In this workshop Russ Miles will demonstrate and implement the DDD patterns that are applicable to building great microservice-based systems. Pulling from years of experience building this style of systems, this workshop will share the deep technical design skills that help make your microservices adoption a success.
Topics Covered
- Design a monolith ready for microservices
- Apply patterns such as Bounded Contexts, Events and Event Sourcing to be flexible enough to embrace microservices at the right point for your application
- How to build fast data flows and integrate with big data tasks from your microservices.
- Deploy, Upgrade, Stress and Manage your microservices so that they are ready for production
Docker 1.12 offers a built-in orchestration manager. This is a big step because allow us to use Docker to manage our production environment and not just the runtime engine for our build containers. This workshop is designed for sysadmins, DevOps and all engineers that already know what a container is and the basics about the Docker ecosystem.
After a deep drive into the main concepts of Docker Swarm, we will create an infrastructure environment made of 5 nodes and we will install few tools to monitor, scale and make secure our environment. We will use all best practices to make our environment secure, stable and also to understand how to manage a production environment. Continuous Integration, Docker Registry, Monitoring, Logs and so on. Attendees will leave understanding what Docker offer to build a solid production environment for our applications and microservices.
We all love the aspirational DevOps talks about companies achieving blistering speed and dazzling nimbleness. But improving your own organization’s performance – from where they are now to performance levels equal to the industry leaders – seems like a very long and difficult road. What is missing in most organizations? A repeatable system that empowers teams to find and fix their own problems. This is a prescriptive talk about empowering and transforming organizations using a methodical — and totally reasonable – Kaizen (Continuous Improvement) approach. We’ll look at ways of combining known techniques like value stream mapping, Lean waste analysis, and improvement kata in order to fix organizational, process, and tooling problems. This talk isn’t about mythical silver bullets or vague philosophies. This talk is about taking a fresh look at proven Lean techniques that already work in high-performing IT organizations.
Strata is the new Open Source library for market risk from OpenGamma, written in Java SE 8. It follows the many of the design principles of Joda-Time and JSR-310, bringing easy-to-use and high quality open source to the domain of quantitative finance and market risk. In this talk I will show how the library allows you to price financial instruments like interest rate swaps and options, demonstrating the key elements of the library including curves, conventions and holiday calendars. Join me to explore the future of open source market risk.
The Fintech Landscape(more than 1300 companies) is described by a taxonomy with four verticals (Banking & Payments, Investments, Financing and Insurance), and an infrastructure and enabling technologies segment (8 different market segments including crypto currencies and blockchain as well as data and analysis) . Using the VB Profiles / Spoke Intelligence platform, a dynamic analysis is provided looking at the evolution of company creation in different market segments, funding and investors as well as geographic specificities (North America, Europe, UK and Asia). A look at the different and underlying trends will be provided and key questions raised for discussion.
Peter Lie will give a quick analysis based on the book ‘Antifragile; things that gain from disorder’ from Nassim Nicholas Taleb. He will walk through elements from the book and how they experience these in day to day agile coaching operations: Understanding of Fragile – Robust – Antifragile Fragile: Turkey as Black Swan at Christmas time, You lose more by randomness (gain/loss graphic), One size fits all Antifragile: Can win, You gain more by randomness (gain/loss), Barbell strategy (safety vs. risks), Thinkering versus Big design upfront, Complex versus Simple After the talk Peter will give an interactive workshop about how you can use these insights to improve your own workplace and attitude in your environment.
Is continuous delivery mainstream? We would all like to think so, but as William Gibson reminds us, “The future is already here—it’s just not evenly distributed.” The large (unicorn) companies have been talking about deploying containerized applications for some time, but the processes, techniques, and technologies involved are not always clear when looking in from the outside. This can make it difficult to emulate their success.
Based on his experience building several Docker-based applications that were deployed to a range of orchestration and scheduling platforms, Daniel demonstrates how to create a scalable build pipeline that takes a series of Java applications, containerizes them, and deploys them into a container orchestration platform.
