ABSTRACT. As IT and computing is critical to almost all aspect of daily life, IT engineers play a vital role in ensuring responsible use. Responsible.computing() is a framework that defines the overall aspects of the responsibility and helps individuals learn how best to be the professionals we need.

ABSTRACT. We built a highly available large scale applications based on a Hybrid Cloud Architecture, IBM Cloud classic infrastructure, IBM kubernetes Service (IKS), IBM Direct Link Dedicated Hosting to host our hardware, and various other cloud services. The application fulfills an availability service level of 99.9.

In this presentation we will give you an overview on the technology and designs we used, especially the requirements we had for Hybrid Cloud and how we set it up. We will esp. discuss our decision how to failover and route traffic between datacenters, and how to monitor and manage the infrastructure.

We will also show how we achieve that high level of availability. Topics will be for example:

- Load balancing across datacenters, and into the co-locations - dynamic network routing between Cloud and co-location - postgres database failover - monitoring capabilities needed for high availability - hybric cloud infrastructure management using Ansible Tower

In this presentation you will see that achieving high availability is not easy, but is possible, and what patterns can be used in a Hybrid Cloud environment.

ABSTRACT. The environments IT and Network Operations teams oversee today are larger and more complex, requiring the continuous performance of your network across corporate, cloud and home-based resources. However, depending solely on outdated, static thresholds to measure and detect violations in this world, where teams have limited insight to what is normal and what is not, can lead to significant gaps in network performance that can impact your business.

In this session, learn how to automatically detect anomalies in your network performance data using machine learning to quickly identify deviations from normal behavior that otherwise may not have violated static thresholds.

ABSTRACT. Designing secure and reliable cloud-native environments requires to consider a multitude of solutioning perspectives. In this session we will walk you through the most prevalent requirement areas that need to be addressed in order to bring security-sensitive workloads into a public cloud environment: * Confidential Compute * Security Observability * Secure Network Design * DevSecOps * Compliance Posture Management The session will be a mix of theoretical consulting and practical live demonstrations.

ABSTRACT. This feature was debuted as Technical Preview in Db2 V11.5.4.0 where introduction of Pacemaker as the new "cluster manager of choice" was announced. It was followed five months later in Db2 V11.5.5.0 with production level support of 2-node HADR configuration on Linux. Integrated bundling and installation of Pacemaker anchored the V11.5.6.0 release around mid 2021 to enhance up & running experience, along with other valued features added. Another minor update is planned to expand the support matrix while the next major stop serves as the climax of the entire journey where it intends to cover other popular type of HA configurations while adding other improvements. Details on 2-node Active/Passive with file system failover, mount point monitoring, quorum enhancements as well as alternate configurations on cloud deployment will be covered in the session. Finally, a sneak peek at our road to the final chapter will be included.

ABSTRACT. One of the main reasons why major workloads have not yet moved to the cloud is the data that they process. The financial penalties for disclosure of data that violates privacy are significant – but that’s nothing compared to the reputational risk of losing the credit card details of your customer base. In early 2021, Richard worked with the Chief Information Security Architect of a major North American Bank to define a set of Data Protection Control Objectives that, if implemented, might finally persuade their CIO that their data would be safe on the Cloud. Richard will share the story and the DPCOs they created.

ABSTRACT. This session will reflect on the recent trends in the area of reliability: - Site Reliability Engineering (SRE) practices are starting to get widely accepted and adopted in the enterprise; formal training and certification became available; conferences recognize the specific needs for modern Operations. - Platforms (such as Kubernetes and OpenShift) increasingly adopt reliability aspects and evolve further through concepts like GitOps and Service Meshes. - the focus shifts towards Services and Applications by formulating their reliability needs (SLO) based on business demand, architecting for reliability and build for observability and manageability. Sprint planning balances between functional and non-functional requirements. - new methods and disciplines arise: Chaos Engineering, Learning from Incidents, Safety-II - ITSM tooling and technology respond to these trends: Observability (evolving from basic monitoring to metric collection and logging to tracing), Automation, ChatOps, Chaos Engineering, measuring and controlling Error Budget, calculating change risk. AI and ML is being applied to operations (AIOps, ModelOps). In closing, we attempt an outlook how the operations world may look like in 3 years.

ABSTRACT. Container platforms become more and more popular but its operational model changes the way to develop, deploy and operate applications. But Security is still a key requirements even on this platform. During the session, we will visit what are the best practices to secure a cloud container platform, based on IBM Cloud Paks and Openshift. The advices and best practices are based on lessons learned from real client projects. By following these best practices, your container platform will become more secure.

