help you do the opposite: minimise your added value and spend the most time doing it possible. By following this simple advice, you can make sure that tasks take far longer to get done than they need to and, when you do finish, the impact is much smaller than it should be.

Grote Zaal
13:50
13:50
5min
Nijntje Doet DevOps
Jason Yee

Nijntje gaat samen met vader pluis naar zijn werk en wordt een software developer voor een dag. Ze ontmoet verschillende collega’s van vader pluis—Ops ingenieurs, QA testers, en meer. Ook leert ze over DevOps.

Grote Zaal
13:55
13:55
5min
What if we were wrong ?
Kris Buytaert

What if we were wrong about devops ?
What if we were wrong about collaboration across skill sets being a better approach ?
What if we were wrong about automation and monitoring ?
What if we were wrong about Agile being the better approach ?
What if CI and CD (the integration and Delivery/Deployment variants) don't matter at all ?
What if ... Don't you worry at night ? Why are we doing the things we do ?
Do you even remember why we do the things ? Or have you never been told ?

This Ignite will explore the idea that we were wrong about devops, that none of it matters.

What if 5 minutes aren't enough for this ? :)

Grote Zaal
14:00
14:00
5min
Flying Blind - Accessibility in Monitoring
Feu Mourek

Do you know what it feels like to navigate as someone who can’t distinguish between green and red - looking at those badges that tell you whether something is broken or a-okay? I’ll give you a quick look into what it feels like with some examples from the monitoring tool Icinga Web 2.

We all tend to forget, that not everyone sees the world like we do. In this talk I’ll be walking you through different views in Icinga Web 2 with side-by-side comparisons for the default views and how different kinds of vision impairments affect those. The talk also features a few suggestions on how to improve colour schemes and making websites and webapps better to navigate with screen readers!

Grote Zaal
14:10
14:10
45min
Open Spaces planning
Grote Zaal
15:00
15:00
25min
AKS unlighted, but what about Compliancy, cost and Multi-tenancy?
Dinant Paardenkooper, Jurgen Allewijn

The business case from City of Amsterdam is to overcome the challenges in setting up Azure Kubernetes Service (AKS) in such a way that it is secure, cost control, multi-tenant and compliant with the local government regulations. The goal is to empower the workload teams with the latest technology and the DevOps way of working. On their journey, the Cloud-Ops and Workload teams concluded that it isn’t just enabling “AKS”. It also requires a lot of management and Kubernetes knowledge, which is currently not present by most of the workload teams.


Sharing a Real-life use case in setting up a Multi-tenant Kubernetes with experience out of the field in a complex environment which is limited by compliant government regulations. It is not just “enabling” AKS and you are finished. 
 
This talk helps bring clarity to create a Multi-tenant Kubernetes Environment based on agentpools in a secure, segmented and compliance way to all your workload teams, facilitating them in the needed protected cloud environment and a self-service offering.

This solution is based on Azure Kubernetes Service, enriched with technologies like Nginx, Calico and Open Policy Agent.

In the end the environment is deployable by infrastructure as code pipelines, protected, compliant and gives the possibility to use the power of Kubernetes and the Public Cloud like scaling on demand. This gives the needed flexibility to the City of Amsterdam, to follow the OpenSource strategy, using the latest technology and implementing the DevOps way of working.

Grote Zaal
15:35
15:35
25min
The common fallacies on platform building
Derik Evangelista, Winna Bridgewater

A fallacy is a kind of error in reasoning that should not be persuasive, but often are. Fallacies may be created unintentionally, or they may be created intentionally in order to deceive other people. The vast majority of the commonly identified fallacies involve arguments, although some involve explanations, or definitions, or other products of reasoning. Sometimes the term "fallacy" is used even more broadly to indicate any false belief or cause of a false belief.

In this talk, we will explore the common fallacies people believe in regards to platform building, both as supporters and opponents of it. We will give them names, analyse their flaws, and how they are often used in arguments. The goal is to give you the tools you need to spot and rebuke them next time they appear in your team discussions.

After this talk, you will:
* Learn about common fallacies around platform building
* Learn how to spot a fallacy in a team discussion
* Understand how to counter-argument a fallacy

Grote Zaal
16:10
16:10
25min
Alert Analytics
Monika

At Cloudflare, we use Prometheus heavily. We have point of presence (POP) in more than 285+ number of cities and each POP have their own Prometheis. All these Prometheis send alerts to a central Alertmanager. We have various integrations to route the alerts. We also route all the alerts to a datastore for alert analytics.

The talk covers
- What is Alert analytics?
- Why is alert analytics important and what problems does it solve?
In this we will discuss
* The importance of trending alerts.
* Identifying noisy components, why are they noisy.
* Bottlenecks - hardware/application.
* Correlation with releases/incidents.
* How analysing time to resolve alerts gives improvement opportunities.
- How to do Alert Analysis using open source tools.
- Conclusion.

Grote Zaal