The talk will primarily be slide-driven and at the conceptual level, but example Java/Docker/Jenkins code will be available to download via GitHub, and the project can be executed locally via Vagrant.
Demand-based data consultants have taken the helm of the emerging data ship. The rise of alternative data sources and the slowness of incumbent institutions has given room for these specialists to source, develop and redistribute new forms of signal. In this talk we give an overview of data consultants, the gap between quantitative and quantimental, and the value proposition of going 'full stack'.
Are you building high throughput, low latency application? Are you trying to figure out perfect JVM heap size? Are you struggling to choose right garbage collection algorithm and settings? Are you striving to achieve pause less GC? Do you know the right tools & best practices to tame the GC? Do you know to troubleshoot memory problems using GC logs? You will get complete answers to several such questions in this session.
We used to talk about developers throwing their code across to beleaguered ops team and now we are preaching a message of doom for companies that fail to “go digital”. DevOps has become such a buzzword in recent IT circles, that no talk is truly complete without a mention. But are we doing it right?
Is the drive for continuous development making it harder and harder for the Ops team to keep the plates spinning and the organisation running? Does the need for business control take all the fun out of development? And why are so many DevOps teams having to become InfraDevOps specialists?
In this keynote, Martin Percival from Red Hat will look at some of the niggles of the DevOps world and will start to look at ways to harness DevOps successfully, drive business transformation and yes, even bring some “sexy back” into the world of corporate development. Be prepared for openness and even some contention, but be prepared to start the conversation around how we change the engine of our businesses while still accelerating hard.
It’s not just about having data, anymore. It’s about what you do with it. We’ll explore the different recipes for unlocking the hidden value in your data. With the right abstractions, models and processes you can bring to light new insights for your customers. Our discussion will cover practical, real-world examples from the Nasdaq Innovation Lab—changing the way organizations find value, through smarter, growth-focused, and living products.
The race for low latency data continues. 10 years ago, Flashboys were helping HFT make money with low-latency infrastructures. Today, hedge funds build AI brains pumping hundreds of sources of data in real-time, seeking ubiquity to build Laplace Demons.
To successfully move to DevOps, you will need to change your company's culture in a lot of ways. If you have people in very distinct operations and development teams, how do you convince them about the benefits of closer collaboration and blurring of lines?
Why would operations let developers have production access? If it resulted in better monitored, better documented, more stable and resilient systems, maybe they'll accept the perceived extra risk.
Why would a developer accept being woken up at 2 am for no more money? If it means having the power to make more decisions about the tools, processes and software to use, maybe they'll be fine with that.
Over the last few years at the Financial Times, we've gone through this culture change, and I'm happy to share some of the problems we've faced and the solutions we've tried.
It's a situation many of us are familiar with: a large legacy, monolithic application, limited or no tests, slow & manual release process, low velocity, no confidence... A lot of refactoring is required, but management keeps pushing for new features.
How to proceed? Using examples and lessons learned from a real-world case, I'll show you how to replace a legacy application with a modern service-oriented architecture and build a continuous integration and deployment pipeline to deliver value from the first sprint. On the way, we’ll take a look at the process, automated testing, monitoring, master/trunk based development and various tips and best practices.
Technology is rapidly driving the transformation of the financial services sector. It has the potential to increase competitiveness, innovation and efficiency, creating real benefits for both consumers and firms, you may have heard people referring to "Fintech" as an umbrella term for this disruption in Financial Technology. However, new technology also has the potential to increase the risk to a bank if not adopted without the appropriate controls, in fact there are a number of organisations such as the UK Finanical Conduct Authority and the US Federal Reserve who protect consumers and markets from this via regulations.
Red Hat is working with large financial organisations to enable new technologies (using Docker Containers and Kubernetes) which are allowing them to innovate, while still being compliant with all of the regulations and controls. In this talk, we will explore various architectural aspects from a number of OpenShift deployment into the banking sector.