ABSTRACT. The term mainframe makes many engineers think of legacy, or even obsolete, IT systems. Yet, most don’t realize that the mainframe, now known as IBM Z or LinuxONE, has continually evolved since its inception in the 1950s to be the most resilient platform used by enterprises worldwide for their business-critical workloads on Linux and/or containers in a hybrid cloud environment. Indeed, IBM Z and LinuxONE research routinely implement advanced technology innovation years ahead of other offerings, making it the longstanding leader in the IT computing industry. LinuxONE is the ideal platform for Linux and cloud deployments given its high performance, resilience to workload peaks, seamless scalability, security, and 99.999% availability for business demands 24x7. In this one-hour session you will learn some key technical and financial essentials of IBM Z and LinuxONE and come away with a new perspective for your Linux workloads in the cloud. Not only will this session arm you with significant platform insights. It will also show you how to compare and estimate costs for your current workloads in a LinuxONE environment using a total cost of ownership model. Learn how even a small number of workloads can impact your IT budget and compare your costs with examples from actual client environments.

ABSTRACT. Learning Objectives:

This presentation will put forward a different view of how to performance test a solution either early in the development life cycle or where physical resources are constrained. The new way of thinking will cover how solutions perform at low load recognising the concept that if an application performs badly at low traffic levels it will perform badly at high traffic levels. We will also cover a method for communicating relative performance to all interested parties, technical and non-technical.

Outcomes:

Attendees would be expected to take away a new view point on performance testing solutions, to be able to see that it is possible in situations that they may have previously discounted as not being possible. They should also have a new view point on how results can be presented over time while still getting the required message across.

The presentation will be delivered as a lecture including an element of story telling to illustrate a real life example of how the approach can be implemented.

ABSTRACT. n this session we will explain how GitOps is a practical implementation of a broad set of principles that define how you need to think about building and operating your applications. In this we will show how practices like Canary Testing, Dark Launches, A/B Testing and Red/Green rollouts are all variations on the same common theme. Some of the principles we’ll describe are: How you never really understand your users, how Physics always wins in the end, How the Internet is unpredictable, and how you never know as much about what your application is doing as you think you know. In order to achieve the right balance, the center of gravity centers is extreme automation, where you codify non-functional and functional requirements to create composable platforms.

ABSTRACT. The current pandemic has accelerated the digital transformation across all industries and influenced them to embrace Hybrid Cloud at a faster pace. The resulting massive traffic volumes in addition to the cloud scale and continuous availability requirements put more focus on performance engineering. In this session we will be discussing many new trends and innovative technologies in Cloud Infrastructure (IaaS), Cloud Platform Fabric (PaaS), Data Security and Confidential Computing that can help improve Performance and scale of enterprise applications deployed on Hybrid Cloud. This session also highlights the trends in Observability and AI centric performance diagnostic tools and processes

Key technologies/focus areas discussed in this session: • Specialized Hardware including accelerators, offloaders, SmartNICs, ASICs etc., • Service Meshes • Autonomic tuning of systems and frameworks • New scheduler algorithms and designs • Software Defined Networking (SDN), Storage Defined Storage (SDS)

What attendees learn from this session? • How are the modern hardware systems designed for cloud? • How AI and ML technologies can be exploited for building resilient cloud systems? • How to reduce the overhead of essential security mechanisms • What are the latest trends in performance monitoring and diagnostic practices?

ABSTRACT. Organizations are focusing more and more on in-house software development. As this practice is becoming more and more prevalent, new techniques are necessary to improve agile practices. Chaos engineering has stepped into the DevOps arena to help actively test and break software. This aids engineering groups in finding bugs and issues quickly, which is similar to what penetration tests do for testing the security of systems. This presentation will discuss the similar principles of penetration testing and chaos engineering, and what that means for the future of other fields as well. Actively breaking and finding weaknesses in software development, infrastructure, and networking improves business continuity and incident response planning. Come learn about Chaos Engineering, Penetration Testing, and breaking "all the things" to build resiliency in technology. Participants will learn about how Chaos Engineering practices are similar to traditional Penetration Testing methods, but from a DevOps perspective. Participants will takeaway information to start their own Chaos Engineering program at their organizations. Participants will also determine how Chaos Engineering could benefit an organization that is heavily focused on software development.

