Chef CTO + Chef Automate demo Keynote

Video in TIB AV-Portal: Chef CTO + Chef Automate demo Keynote

Formal Metadata

Chef CTO + Chef Automate demo Keynote
Title of Series
CC Attribution - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date

Content Metadata

Subject Area
Group action Process (computing) Ring (mathematics) Demo (music) Oval Moment (mathematics) Right angle Musical ensemble
Group action State of matter Multiplication sign ACID Water vapor Insertion loss Mereology Food energy Neuroinformatik Web 2.0 Facebook Mathematics Strategy game Bit rate Velocity Different (Kate Ryan album) Analogy Videoconferencing Arrow of time Data conversion God Enterprise architecture Cloud computing Perturbation theory Wave Process (computing) Isomorphieklasse Velocity Self-organization Right angle Quicksort Figurate number Functional (mathematics) Spacetime Row (database) Trail Service (economics) Vapor barrier Adaptive behavior Control flow Distance Digital signal processing Causality Natural number Software Lie group Computing platform Metropolitan area network Computer architecture Shift operator Focus (optics) Surface Physical law Expert system Cartesian coordinate system Word Network topology Data center Service-oriented architecture
Axiom of choice Computer program Building INTEGRAL Direction (geometry) Multiplication sign Neuroinformatik Formal language Web 2.0 Mathematics Strategy game Different (Kate Ryan album) Analogy Single-precision floating-point format Information security Physical system Stability theory God Enterprise architecture Software engineering Software developer Skeleton (computer programming) Message passing Order (biology) System programming Triangle Self-organization Right angle Pattern language Modul <Datentyp> Quicksort Stability theory Spacetime Implementation Transformation (genetics) Connectivity (graph theory) Software industry Theory Number Product (business) Force Term (mathematics) Authorization Software testing Computing platform Metropolitan area network Module (mathematics) Operations research Shift operator Key (cryptography) Physical law Line (geometry) Continuous function Cartesian coordinate system Configuration management Sphere Human migration Elementary arithmetic Software Integrated development environment Point cloud Video game Abstraction
Curve Service (economics) Focus (optics) Service (economics) Demo (music) Code Building System administrator Multiplication sign Electronic mailing list Usability Staff (military) Line (geometry) Cartesian coordinate system Product (business) Power (physics) Process (computing) Integrated development environment Software Strategy game Order (biology) Right angle
Multiplication sign Operator (mathematics) Data structure Game theory Cartesian coordinate system Information security God
Rule of inference Complex (psychology) Dependent and independent variables Server (computing) Arm Service (economics) Demo (music) State of matter Transformation (genetics) View (database) Workstation <Musikinstrument> State of matter 1 (number) Cartesian coordinate system Subset Data mining Goodness of fit Word Bit rate Integrated development environment Right angle Vertex (graph theory) Physical system
Area Execution unit Server (computing) Axiom of choice Inheritance (object-oriented programming) Touchscreen Twin prime View (database) Instance (computer science) Group action Emulation Process (computing) Blog Universe (mathematics) Synchronization Convex hull Directed set Right angle Vertex (graph theory) Quicksort Permian IBM Rational Unified Process Physical system
Scheduling (computing) System call State of matter Code Mountain pass View (database) Multiplication sign Numbering scheme Data management Medical imaging Mathematics Supersymmetry Different (Kate Ryan album) Vertex (graph theory) Website Information security Physical system Collaborationism Witt algebra Software developer GUI widget Shared memory Stress (mechanics) Bit Control flow Type theory Structured programming Programmer (hardware) Website Software testing Pattern language Right angle Energy level Quicksort Onlinecommunity Asynchronous Transfer Mode Game controller Process capability index Power (physics) Profil (magazine) String (computer science) Energy level Integrated development environment Software testing Maize Normal (geometry) Analytic continuation Proxy server Task (computing) Data type Axiom of choice Onlinecommunity Demo (music) Inheritance (object-oriented programming) Information Debugger Basis <Mathematik> Database Cartesian coordinate system Performance appraisal Explosion Integrated development environment Internet forum Computing platform Natural language Window Traffic reporting
PC Card Asynchronous Transfer Mode Multiplication sign Sigma-algebra Field (computer science) Number Data management Profil (magazine) Computer worm Integrated development environment Vertex (graph theory) Website Data type Default (computer science) Axiom of choice Onlinecommunity Information Cellular automaton Lemma (mathematics) GUI widget Bit Mereology Control flow Cartesian coordinate system User profile Structured programming Explosion Programmer (hardware) Intrusion detection system Internet forum Normed vector space Order (biology) Revision control Computing platform Configuration space Data Encryption Standard Software testing Formal verification Energy level Object (grammar) Electronic visual display RSA (algorithm) Traffic reporting
Reading (process) Asynchronous Transfer Mode Momentum Mountain pass Product (business) Data management Software testing Vertex (graph theory) Website Drum memory Physical system Vulnerability (computing) Data type Axiom of choice Onlinecommunity View (database) Gradient Planning Menu (computing) Control flow Structured programming Explosion Programmer (hardware) Internet forum Right angle Energy level Figurate number Traffic reporting
Suite (music) Game controller Scripting language Inheritance (object-oriented programming) Demo (music) GUI widget Demo (music) Control flow Mereology Cartesian coordinate system Demoscene Template (C++) Type theory Profil (magazine) Videoconferencing Text editor
Area Profil (magazine) GUI widget Revision control Transport Layer Security Mathematical analysis Price index Text editor Control flow Metropolitan area network Power (physics)
Game controller Code Line (geometry) Cellular automaton GUI widget Transport Layer Security Virtual machine Price index Line (geometry) Control flow Revision control Website Right angle Determinant Error message
Frame problem Asynchronous Transfer Mode Group action Game controller Mountain pass Profil (magazine) Integrated development environment Software testing Information Vertex (graph theory) Analytic continuation Default (computer science) GUI widget Transport Layer Security Control flow Cartesian coordinate system User profile Explosion Process (computing) Software Revision control Software testing Right angle Resultant Traffic reporting
Axiom of choice Game controller Patch (Unix) Multiplication sign Source code Control flow Open set Demoscene Power (physics) Core dump Operating system Integrated development environment Selectivity (electronic) Software testing Vertex (graph theory) Analytic continuation Proxy server Vulnerability (computing) Physical system Default (computer science) Demo (music) Control flow Cartesian coordinate system Explosion Process (computing) Software Configuration space Right angle Natural language Quicksort Information security Traffic reporting
Standard deviation Service (economics) Demo (music) Maxima and minima Open set Software maintenance Blog output Physical system Default (computer science) Covering space Source code Execution unit Cone penetration test Link (knot theory) Building Cellular automaton Core dump Group action Complete metric space Software Function (mathematics) Revision control Video game Form (programming)
Building Group action Installation art Link (knot theory) Electronic data interchange Service (economics) Inheritance (object-oriented programming) Computer file Code Core dump Mereology Cartesian coordinate system System call Entire function Software Estimation Whiteboard Revision control Configuration space