Modules are the major new feature of Java SE 9, developed under project Jigsaw. Originally due for Java SE 7, they are now almost finished, and it is time to consider how they might affect existing and new codebases. This talk will cover the basics of the Java platform module system and its implications, particularly to reflection. Join me to learn about our modular future!.
Fidor Bank was the first bank to use open RESTful APIs with OAuth2.0 with the aim to create a banking ecosystem whereby customers, users, developers and partners have a place to exchange and share banking services. New regulations like PSD2 and UK’s Open Banking will enforce the provision of public APIs for all banks. This new scenario will open doors to multiple systems that will merge banking APIs with social driven behaviours.
The needs for APIs will vary depending on the parties involved, having a flexible standard to serve all requirements will become critical. Alberto will discuss how banks and providers could manage these new API challenges and requirements in an efficient manner.
All is not completely rosy in microservice-land. It’s often a sign of an architectural approach’s maturity that anti-patterns begin to be identified and classified alongside well-established principles and practices. Daniel Bryant introduces seven deadly sins from real projects, which left unchecked could easily ruin your next microservices project.
Daniel offers an updated tour for 2016 of some of the nastiest anti-patterns in microservices from several real-world projects he’s encountered as a consultant, providing a series of anti-pattern “smells” you can sniff out and exploring the tools and techniques you need to avoid or mitigate the potential damage.
Topics include:
Pride: Selfishly building the wrong thing, such as the "Inter-Domain-Enterprise-Application-Service-Bus” or a fully bespoke infrastructure platform
Envy: Introducing inappropriate intimacy within services by creating a shared “canonical” domain model
Wrath: Failing to deal with the inevitable bad things that occur within a distributed system
Sloth: Composing services in a lazy fashion, which ultimately leads to the creation of a "distributed monolith”
Lust: Embracing the latest and greatest technology without evaluating the operational impact incurred by these choices
Payments are about to have their Uber moment. You would be amazed by the complexity behind a payment, not only is it complex, it's slow, unreliable, restrictive and costly. A cross-boarder payment can cost over 5%, take days and only 99% reach their correct destination. We haven't even touched on new payment types and accounts. With over a billion a day from the larger banks and values in the tens and hundreds of billions there are some big gains to be had across the board. Who will lose, who will win, how will it be done??? John Davies, previously head architecture at Visa Inc., will give you plenty of insight.
Software development is not just about building stuff, over the better part of the last decade a global movement kicked in that realized this change in building and delivering software. Software has only value when it is running in production. Yet people seem to forget about that. This talk will teach you about a number of real life situations preventing deplooyment and running software and how to fix them.
Deep learning (DL) hierarchical models are a form of machine learning particularly suited to the creation of artificial intelligence for financial data analysis. We discuss opportunities and limitations of this new technology and indicate what (exciting) changes we expect to unfold over the coming years.
Thread dumps are vital diagnostic information for identifying root causes of critical problems. In this session, you will learn different formats of thread dumps + tips & tricks to analyze them effectively. You will be introduced to real-world problems that are experienced by several major enterprises and how these tricks helped them to identify the root cause of the problem.
The continual search for alpha in trading today has lead to an explosion of interest in alternative information sources, such as social media (Twitter, Stocktwits and so on), and the use of artificial intelligence to make sense of it all. In the world of conversations and opinions it's hard to sift through the noise and filter out the real events that are impacting the markets. Data mining, natural language processing and heavy retrospective analysis has shown there is valuable information, but there are significant challenges finding that information in real time. Working with Yedup we've built an AI system that can extract real-time alpha and provide an API feed of hundreds of stocks and their related companies and industries. Used by one of the worlds biggest market makers we talk through some of the architectural choices and approaches needed to realise the real-time AI found in the Yedup system.
