Supercharge the web with Web Assembly using Rust

Web Assembly could be the future of web. lets see why it matters and see what are the use-cases for it.

We will look at a small example to showcase what is possible with Web Assembly using Rust and how you can augment your web app with super powers that is not possible with JavaScript alone.

We will also look at why Rust is ideal for Web Assembly compared to other languages.

Web Assembly 101

Lets learn what Web Assembly is and how to get started with WASM using Rust.

We will build a small application to understand how Web Assembly works and demystify various terms and concepts used., like, WASM, WASI, WAT and so on.

Is Rust a great language for building Kubernetes ecosystem?

When it comes to building tools for the Kubernetes ecosystem, your first thought would be Golang, I'm here to explore if Rust is a better alternative, especially for in-cluster tooling that needs to have minimal overhead and for WebAssembly workloads. Rust is also great for building Kubernetes tooling like CLI apps and so on.

I'll be also sharing and showcasing KDash - a Kubernetes CLI dashboard that I built using Rust and we will look at the Kubernetes-Rust ecosystem that is rapidly evolving and why you should consider it

- Rust vs Golang for k8s use cases
- Advantages of Rust over Golang
- Ideal Kubernetes use cases for Rust (WASI, tools, proxies)
- Real-life use case and example (KDash)
- State of the Rust ecosystem for DevOps and K8s

Forget NodeJS! Build native TypeScript applications with Deno

You probably already know that TypeScript is great. But have you tried Deno? Deno is what NodeJS should have been. Its a secure JavaScript/TypeScript runtime built with V8 & Rust. It is aimed to be the better alternative for NodeJS.

In this talk, we will see what Deno is and why it is better than NodeJS for TypeScript native applications. While at it we will build a simple proxy with TS and Deno

Kubernetes security 101

Kubernetes is ubiquitous these days in all kinds of organizations and technology stacks. You may be part of a team deploying applications to Kubernetes. Kubernetes is good from a convenience and scale perspective but also brings additional headaches and security issues. It is not enough to just set up your cluster and deploy to them; you also need to think about securing them. In this session, you will learn security best practices for Kubernetes, especially for securing Java Docker containers running on Kubernetes. We will discuss securing the cluster, Docker containers, Java applications, and more. We will also look at how to use OIDC to secure access to the clusters and about best practices for managing secrets on Kubernetes.

Modern Java for the masses! Is Java still relevant?

Is Java still relevant? Can it keep up with languages like Go and Rust? Is Java a good language for beginners? Should we consider Java for a modern project? These are some of the common questions that I have got from beginners and students, especially from the current generation who consider Java old and uncool. Everybody wants to work on a modern language with fancy features. In this talk, we are going to explore what modern Java offers in terms of language features and where it is headed. We will also explore if Java can actually keep up with other modern languages in terms of features and explore the strengths and weaknesses of Java so that you can decide for yourself if Java is still a strong contender for use in this day and age. I'll be honest with my opinions without bias and call a spade a spade when I see one, especially from the perspective of a polyglot developer.

Securing Spring Boot Microservices with OAuth and OpenID Connect

Ready to level up your microservices security game? Join us and discover how to secure your Spring Boot microservices using the powerful combination of OAuth, OpenID Connect, and popular Identity Providers (IdP) like Keycloak and Auth0.

We will embark on a thrilling journey to master the art of securing Spring Boot microservices. We will dive deep into the world of microservices architecture and uncover the security challenges that lie beneath the surface. In this hands-on lab, you'll unlock the secrets of OAuth and OpenID Connect protocols and create an impenetrable shield for your microservices.

But that's not all - we'll take it up a notch by seamlessly integrating IdPs like Keycloak and Auth0 into your microservices security ecosystem, unleashing a whole new level of features and convenience. You'll learn how to configure Spring Security for your microservices and these IdPs. You will learn how to set up authentication and authorization for your microservices. We will also show you how to configure advanced authentication mechanisms, such as multi-factor authentication, social login, and passkeys.

Prepare to get your hands dirty as we dive into practical implementation using real-world examples. You'll gain the confidence and skills needed to conquer client registration, master token management, and skillfully handle authorization requests. You'll witness the magic unfold as your microservices become a fortress of security, guarded by the formidable combination of OAuth, OpenID Connect, and your IdP.

By the end of this hands-on lab, you'll be equipped with knowledge and hands-on experience to implement robust security measures in your own microservices applications.

A Passwordless Future! Passkeys for Java Developers

Weak passwords remain one of the major causes of breaches and security incidents. The Web Authentication standard provides a robust framework for passwordless authentication using passkeys. Passkeys are the latest revolution in authentication. You may have used it with Google or GitHub. But what exactly is it and how does it work?
Join me on an illustrated journey to learn everything about passkeys.