Trail Link (knot theory) Installation art Service (economics) Software Estimation Moment (mathematics) Revision control Plastikkarte Right angle Vulnerability (computing)
Service (economics) Mountain pass Demo (music) Floating point Open set Stack (abstract data type) Subset Element (mathematics) Integrated development environment Vertex (graph theory) Information security Vulnerability (computing) Default (computer science) Covering space Enterprise architecture Link (knot theory) Cellular automaton Explosion Software Estimation Revision control Configuration space Right angle Resultant Traffic reporting
Group action Torus Service (economics) Multiplication sign Moment (mathematics) Core dump Field (computer science) Subset Software Integrated development environment Blog Different (Kate Ryan album) Form (programming) Amenable group Vulnerability (computing)
Medical imaging Service (economics) Empennage Installation art Fibonacci number Function (mathematics) Point cloud Core dump Term (mathematics) Demoscene Computing platform
Email Context awareness Server (computing) Installation art Demon Transportation theory (mathematics) Computer-generated imagery Moment (mathematics) Expert system Core dump Bit Binary file Medical imaging Root Googol Computing platform Point cloud Point cloud
Mobile app Service (economics) Proxy server Computer-generated imagery Run-time system Plot (narrative) 2 (number) Read-only memory Term (mathematics) Befehlsprozessor Hash function Set (mathematics) Vertex (graph theory) Proxy server Installable File System Point cloud Default (computer science) Service (economics) Demon Login Line (geometry) Cartesian coordinate system Template (C++) Replication (computing) Data management Configuration space Right angle Volume Form (programming)
Enterprise architecture Computer program Asynchronous Transfer Mode Game controller Implementation Demo (music) Direction (geometry) Shared memory Profil (magazine) Computing platform Integrated development environment Vertex (graph theory) Quicksort Abstraction Vulnerability (computing) Spacetime Traffic reporting
View (database) Graph (mathematics) Software developer View (database) Web page Feedback Execution unit Group action Cartesian coordinate system Product (business) Subset Data management Vector space Term (mathematics) Vertex (graph theory) Determinant Flag
Complex (psychology) Group action Service (economics) Multiplication sign Subset Product (business) Mathematics Term (mathematics) Elasticity (physics) Software testing Vertex (graph theory) Physical system Service (economics) Software developer Coordinate system Group action Gauge theory Cartesian coordinate system Grass (card game) System call Integrated development environment Point cloud Self-organization Right angle Daylight saving time
Service (economics) Demo (music) Term (mathematics) View (database) Bit Cartesian coordinate system
with over 40 million downloads I'd like you to please rise and welcome to the stage of Jacob and I'm like everybody gets a standing ovation ring super also known as a trick I figured out last year that if I ask you stand at the beginning and then again at the end I was guaranteed a standing
ovation and so that's that's my thing now I haven't figured out taxonomic if you stand up at the end of this 1 because it's like the transitions were you'll see and but I am but hopefully we can we can work out and let's let's start maybe OK and well before I actually kick off that the full talk and it's been 10 years for me since I started this thing that have now a shaft and which is also under review for to the same job for 10 years right medium that guy and this just a demo men who worked with me 10 years ago and OK so am I so I say thank you to all of you and who have given me this incredible opportunity and to to do this thing and and to have this thing that we just made up you know we were literally just making it up and and you keep making it up with us uh every day and it's so it's so great and I'm so appreciative of it and before I get all the way going I have a couple of things I wanna do 1 person in particular I wanna think and because I feel like chef path has become this moment where we order to come together and really feel uh how connected we are as a community and more the incredible music and the incredible uh show the gets but on for you and Carolyn back has really then amazing so thank
you Carolyn and for all the you done and and for the incredible show that you put on
and for all these people OK like was do keynote is the goal and the other was was going on talked about whatever comes up to mind which could be cool but probably won't be obtained as I think it over and over again to the keynotes from Barry and to the all keynote from from SAP the couple 1 video all those things uh Forrester and the pace of change in our world is only going faster right and all the technology all the things that are going on the culture changes everything's just speeding up and ramping up everyone is talk about what the future of enterprise looks like we keep talking about digital transformation and I want people to understand what is it that were transforming into a exactly and and so we talked about as outcome oriented Barry did earlier today and and beneath it he had this little thing in parentheses in it said application centric and as sort acid and and for me the application center part of this is where we start to get into the technical rubber that meets the outcome-oriented road and that as an organization were really trying to figure out how can we shift to this world where we think 1st about the applications and what they provide to our users and 2nd about everything else and right now are enterprises are a lot like this bowl of soup and you have a lot of different technology that you have built up over the years that make sort of this delicious chunky stew right and things like datacenters infrastructures a service if containers you have micro-services you doing you did client-server narrated service right architecture cause client-server sucked and needed rest because service aren't architectures were for soccer is right and and all this change that's happening in history just like stirring up your soup bowl with a spoon you know as I like you actually get rid of all the pieces of my analogy breaks down pretty you could be the 1 you didn't like 1st but no 1 does that so the and the truth is you have all this stuff and it's still wrapped up inside of your organization and the enterprise that wins the becomes 1 of those digital attackers that we talked about earlier that the enterprise that learns how to shift its focus and then learns how to shift with those changing tides in the title incorporates all of those things that you have done over the last 20 years until 1 truly delicious stew and but in general when we talk about our own technology strategy and we tend to reach for technology strategy we go things are changing or what's the new hotness and I'll just about that and everything the be cool and it's sort of like this and this is the Howland pulverizer and at Jordan's pulverizer and these are or pulverises so they like crushed coal or iron or whatever and the the pulverizer and the Jordan pulverizer were created about a year apart sometime in the 18 hundreds I only know this because I thought the picture was cool and I was like I have to find out the story behind the pictures I have no idea if this is a complete lie so just you gotta go with me because I'm an expert on African or pulverises and but an but there were a couple years apart and there was actually I think I am a very dramatic conversation about the future of or pulverizing and in this arrow where it was unclear which 1 of these was going to be the dominant or pulverizer and it was it was this big technological shift those having an industry where they're getting you know 10 x improvements in or pulverization and it was really transforming the energy industry as we know it in the 18 hundreds and any you