In the past year we migrated our applications to containers to isolate our applications and made them easily shippable. But now we are struggling running stateful applications to make them scaleable and fault tolerant. And we run our big data and fast data frameworks in separate clusters because it is not super easy to integrate this into our current container stack. This means that our cluster utilization is not optimal and we resign scaling effects comprehensive containers and big data frameworks. Florian Leibert (Mesosphere, CEO) calls this phenomenon Container 2.0 and we will discuss this topic in this session.
In this session we will look at current container usages and show the actual problematics. After this we will see how DC/OS and Apache Mesos delivers Container 2.0 to optimize cluster resource sharing for all parts of your application.
Development is more than just code. How many times have you delivered a feature only to find that what you’ve built isn’t what the user wanted? We’ll be looking at ways you can build communication strategy into your development process, with a focus on cross-team communication in larger organizations. Involving non-technical teams and individuals in your development process through communication allows for a wider range of insights. Productive internal conflict supported by open communication can help make sure you build the right product the first time.
Fork/Join is a framework for parallelizing calculations using recursive decomposition, also called divide and conquer. These algorithms occasionally end up duplicating work, especially at the beginning of the run. We can reduce wasted CPU cycles by implementing a reserved caching scheme. Before a task starts its calculation, it tries to reserve an entry in the shared map. If it is successful, it immediately begins. If not, it blocks until the other thread has finished its calculation. Unfortunately this might result in a significant number of blocked threads, decreasing CPU utilization. In this talk we will demonstrate this issue and offer a solution in the form of the ManagedBlocker. Combined with the Fork/Join, it can keep parallelism at the desired level.
The traditional proxy for the duration of program execution, the number of instructions executed, is being made inadequate by the increasing importance of caches in modern processor architectures. A program that is sympathetic to caching requirements, for example by respecting data and instruction locality and minimising false sharing, will outperform another that may execute many fewer instructions if it uses cache less efficiently. What does this mean for the Java programmer? The Java Collections Framework, used daily by every working Java programmer, is interface-based: its design assumes that you will choose an interface—Set, List, or Map—according to the functional requirements of your application, and an implementation of that interface guided by the expected usage scenarios. But we can't any longer use algorithmic complexity—the big-O characteristic of an algorithm–as the only, or even the main, way of choosing between collection implementations. In this talk we'll look at some common Java collections in the light of this new way of judging efficiency, and explore the practical implications for the working Java programmer.
For effective, modern, Cloud-connected software systems we need to organize our teams in certain ways. Taking account of Conway’s Law, we look to match the team structures to the required software architecture, enabling or restricting communication and collaboration for the best outcomes. This talk will cover the basics of organization design, exploring a selection of key team topologies and how and when to use them in order to make the development and operation of your software systems as effective as possible. The talk is based on experience helping companies around the world with the design of their teams.
Has DevOps become a synonym for Continuous Improvement? As the breadth of DevOps concerns has spread to seemingly include everything in the IT lifecycle and ever incorporates the rest of the business’ goals and activities how do we define what it is? What are the contributing methodologies that converge and combine to drive DevOps evolution? In this talk, Helen explores the relationships between Agile, Lean, ITSM, Learning, Failing Smart/Safe/Fast, the Theory of Constraints, Shifting Left and Holacracy and whether together they are a superpattern that underpins DevOps.
Interest and energy has been pouring into the Hyperledger Project which was launched in 2016 by the Linux Foundation to provide blockchain technologies for the enterprise. Blockchain technology is the underpinning of Bitcoin, but its application goes far beyond alternate currencies. Blockchain can be used to address information-management problems in a decentralized manner. This is valuable not only to the financial industry, but also in healthcare, environmental monitoring, emerging-market credit, supply chains, even education. This presentation covers how this community of open source communities is organized, the different projects they focus on, and provides an introduction to Fabric, the blockchain framework IBM has contributed.
Presenting from the perspective of a fictitious web application penetration test, this session will provide you with a well-founded overview of the open-source tools used by security professionals and penetration testers in their daily work on the detection of security vulnerabilities. Despite the high quality of the supportive tools in this field, this is still unknown territory for many development projects and therefore unused potential. After my presentation, you will be familiar with the tools of the professionals along with the purpose, usage scenarios with concrete examples, and pros and cons - in the hope that their use does not remain only in the hands of the penetration tester.