We will dive into the core concepts of passkeys, their architecture, and their pros and cons. We will see how Passkey leverages public key cryptography and biometrics/hardware authenticators to offer enhanced security and usability while eliminating the vulnerabilities associated with traditional password-based systems.

We will explore how Java developers can leverage WebAuthn Java libraries to implement passkeys in their apps. We will also learn to use passkeys with Spring Security and external Identity providers. There will be demos, showing step-by-step integration of passkeys into Java web applications.

Build and deploy cloud native Java microservices on Kubernetes with Istio service mesh

Istio is one of the most popular services mesh solutions available these days. In this deep dive session, let us see how to build and deploy Java microservices to the cloud using Istio, Kubernetes, JHipster, and Spring Cloud.

Istio moves the responsibility of service discovery, load balancing, circuit breaking, monitoring, etc from the application to the platform(Kubernetes) thus letting the developers focus on the business code. But setting it up could be a daunting task for beginners and pros alike. In this session, we will see how Istio works and will learn about different features of Istio, like load balancing, canary deployments, A/B testing, and so on.

What you will learn:

- What is a service mesh, how does Istio work, and what features does it offer
- How to build Java microservices quickly using JHipster
- How to add Istio support to your JHipster microservices
- Setup Istio on a Kubernetes installation (for example on Google Cloud)
- Setup observability and monitoring for the Kubernetes + Istio cluster
- Deploy microservices to Kubernetes

What the heck is Project Loom and what can a normal Java developer expect from it?

You may have heard the words Project Loom, Fibers, Structured concurrency, and Virtual threads from Java enthusiasts. But what exactly are these, and what is the current state of concurrency in Java? can Java keep up with languages like Go and Rust when it comes to fearless concurrency? Let's be honest, concurrency in java is not among the easiest to master, and thread safety is even more difficult to get right. Can Project loom help to make it easier and less idiot-proof? In this session, I'll do a deep dive into Project loom and explain the different features in the work, look at the current state, and compare it with what we have today with some samples. We will also look into it from the aspect of what a normally Java developer can expect/benefit from it. So come join me for an exciting ride.

Building a Kubernetes monitoring dashboard in Rust. Why not?

Why did I build a Kubernetes Dashboard in Rust? I'll explain the reason behind it and show what KDash does and how it differs from existing tools. I'll also be deep-diving into the challenges I faced and the reason I choose to do it in Rust

Is containerless the future of Kubernetes? Let's see how WebAssembly can make containers obsolete

WebAssembly has brought some great innovations to the Web. But lately, it has been finding its way to Kubernetes and cloud-native due to its efficiency & security. WebAssembly opens up a lot of possibilities in the cloud-native ecosystem and is a great alternative to containers. But if you are not familiar with WebAssembly it may all sound daunting and foreign. I'm here to break it all down and show you why it matters, how it works and what benefits it offers. We will look at how to get started with WebAssembly on Kubernetes using Krustlet, WasmEdge, and so on. We will look at implementations, use cases, and some examples. Get ready for an exciting ride.

Flexible Relationship-Based Authorization in Kubernetes with OpenFGA

RBAC and ABAC are the past! ReBAC (Relationship-Based Access Control) is the future!

In this talk, we'll see how to implement ReBAC on Kubernetes. We'll use OpenFGA, a CNCF Sandbox project, for this. OpenFGA is an open-source solution for fine-grained authorization. it promises security, reliability, and low latency at scale. Learn everything you need to get started with OpenFGA. We will see the step-by-step setup and configuration of OpenFGA on a Kubernetes cluster with a demo application and see it in action. We will also see how to use OpenFGA with Oauth2.

OpenFGA is the latest in Authorization, It is the open source version of Okta FGA backed by Okta. It is inspired by Google Zanzibar and is now a CNCF sandbox project.

An illustrated journey to demystify OAuth and OIDC

In this talk, we will embark on an illustrated journey to demystify OAuth 2.0 and OpenID Connect (OIDC). We will start by exploring the fundamental concepts of these two protocols, their roles in modern authentication and authorization, and the problems they solve in the realm of identity and access management.

We will then delve into the flow of OAuth and OIDC, using easy-to-understand animations and real-world examples. This will include a detailed walkthrough of the various OAuth flows, grant types, tokens, and how they interact in different scenarios.

The talk aims to provide a clear understanding of OAuth 2.0 and OIDC, enabling developers to confidently implement secure authentication and authorization in their applications. Whether you're a beginner or experienced developer, this talk will provide valuable insights into the world of OAuth and OIDC.