can think about this like the same conversations we used to have about rest verses service-oriented architecture right like you got 100 x improvement of only used this thing and the truth is just like these or pulverises no technology actually saves us in the and rain and snow like we adopted technology and then all of our problems are solved and we never have to adopt another technology ever again and so are enterprises right now they feel a lot like this water tower right and the this collection of technology as collection of culture and that is kind of utilitarian and also invaluable right if you live in this town and that water tower goes away you don't have water to drink and you are Mack you're like what the hell happened to my water sour right and and you don't really expect that your water tower that is going to shift and change and grow with the technology times you dislike about fresh water with no law in it you know and you know what we can dress it up and make it funny but christmas lights on it like they did with this isomorphism a Christmas like this Christmas lights on on his water tower and the thing we have to become 0 is this we have to figure out how we go from being these incredibly valuable enterprises that run the fabric of our lives you run all the business that does everything in the world how do you also figure out how to go to space petty become these innovative adaptable agile organizations the customer-centric and suffer led business driven and cross-functional and move a high velocity in a safe and compliance and the difficulty here is is magnified because we'll just have to get 1 enterprises space which for the record is what the large Web companies had to do it and have to give each other space there were like on Facebook about myself to space just do what I did space is easy right and but this had to get themselves to space none and all we have to get the guys who pulverized war 2 states right because with me in analogy it's like it's it's a tough problem it's harder than the problem that Facebook and Google and those guys space which I don't mean to trivialize is incredibly difficult but it's not like we stop being water towers you know the ground is digital journey we have to transform organ become this amazing new thing but how do we do that like how exactly are we going to get to space so 1st I wanna start by talking about how cute this barriers yeah the we write this such a q pair and I think he feels about that tree like the enterprise feels about space you know like I did walk and OK so at step 1 we have to learn from each other right I know this sounds trite to start with learning but it's true we have to talk to each other have to come to places like chef off and if the talk about our experiences as enterprises as people with talk about new technology with the learn from the big web the we have to learn to adapt that learning to ah business so when we hear talk by someone from Facebook when I get up on stage and make their jokes about space and you have to figure out how that's can apply to what you do right and I was talking to a guy who um works in he runs a mid-sized oil company which means like worth 5 billion dollars in a couple tracking dollar industry which I thought was hilarious but yes there are such things like as Texas we have oil and n and they're taking all this technology learning in their figuring out how exactly do they can improve the nature of the business and and finally from the adaptation they're going to grow new capabilities on top of the existing and future technology base rate those old words those things the Annapolis even go away and they live on inside of our organizations and cetera prices in our job is to figure out how to adapt that technology to grow all of what we do forward as an industry yeah because I think the enterprise the future is the 1 that adapts gracefully to new technology right that actually can when something new comes along incorporated into its DNA without having to actually fundamentally rethink everything about who it is and right now I think it's kind of like were stuck in the surf the bear surfer people surfing I I've only served a few times a wife serves a lot and when you fall off of a surfboard and you're in the surf you get tumbled around and it's really nerve-wracking and every time that happens to me in my comic under that and then and then I don't die you know and it's cool and treading water in another wave hits me and I'm want to go Muhammad that and then eventually you sort of come out the other side I think right now most of us are in the surface and maybe a few of us are treading water catching their breath but as organizations were not really swimming yet we ever really reach the stage were gonna compete for advantage which is the thing you have to remember like Robin a transform rain and if we all transform on the same platform it's just about a technology transition well where is our competitive advantage between the other people who also do what you do there's a trick question there you don't have any right so what is the thing that's gonna make you better and 1 thing we know is the change is inevitable they'll be new technology coming tomorrow and so is just if if all we went up with is another word in the soup right if all you do is adopt habitat of all you do is adopt Cuban eddies and you say you digitally transformed yourself well I think we miss the opportunity to really make the transformative difference that we could make and in our industries and companies in our last metal the story last year about a man on a horse and and this this man is on horse writing toward at a crossroads and he sees his friend off in the distance and this friend notices coming in the horses riding at the crossroads and the man or standing on the right at the crossroads shouts up his remedies as they where you going mammal horse goes I I'll ask the loss right and and the horse here is technology right it is it and in right now for most of us were just along for the ride and the enterprise the future is the 1 that figured out how to ride that horse who figures out how 1 of horse gets tired when some technology is work for any more a swap it out for another horse without having to fundamentally teach itself how to ride horses again right per no not yet the IT and do a keynote yeah so but but the horse the horse just be added at gonna speak to this was that this is transformative on cloud computing 1 pretense 0 my god but there's a horse same as by computing and I won the prednisolone 1 Britain's you only got well
then I guess this analogies over because it's an
cloud-computing and God computing knows how to write lost so AWS can leave the building skeleton with is gonna cannot give a talk is need to anymore they're already writing the transformative again whenever that and this got you you can still come out it's cool OK and so I think in order to do this and we need to stop thinking so much about the technology bury talked about this uh with those 2 triangles right where he was talking about a shifting from thing about infrastructure and then maybe outcomes to the other direction and I think about this as focusing on behavior where and if we can let the way that we want to interact in the outcomes we desire drive the design of our enterprises in our technology initiatives and then what we wind up with our capabilities that that that law was to do things like ships software manager infrastructure stay compliant and those things those stay consistent no matter what the technology is that were using under the hood right why is it that we have to reinvent how to do a health check every time we get a new technology platforms why is it we have to reinvent how we stay compliant every time we add a new component to the stack and and what we need is this common language amongst ourselves culturally and technically and so we can think about the pattern of behavior that allows us to build reliable systems that will allow us to build this enterprise the future and and way back in the early days of computing and a very smart man