Look at that application. It's fantastic. It’s solid, reliable and bug free. Depended on by many. It’s so good your new task is to move it into the cloud and make into a service. How hard can that be?
Many have gone before you along this path. Many have failed. A few have succeeded. All have scars. Although the journey is different for everyone there are common aspects to them all. In this talk we will cover our experiences in moving applications into the Cloud. What you must do. What you must not. What matters, what doesn’t.
In moving to the cloud there is no try.
In this talk:
* We'll cover the core aspects of how the cloud differs from local data centers in terms of application design, runtime characteristics and operational considerations.
* We'll explain through various real life examples where things worked and where they didnt
* We end with a summary of the key elements to success and the major pitfalls to avoid.
Java, and Scala, and likely Kotlin, Ceylon, Clojure, Groovy, etc. i.e. JVM languages, have a strong central
place in many organisations including finance related ones. And yet Python is the language of choice for many investment banks and hedge funds in many core areas of their business.
One of us works in the finance industry using mainly Python, the other has spent much of the last decade
training people in "finance houses" Python software development. We suspect it won't be hard to work out who is who on the day.
In this session we will present a "pitch" to people used to the JVM and it's languages, why the Python stack
has become so central to much of the finance industry. Expect live coding, interaction, pandas, and the
unexpected (*).
(*) The humour here will be explained in the session.
This approach is superior to what came before it but is not perfect. Testing frequently ends at the point of release, meaning that bugs in production can be caught late and by the end users. Pragmatism dictates that exhaustive acceptance testing is infeasible. Tests usually represent only a simplified version of user interactions. In production, data will almost certainly be generated by code paths that have not been fully exercised in tests. That data is usually decoupled from our testing environment. If the current version of the system generates data, how do we know that future versions will consider it valid and act upon it appropriately? How can we find out about bugs after acceptance, but before customers do?
This session will demonstrate how to sanity check a live system using end to end testing, limiting interference with real interactions. It suggests ways to integrate real production data into a continuous delivery pipeline and assert on the validity of the production outputs.
In this talk, you will learn:
* What is StampedLock (introduced in Java 8)?
* How can the StampedLock provide an effective way to manage thread safety with objects that contain several fields (with invariants across them) in many producer/ many consumer systems?
* What are common StampedLock idioms – and how can Lambdas be applied to make them pluggable?
* What are some lock-free solutions, based on AtomicReference / Unsafe / VarHandles?
Thursday, 06.04.2017:
In this hands-on workshop we’ll all attack the training web app, to take on the role of a pentester one step at a time. You’ll learn how to work with professional security tools through a range of practical tasks and will also learn pentesters’ general approach for attacking web apps.
Of course, we’ll also deal with defensive measures for protecting the security holes found, though our focus will remain the systematic use of professional hacking tools for carrying out (partially automated) security analyses. Once you’ve completed this workshop, you’ll have practical experience of carrying out attacks on web apps, which you can transfer into your own software development work so as to increase the security of your projects for the long-term.
For effective Cloud-connected software systems we need to organize our teams in certain ways. Taking account of Conway’s Law, we look to match the team structures to the required software architecture, enabling or restricting communication and collaboration for the best outcomes. In this workshop you will learn how to design your organization for modern, Cloud-connected software systems, covering topics such as: fundamental team topology types; how and when to use the fundamental team topologies; how to recognise other team topologies and to map these onto the fundamental types using topology fitness functions; the dynamics of team design and how team topologies should evolve; heuristics for discovering new topologies. On completion of the workshop, you should have a sound understanding of which team topologies to apply in different circumstances and why. Attendees are expected to have a basic understanding of Conway’s Law and of the DevOps Topologies patterns at http://devopstopologies.com/.