ABSTRACT. Panel will be moderated by Grant Miller and will be covering various hot security topics. Grant will have with him Sridhar Muppidi, Srini Tummalapenta, Charles Palmers and others.

ABSTRACT. First, Agile is about removing road blockers and security is full of them. This paper is about how changing a mindset and applying some Agile concepts may bring a whole set of benefits to the Cyber security and compliance organization. To make it better and easier to understand I will break this down in principles: - Security by Design - Ensure Cyber security considerations are part of each testing cycle - A good DRP ensures the Cybersecurity levels are maintained during a Disaster - Adding security as the core of a solution makes it easier and cheaper - Agile is not less secure

ABSTRACT. Financial SRE: Observability with usage-based cost reduction In this presentation we will present the concept of Financial SRE, where we apply Observability with an analysis of application usage to suggest actions to reduce the cost of infrastructure in applications. We will tell you about our case in piloting the SRE implementation in CIO WW and the expansion to other tools, which made we want to go further than adding the benefits already achieved with the SRE with financial reduction, an always very important topic in every project. The benefits of implementing SRE for not only Observability, but also usage-based cost reduction

ABSTRACT. To improve the production recovery from incidents more quickly, and hence improving production availability, a number of improvements must be made along four key dimensions; tools, data, culture, and processes. These dimensions are key ingredients to a successful AIOps journey. To help customers get on the AIOps journey successfully, the definition of their AIOps baseline followed by iterative improvements along these four dimensions will gradually decrease the mean time to detect, identify, diagnose, and repair production issues. This talk is focused on the process to simplify the AIOps journey for those customers.

ABSTRACT. Title: Secure Engineering, an Auditor's Perspective Author: Ron Craig, Secure Engineering Program Manager, IBM Security Bio: •25+ years in development •Interests: training developers and leaders on secure development, reading, woodworking, spending time with family Abstract: What are the SE Practices that are most often checked by auditors during a Secure Engineering Audit? How can you ensure that your audit experience is a successful one? This will be a session covering Secure Engineering Practices most often looked for by auditors. Upon completing the session, attendees will be able to list and explain the basic practices required to be successful in a Secure Engineering Audit. The session will be a learning module delivered as a lecture, and will include opportunities for the attendees to contribute to the discussion.

ABSTRACT. Microservices have become the dominant architecture standard for modern software development teams, with SREs ultimately responsible for their productivity. However, as more services are added, managing them becomes increasingly complex. Even more problematic; Engineering teams today depend on “tribal knowledge” and multiple spreadsheets to track and optimize hundreds of microservices, leading to surprise outages, security vulnerabilities, and loss of time and money. But there is a better way. In this presentation, Nikhil will discuss proven strategies and best practices to take control and bring order to your service infrastructure while fostering a culture of reliability and ownership.

Key Discussion Points Conforming to best practices for maintaining service quality Eliminating tribal knowledge and fostering a culture of ownership Streamlining and standardizing your services architecture Implementing a central catalog to organize and track your microservices

ABSTRACT. In current trend of moving traditional application to cloud, companies are focused on componentizing existing monolithic application to microservices. However, performance is overlooked & often application is underperformed due to poor architecture/design. For example, Design Pattern is used to create monolithic application by grouping and reusing the same functionalities. Developers often break down the application to microservices following Design Pattern grouping, however communications between applications are ignored and cause heavy traffic jam.  Not only the application code design, backend database design schema was originally created with BCNF using table join on SQL, moving database schema from SQL to NoSQL causes severe performance degradation due to lack of understanding of NoSQL database.  After carefully designing application & database, there maybe some issue that were not caught during the design phase.  Microservices are often written in various languages & containers recycle often. Setting up the debugging tool for each language in container environment is tedious & time consuming.  This presentation focuses on best practices to be followed to successfully design the application and debugging when the performance issue arises.

ABSTRACT. Security teams are increasingly finding it challenging to keep up with the changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as containers, kubernetes, software-defined infrastructure, and cloud technologies. As traditional infrastructure evolves to a mix of bare metal, virtual, cloud, and container environments, how do you approach security, governance, compliance and reduce risk amid this growing complexity?

Traditional perimeter-based network security does not work in this new world of containers and hybrid cloud. Security teams must rethink their approach to security in this new world with automation and DevSecOps, where security is built-in, continuously addressed, and continuously monitored across the entire application lifecycle, infrastructure lifecycle, and supply chain.

In this keynote, we'll discuss some prescriptive steps you can take to tackle security successfully in this new environment and how Red Hat can help.