said that's the key in making great and Robles systems is much more to design how it's modules communicate rather than what their internal properties and behavior should be and this man was Alan Kay that he was the inventor of after trying to programming small talk and theories and what he was talking about I think is this much more about the messages that we communicate in our systems that it is about the design of any individual components and then a surprise that wins the 1 the can shift that implementation right where the messages the behavior between us that stays consistent are language doesn't change but are technology can swap in out members of a bunch more about this tomorrow and so Hang on and we think that there's really 3 foundational automation behaviors that you need to have that in order for the system to really be great and there's probably more but uh melanocyte about these 3 because they're the place that I have product who here predict number 1 good infrastructure and I think this was the best understood and and it's were chef lives right Infrastructure-as-a-Service configuration management all these things is the 1 that is what we understand best and I Perry said just because we standard best as a muse important if the infrastructure socks everything sucks and so obviously chef it's here and we build at the most reliable systems are in the most difficult infrastructures over the last 10 years and much of the cloud migration happened at because of an with shaft and I couldn't be prouder of all of that work and the next is security and this is about how we validate that change in in in our environment and how we can continuously adapt and integrate new technologies Walt still certifying that we remain safe and secure in compliance I think that a pianist to talk was amazing at illustrating just how complex this can be and how much we need technology in order to keep that true even as we adapt to new things the and finally application animation this is about how we build deploy and manage our applications and this is the 1 that I think we understand the least as people as an industry and were still really trying to think about what the right abstraction is here and what is the right way to think about how we build and deploy and manage applications in a way that will allow an enterprise to be able to manage its existing estate and also all of stay that it's moving to the cloud and also to the thing that we haven't thought of that in a matter in 2 years long term I think discover the most valuable of the attractions millionaire right it's really I think in 1 lock all of that value in the enterprise that will allow them to really figure out how to get themselves up the space and obviously we believe habitat is the best way to do that and it's by far the best way I think right now to move your existing software not only to the clouds and but also in the containers and hopefully whatever the thing is the comes next will talk a bunch more about habitat all this is leading up to this phrase and I'm sure you're getting tired of hearing by now which is continuous automation and when we build enterprise that has this right behavior that understands how to ride that horse they can evolve and adapt its technology strategy it starts to use innovation to its advantage right it starts to see technology not as disruptive to its business but instead as an accelerant on top of it and that's the goal can we actually build this and this organization the can continuously innovate they continues the automated at what it's doing and so if you want understand chefs strategy and you wonder why we're here and what we're doing we're going in the future this is it and we're here to learn with you about what those patterns of behavior really or what is that common language that we need time up on earth together but in order to really build an organization that is the future of the enterprise that actually transforms itself into something fundamentally different than it was before and it's not about a single technology choice it's about building that 1st enterprise that can really adapt new technology at the same pace may be faster and then the big web can OK I a bunch more time to talk to you guys tomorrow about all this stuff and I promise will be deep in the how I think we can build that future of the enterprise but for now I sort of want to put the philosophy down for a 2nd and instead talk about all the cool things that we have bills for you in the last year so number 1 we heard a bunch about how speed and releasing in shipping every day was a critical component of being uh a good an agile and fast software company and I'm proud to say we released 771 times in the last 10 months and Sasha yeah that's and that's more than twice a day which I think is probably obvious if you can do basic arithmetic but I think it's really great talking points and and that across all of our different product lines i were releasing the unstable channels all the time across chef across automate the supermarket and habitat inspect and I'm really proud of that number of the team's them it happened so let's talk about chef for a 2nd and I think the big things for shaft this year were about stability and they're about quality of life improvements chef 13 has more resources included in the bag it's safer it has fewer rough edges and it's easier to get started with you can see all those improvements in the learned chef material all kinds of great things and the shift decay to which I think really has pointed the way for a lot of folks to think about shipping all of the developer tools to make you productive with your automation software test kitchens had great improvements all kinds of stuff tomorrow you can hear more about this on the main stage from Tommy and there's more shelf talks happening obviously just off and I can relate to you but I hope you check Mt this year was really about coverage was about expanding the coverage of the of everything in your world so can we go out and chest everything can test containers CPIs operating systems applications how can we really get to a place where that continuous compliance is happening not just on Opearting Systems but on everything we need and will be released a couple of really great features were you can use inspect and 2 that your AWS API Servette the sphere right I think it's very exciting direction it really shows you with the future of of inspect really is and we have programs like that sector where were publishing a bunch of security baselines the you can just get going with right now to see if you were meeting best practices there's a lot of inspect talks Christoff will be joining me on stage is 1 of the original authors of inspectors and and is a great talk that Victoria and Harare giving it to 30 so if you wanna know more about what the basics of inspect our and come to that habitat this year was really about making things easier is
about smoothing out that production cliff if you were here last year Eurydice talk about this difficulty curve that ramps up a really high I'm as you get closer to production and with a lot of work into making habitat easy to use and easy to adopt and 1 big piece of work there is what we call scaffolding and so that allows you to have like maybe 6 lines of code that describe the stack that your application is in and what you wanna call it and and from there we can automatically build you habitat package that's ready to run that you can export and run in any environment and there's a build service that we built and launching see a bunch more about that there's nothing I want more than to tell you how cool this is that you have to wait like 5 and minutes each and but is also OK so I'm but also by adding more and more software into habitat and so things like Kafka Casandra and PostgreSQL have packages there already built and ready to go for you and you'll hear more about James and about habitat tomorrow from Jimmy Windsor and he's also doing getting started talk at 1 30 right after this you should check it out and finally are commercial products chef automated I think it was really about 2 things this year so 1 was power and the 2nd was clarity I think 1 of the things we really have learned is that when we bring things out to our customers the focus we need to have is on the jobs that they want to get done that rather than just visualizing all of the data on all the things that are happening inside environment we really need to focus in on is what is that person who is running a systems administrator running infrastructure with the view into that that they need in order to solve the problems there in front of them right the 2nd what's the thing that that CA that that Cesar so needs to understand their compliance strategy and then you see a bunch more about this and in fact rather than talk about it and it was to show you to show you stuff that coding among yeah and no I'm riveting list is demoing so an editor welcome at this stage stuff Falcon and Dominic Richter so thank you off the move over here this is the same as you can administered and judgment so the think about me and and you know I'm over here at staff BP measuring what's
going on said are you I'm an excellent hasn't has my demo on all others so screwed the 1st other I already I come along get it done the time you're talking about 3 things right yes you're
talking about the 3 things of you know and the year 3 things we start with infrastructure structure hammer certain with and and security engine application you got that and so you know like while we're going down using the operator show you 3 that 0 my god amazing pyruvate is prized start on the iron and is the 1st time I've seen it was skill yes so that's while the banter feels
for I drawing set obvious game so very talked about about the importance of outcomes and end of applications and um I realize it would have a clicker patented as right here you suffer has really smart not
to just for you and then I did not see of it would have dropped it with so applications and you know and it used to be that deploying applications which is really what we're all here like that's the these are the outcomes the outcomes about deploying applications and that used to be easy like we used to know all of our servers by name all 3 of them yeah hello Charlie yeah I had I had a workstation I was a company where they were all named after transformers and when he joined the company you got a new workstation his name you were not allowed to change that was just the next transformer analyst mine was repugnance it because I a new as a new hire that didn't feel cool so I think the more complex now right and maybe that's a good thing because only underwater repugnance again and but but it's OK right so things are more complex we have automation and we have things like Shahani on that helped you in that complexity and the can remember the names of the service for you and and and help you manage your fleet whether it's 3 nodes or 30 thousand right and so we're going to start with the infrastructure yeah yeah and we're in seed rates and get a view of the state of the infrastructure we built for a demo through shuffling and that's what they know and what Dominik is initialized respond yeah you are right his arm has
dropped right into shuffle the major now we've got the notes they opened this is all the chef runs that have been running and by the way these all those who have a name yeah we had a so this is but 1 of the was repugnance where strives for the system rejected perhaps a gag I put that in alright so I go over here you know I can't build a for the acceptance environment well the failed service are words I put that up to build servers how we have failed things in a demo had a lot earlier problems with about a ones like this so we can look into
this I can look directly into the server that
this is the 1 with the universe it's then failing full while we can see that on the right hand side with this area right it's not just me this thing over here I liked best and we we talked about having to get a view that works for someone in the job have do right so if your job is fixing infrastructure you really quickly get into seeing like what's going on at the system how long has it been going on you get this sort of glimpse on the right hand side about when the status of the world this one's been failing since we did it and so you know it was the final act and successfully following this long so if I
click into their a lot we can actually drill down and see
what's happening with the system and then Elliott single fixed right totally only alternative or Eliot's sitting behind the screen here
June things so that's why we're talking about is a great guy quality of yes laughter 1 that few of psychology that the team has been working really hard integrating security and compliance capabilities into shaft botany and so with this latest release for the 1st time you get this this view a single place where you can go to understand the state of your infrastructure as well as to understand whether or not you're adhering to your compliance policy policies and so for this next that 1 show a little bit of that and show how our demo infrastructure is doing with respect to security comply that's right so we a completely new compliance you wouldn't show all image and it's similar to the converge you obviously like I get a quick high-level summary of all my notes doing all my else's ball and 1 of and running what else get like historic information I can look into how long this has been going on and as you can see it's been going on ever since we started this environment and I can even drill down into what my most billing systems are still actually don't have to just look through the notes you can identify patterns really really quickly I guess this just happening on Windows is that happening systems that happening to something else like development would just the acceptance of and and this usually useful when you're starting out so you deploy compliance automation across a flea and you're gonna find of a bunch of things that are not what you want them to be absolutely and then you're not sure where you should start and then you can look here were there and and right and and you know where to start I like that idea of being able to look at what's most high risk and where in the B. believes that as an evaluation of 1 in each year so and the other the other thing that's great about this situation the yes so we had a 2nd you remember those Friday mornings when the auditors finally common and they're asking you for all you're doing on let's say PCI chemical industry and then shoveling for all the systems that you're running right showing them I got 40 filled nodes like 60 successful nose nose standing there like I don't care I don't care about your notes the thing everyone knows on the profiles so how are you doing on PCI how you doing all the controls so if been running this across the environment we can see that we have a lot of controls which we've written for this today and only some of them are fairly so this gives us a nice summary as well historic information over here as well as well you can see where mostly running the Linux baseline which is failing everything else is succeeding so that's really nice and we can again drill down into the controls that are failing the moles across or infrastructure the really fast really also do of these failures in the already and feelings yeah no right this next year may demand of failures is that the summary de boxing level postmortem it will be in the Super awkward this due on stage but but that have all here like a judge and be like and tell me again about the timeline gone yeah and and not only that I think that was a good at it but if it's just that it's refunded writing right yeah nodes straight obviously and these these tasks right we inspect where things that you powerful is you can run them on a schedule just like chef-client so that you're getting continuous compliance you're not just you know just testing your infrastructure once around some ad-hoc basis you're going in you know as soon as something changes whether you have a problem the and the other thing you can do is you can put these task because it's compliance is code that's that's inspect for you and you can put it into your workflow and so common with in her talk with the city and it's 2 was was is a great example of this where she talked about how this sort of before state was the development teams not schemes doing work and push it through and then kind of hitting this wall bottleneck with security in might repeating the process a few times before realizing that they need to do something different and this technology allows just that so when you move your compliance test into your workflow and you're going to detect problems earlier and it's less expensive to fix a neuron and able just that kind of collaboration that that can talked about that that powers devset ups and let become continuous it the end and you can do a continuously 9 genius is being used up and 0 that you did not lend all that it's fine discrete as if I so so that we've been talking about infrastructure and we talked about the compliance but again coming back to the Y and the the y is applications and so I'm I'm really use little demo application and when introduced that
and have were using its of it's a Rails application and it's called Daphne and Daphne is an online community as a web site for the people that have type 1 diabetes and helps them and for their health and we're using this out because 1 of our own engineers Simon Fisher wrote this axis thank Simon a theft and OK so Rails application and genetics is the is the front end of string proxy talks super stress database and you know the other thing I guess it's worth mentioning is for a site like this security is really important because people are logging in sharing their personal information and the sharing and health-related things and so it's really critical for us that we keep them secure so and like this opportunity where we can talk about that that our that complies animation doesn't just apply to infrastructure you can use it to assess the security of applications so let's take a look at right so as you can see this
understanding on SSL it yes and that's something that pretty much all of you are confronted with this if you're running with critical information on the deadline has been pushed the people still scared of field as a cell stuff
that's running in their environments so that they cannot we actually have a profile for those ready for it to go today we wrote an inspector the profile especially for all order up and if we go into that you can see that it's actually checking the SSL configuration of this application for a number of things that you should not have enabled by some something like SSL 3 friends and you should really up and running anymore all the cool thing as do have to write everything yourself well we don't so we got you covered if you go back to to the profiles click to the available profiles we have a few and they're 100 pieces what's going on you know if you you get a bit of time on our hands here and from green brownfield so you everything in here and you can then take the profile and run on your notes and running on your apps and if I actually go over here I can see that that is doing all right it's already we just all right or is it like it is passing a filling this facet of here without loss blue by blue checkmarks passage that passes the a so with it through the Committee that happened in acceptance in easy-to-use running object on the
investigated and we've taken with the infrastructure and that seems good seems
gradient right and I like it's not failing and a right not failing is you're working that's important for a system and its immediate secure so I think this is like having can push this notion of the production notes of production right was the production in millirem plus the eye uh um I but uh um I a i n the
momentum must together so we have this
day right you all had this stay where things are going according to plan you think you know what you do for the week and then a new vulnerabilities announced right you learn about whether it was hardly a shell-shocked recently won a crime the and you know that you now have this new new thing you gotta do you you've gotta figure out whether the is that it is better no how you're going to test whether what systems are affected in figure out a plan of prioritizing and fix it to get yourself safe and and protect your customers right and that and the what's possible when you've laid the groundwork with compliance automation and and infrastructure animation is to address the problem really different way in which we get to the 2 can demonstrate that for you but but 1st we should tell you any we we had this was a vulnerability alarm does have 1 of those have everybody does it right we have a new vulnerability
called Camellia outlandish Molly's down at the European player me and before all of you start reading camellias actually find it's a really nice I from the SSL suit but just for the purposes of today we have made a break it's simple know just in this room also if you ever ever somebody else breaks there's no dibs on the low yeah also also everybody in the world will have to learn to pronounce to select which I did was just the onset and the right video the Super Mario right so so we write a control for this yes so we are going
to use fact and what Dominik is do it is is added our profile that we have a profile that is testing a demo application using important editor any this is the most risky part of the demo by now and this type what editors Dominic to use
because so you was stumbling that's the eye uh uh who wants Dominic to use the Emacs blue so this is how much power I have over the chef there's like for Emacs people their go got men like now man you're just wrong and that's why you're my people and not someone else's your mind that's fine that's fine but like other profile and there we haven't spectral forays go also because I know if you're on stage and you typing you typing speed goes by down by Hall and you make a lot more so the analysis
this is the dominant prepared a
kinetic and he's got to control the skip the editor thing and area of the
year and now let's look for the Camellia control this year we have written a control given the national title and and impacts on we check whether you know we're running at all as cell ports and then we're just looking for the site that's running Camellia down here and of any notice running that's laughter we're going to will not who on but we're going to just throw an error we would certainly about inspect here is just
with with so little code how powerful it is right so we just like that line and it's it's checking the whole machine it's then look at
the ports and determine whether ES cells listening and determine is safe is there is a very compact fairly easy to read the powerful from the the right so
let's talk about that up to create the profile
and here we have a bunch of warnings which we're going through the more I know what I'm doing a safety instructions and lead to do that we wrote the software
you need you to be like DATA will clean it up and other stuff you don't go over here about you know about so dominance can
upload this profile we've right we've at added a
new controls the profile that tests are application in infrastructure using and when he does social farming is going to take over and and it's in the applications and infrastructure their subscribing attached to that profile retested and so in just a few minutes we're going to know whether were impacted by Cornelia enters the the knowledge I say jobs that was also yet by me what afraid about this is that idea of continuous compliance so simply by updating the profile of everything that is wrong that needs to be checked gets checked right and and is 1 like just take a minute here with us as a group and thing about cool that it's the enough to do anything is to trigger right there was you need to go targeted thing like it this happen sprinkle is right and if they go to the notes that again the proposal redrawn it's really really fast and the the way that we do these tests running really you quickly and on that you can also see that we haven't feeling if forgot to scan results I can open that SSL profile and up here I mean that's no accident we have million on top you can see that it's failing with a bunch of Cyprus that should not be enabled can you inferior to that the and then we can
notify the application as well and so if you have that so so yeah and failure Elliott you can you can hear as the unification right so let's go over let's see how the team is doing well we actually got a bunch of modifications in there as some of them are for the operating system but we also have a notification and for the failure which we have just been getting which is small buried in all the operating system modifications in but informed me that something is going wrong that should be looking at this control and then hopefully let somebody fix select and we really went from learning about new vulnerability right you want to try the underscore now don't do again just in the opportunity and we would have a new vulnerability we we created in an automated way to test for it and we apply that test variable to assess our infrastructure and do that all in just a few minutes and and that's really the power of continuous and compliance in the news infrastructure but we're not done because now we have to fix it right we did that stand we found out that our demo application is in fact home and so we have a couple of choices so the vulnerability is using this safer that is made available by default in SSL and so 1 thing that we can do is we can change our configuration of engine acts as a friend and as proxy and disable the cypher in that spot there but that's no fun like I have to do it and and genetics Apaches some will jobs that we're running and the work right the problem the problem with that is
is that we have to change more applications we might and we have to worry also that the new applications we might right we have to remember to update the configuration there as well I would be a bummer it where you get so what we could do get demoted not fail so there's no way remember the disabled Camila it's not your fault that school don't laugh none of you would do you there so we can do instead is we can patch Open SSL and sort of fix the problem at the at the source there and and and disable the cypher in that spot and if we do that then then the fixes applied to everything that using that and so that's that's simpler and feels more correct so we like that and so that the the downside of with that we should do that are able to do that and the downside though is is that now we have to identify all of the software that depends on open ourselves and we have to be able to rebuild it and redeploying and verify because when you changes the dependencies of your software you need to you need to do those things that's the core thing you have to rebuild and and you have to to validate that when you've deployed at that you haven't broken has the right to the 1 of to borrowing things break and 7 they and as you can see like right that sometimes there's dependencies are hard and you don't have a complete automation that's that's an even harder problem and then you can be spending a lot of time and effort to do this so what would be really great work well I would love to have yes is a system that they could help us by automatically rebuilding our software for detecting when a dependency like Open SSL has been rebuilt and has a critical update and rebuild all the things that depend on it and then make it really easy to deploy and and we validate the boy who built a system like that you even have some we does that exist in the world only only
gosh I think whichever coughed anybody guess what was that OK so as right so here's the thing we built
a such a system and its habitat and habitats build service is you do exactly that show me yes so is showing us the the Bo just so we have a new life the the new new-built service life I
can go over here to the people always got the Open SSL for those them
all right and so the open cells see the motion of them all and has already been building the latest release under the covers and you go
in here you can actually take that they just built and you can see that it
was actually going through all the steps to build a complete SSL packet of everything included for you and actually after due to assume a lotta was so fast that completed already so candle have undermined everything's about this idea is that a high people here have to maintain build slaves were Jenkins and keeping the software
up to date to build a software super on 1 might everything's about habitat is that when you describe how to build a
software you have to do that anymore you just make a call to this
1 simple thing that will bring the entire building RAM along for the ride and you never have to build another build node in school so you might hit another bill just just finer show that secure had the bill again so I'm going to go back here
and just so we see this in the open
SSL shop on them well I can request you build and so if your 2nd through going to see how the builders started in the back end and that I can actually groups ticket yeah and the so so while a stomach is is demonstrating that part and just a few basics on on this bill service right what is the goal service do it builds your software it takes your application code along with a small configuration file that's the plan for
habitat you submit that the build serviceable service takes that and build your software creates a habitat package with that package in the deep habitats depot but what's neat about this service is that it's it's smart and understands all the dependencies of your software and it keeps track of that so that when it builds a given a given package it knows whether it knows that all the other packages that depend on it and it can schedule then the rebuilding of all of those things that depend on it so that little animation with that looks like right
we rebuild 1 package and we find all of the
things that depend on it we rebuild those those things might have their own dependencies and we rebuild those into everything is rebuilt but in an automated way that you don't have to deal with and this capability is is really powerful because you have this problem for any technology that you use you have this problem if you're doing rails on the or Java and and so here is a way to solve it can be in a consistent way uh with with haven't yet been able to just have that moment where there's that vulnerability and you come into work the next day and rather than learning about the vulnerability and going through this whole process if we can just have
the software built for you and then show you uh when you come that we rebuilt it because there was a
vulnerability and open SSL and we've deployed into acceptance and then inspectors validated that it's now safe and secure wire drinking coffee all you have to do is decide to promote it that's the future of the enterprise that I wanna see right that's the that's the human experience that I want and while the use software stacks of course that we're using is and next step was saying before we could have gone and reconfigured engine acts but actually behind the covers this rebuilt as a
result of openness cell rebuilding we get a completely new engine next package as well which depends on ss element has all the updated configuration already include yeah are and so summing up kind of what does this mean right when you have this kind of service you go from from a world where you get a
notification that the software is is vulnerable there's a new vulnerability and you need to spend your day fixing it chasing down dependencies and and what this Service habitat makes possible is that you get a different kind of notification instead you can get informed that yes there is a critical vulnerabilities softer you depend on but hey we rebuilt it for you we redeployed into an acceptance environment you're ready to go and you can have a better debt super cool and so did we show them that they have got deployed the car secure to the to be fell within the field the body out if you want to yes so that the running time so we use a minute about
there's this into the cultural moment 0 sure whether that she would apply to get entertainers instead of on AWS use was is getting out of look amenities action tells you in the audience tells you committees assume direct cool so let and
we don't at the habitat is is really the fastest way to take your application and and get into the clouds and get into containers and so will show you even read the demos running an C 2 on an interview US Morgan show you is what it
takes to take what we've done and
move it into Google's cloud platform and the the bulk of that effort
happens in fact with just a single command
once you've package here up with habitat it's 1 command to get a
complete Dr. container image that
has all of the dependencies and
everything you need to run and managed application of
and in and you get all the benefits of
being able of the rebuilding of habitats build
servers and the traceability of of that all that single command had package export and it's that easy but I've just been running and here so you can see the expert going on this is actually the outer
package alive to doctor the only thing that
really need to do is run this 1 combat but so is what yeah and so then the next steps
we did give a special tag to the
resulting in and do this little cooking shows style so we've already built imaging that run and will tagging image were in have to upload it solve magical transportation of its yet so yeah we upload it was adopted opera and so that's uploading to 2 private red registering and then the last step is we can we can start things running and this we have tagged image so we see that the image has been built with tag in the 2nd step the last others we're pushing it out obviously this is a bit of cooking shows so the image of already there and now I can actually you control run that image in my Google clouds selected does that this 1 command within a few moments that has that thing running and
deployed so let's open the proxy the pupil crops in and go to 0
over again and it's open it up to our communities I and as you can see here
we have got Daphne online running life that we've just read single began right and you can see from the 11 seconds well aware of the the so what is it take right we we've seen these great advantage is that you get when you have your application package habitats in the build service and what that can do in terms of dependency management and you've seen just how easy it is to take the out and put it into containers remove it into a container runtime system with habitat but is it hard is it hard to take an app especially in existing rail that like the staffing 1 it was written before habitat even existed what is it take what turns out what I'm showing you either 6 lines of configuration that we needed to package habitat so we're putting a lot of effort into making it really easy to get started with and and that's both for for new applications but also for once you've already written yeah 6 lines on blossom the thank
OK so we know we
infrastructure Rashid seen just on with infrastructure and compliance automation and we did so in fact we had a vulnerability and we
fix the vulnerability the and that's the vulnerability let's check CA than the profile to the lower profile of 31 controls camellias null out by the way we also
fix a couple of the other issues we want to make this more impressive but at at nite the extra work nice work thank you who cool so that we we can wrap that that of our of our demo but there's a there's sort of 1 more thing that I want my share well we have a couple more minutes and you know the and so and and talk about the horse and and that that that's what it means for her to be a great enterprise is to be able to guide that that galloping horse of technology and that what you need to do it is to identify the right abstractions and not get you pulled into the implementation details and what what's really exciting for me about what I see in habitat and and the direction we're going is that it gives you some of that abstractions and it's going to allow us to build more on top of that and I can't think of what we do a habitat is our is our space program where we're doing this neat stuff out there and we're bringing back that technology and innovation and applying that to infrastructure in compliance obligations and so as to what they're gonna look like we um we have some stuff
that we're still working on so this is working sharing like this this is legitimate peer parasites
and happy with a lot of effort in the last couple years instead of getting better at UX and better approaches I'm and so 1 of the things we've been doing is trying to show our designs to real users to get feedback and we've been showing people this design and the feedback was really good and I get super excited about it so I was like what showed in the demo and they're like but it's not real and I was like I don't care and so and so here we are in a way out of what a demo that isn't really can have yet the
look at how cool it's gonna be a vector so this is the world we're at Gaborone of
spacewalk but looking at new features and and what's going to be possible is this is bringing an application centric view into shove automate for managing habitat applications and and what that gives you is is to give you the the unit of of management is the application and you can think about it in those terms so if we can scroll to the top we have our Daphne application regarded the development and acceptance and production and this you know this application is our users user Fraser at user-facing applications and we can show it's it's was looking
into development and then you can be like that is the other thing that you want you want to think about how your your application is comprised of services anyone see those services so here we have our real that we have uh both grass and engine action for a pretend we added some Elastic Search and and and get overview in this way the other thing that you're seeing now is the codification of some of these common behaviors right and talked about the fact that the behaviors like what are the things you always wanted to you you always you always want health check you wanna smoke test of course compliance animation you wanna do those things regardless of the technology that your application is written in and regardless of where you're deployment so you're applying like because we live in a hybrid world and so you can have some after dinner on prime there in the cloud the in Tehran times but you still wanna be able to manage them like this and make sure that these things are happening and so that's what this makes possible and if we take a look at our acceptance environment with that everything is passing and happy there so the last thing that will show is when you've packaged with with habitat and the habitat system is able to take care of the complexity in terms of upgrading and deployment and all that coordination and habitat supervisor is doing that work for you and so that means that moving in application and moving changes from 1 environment such as acceptance to production is as simple as a channel promotion in habitats package of running a school at this is due the set that with an API so whatever the thing is you use and to drive your infrastructure you can go ahead and make that call into habitat and it will do that shall promotion in the new people to see the impact of that here so if it's chat opposite the change in the matter
where it is organ show you is the status of what happened yeah so I just said the promote but and as you can see it all move from acceptance of production right or it was so there is the sneak
peek of of what's coming in terms of bringing application centric view indicia automate and what's possible with habitat and you should check out the bill service and for sure habitat and really great stuff thank you thank you so much for the money that oftentimes demo for letting
us sort of handle you just a little bit thanks a lot