Speaker

Kristina Devochko

Kristina Devochko

Spreading love for secure and sustainable cloud tech - and cats!😻 Open Sourceress. Potterhead. With coding and animal welfare at heart.

Oslo, Norway

I'm Kris, I live in Norway, love coding and spreading love for cats in presentations😼 Currently I am working as a Software Architect and driving several exciting tech projects that support digitalization journey in public and private sector, minimizing bureaucracy and making citizens' life easier.

As a person I love learning new things and sharing my journey and experiences with others. My biggest passion is tech and my goal is to inspire other developers to code with sustainability and security in mind by spreading my knowledge and experience. My goal is also to be a female coder role model that can inspire and motivate all the beautiful girls and ladies out there to join the world of tech! 💖

I also strongly believe that contributing to making this world a better place by volunteering is something all of us should consider doing, therefore being a volunteer is a big part of my life. Other than that, I'm a cat mom, a Potterhead, a Witcher fan and a bookworm. I love books, photography, puzzles, board games, hiking, cats and unicorns. I am also an active supporter of sustainability, including sustainable software engineering, and animal welfare.

Awards

Area of Expertise

  • Information & Communications Technology
  • Environment and Cleantech

Topics

  • .NET
  • C#.Net
  • .NET (Core) development
  • Azure
  • Microsoft Azure
  • Azure DevOps
  • Azure Security
  • Azure Kubernetes Services (AKS)
  • Cloud Security
  • Application Security
  • DevSecOps and GitOps in practice
  • DevSecOps
  • Modern Software Development
  • DevOpsCulture
  • Software Deveopment
  • Cloud & DevOps
  • DevOps
  • Cloud Security Architecture
  • Software Development
  • Web Development
  • DevOps & Automation
  • Software Architecture
  • Microservice Architecture
  • Cloud Architecture
  • Azure Architecture
  • Kubernetes
  • Kubernetes Security
  • Containerization
  • Container Security
  • Azure Container Registry (ACR)
  • Azure Container Instance (ACI)
  • Windows containers
  • Azure container Apps
  • Container and Kubernetes security
  • Docker
  • GitHub
  • GitHub Actions

AKS Survival Pack: what to consider before going all-in with Azure Kubernetes Service

Kubernetes has been a hot and popular technology for a while - everyone wants it, everyone needs it, everyone loves it. Now that cloud providers like Microsoft are offering a managed Kubernetes service it sounds like setting up a new cluster and start deploying applications to it should be Easy Peasy Lemon Squeezy...just a few "Next-Next-Next" clicks in the portal, right? Right?!🙃

Well, reality is more brutal than that. Yes, it's true that Microsoft offers Azure Kubernetes Service as a partially managed offering, but it doesn't mean that Microsoft takes responsibility for everything. Long before you start running your applications on AKS, especially in production, it's extremely important for you to be aware of what you will be responsible for in terms of operating, securing and maintaining AKS clusters - and how these changes will affect the rest of your organization. Especially your dearest developers.

That's when this AKS Survival Pack comes to the rescue! In this session I will share experiences from my own journey of migrating from VM-hosted applications to AKS and containers, what learnings I have taken out of it and what you should consider and plan for BEFORE you start your Azure Kubernetes Service journey.

During this session I'll touch upon considerations related to:
- Culture, mindset and readiness of your organization;
- Readiness and maturity of your application(s);
- Day 2 Operations;
- Security and configuration of AKS clusters;
- Cluster upgrade strategy;
- Developer experience;

During the session I will also show a few examples (based on real-life events), of how changes of minor significance (like missing request and resource limits in a deployment template) can have disastrous consequences in production - and how the probability of such issues happening can be minimized with proper policies, planning...and a sprinkle of automation!😼

Deploying microservices to AKS with Azure DevOps

There are a lot of different ways you can set up Continuous Deployment to AKS - many of these ways may mean introducing a new tool. Introducing a new tool will require competence development, increased maintenance, auditing and operating needs - not to mention that it will be a new external tool to add to your supply chain.

But what if you could utilize additional capabilities of the tool that you already have? That's where Azure DevOps Environments and multi-staged Azure Pipelines come into picture! If you're actively using Azure DevOps and have all of your source code stored there, it can be easier and more lightweight for you to utilize Azure DevOps Environments as a deployment tool.
In this session I will talk about what Azure DevOps Environments are and what can be the benefits of using it. I will also share recommendations on how to group Kubernetes resources in ADO Environments based on my experience.

I will also demonstrate a whole flow from checking in your microservice to setting up an Azure DevOps Environment that will target an AKS cluster that the microservice will be deployed to, and a deployment stage in the build pipeline that will execute the deployment itself based on the newly created ADO Environment.
We'll also take a look at additional policies and checks you can set up for an ADO Environment in order to implement even more granular control over your deployment to critical environments like production environment.

Finally, we'll take a look at how much information you can retrieve directly from Azure DevOps once the application is deployed in AKS, both when it's running successfully and when something goes wrong and starts failing - without the need to interact with AKS cluster directly or learn kubectl :)

Standardizing microservice-to-AKS workflow with dotnet custom templates and Azure DevOps

If a developer needs to create a microservice in a modern, cloud native world there are quite a few areas that he/she may be expected to understand and have good skills in:
- Remember about and comply with tens or even hundreds of coding guidelines;
- Know how to create build and deployment pipelines;
- Know how to implement automated security and quality checks;
- Know how to containerize application and configure it's application container;
- Know how to create a deployment configuration to securely and sustainably deploy the microservice to Kubernetes;
- Know how to create an actual deployment workflow to get that microservice up and running in Kubernetes;

...and the list may go on....All in all, as a developer, you may suddenly need to gain a lot of new knowledge and competence, from software development to DevOps or even DevSecOps, in order to deliver a new microservice.

So, how can we help reduce cognitive load on developers so that they can purely focus on bringing value to the application? At the same time, how can we ensure that development and deployment of microservices is done in the same, standardized way by different developers - and established policies, coding and security guidelines are being followed?

In this session I would like to show how dotnet custom templates can help you with that. We'll take a look at what dotnet custom templates are, how you can create a dotnet custom template collection, what you can include in this kind of templates and how developers can use it to their advantage.

By making it more practical I'll put myself in the shoes of a developer that needs to create a new .NET microservice and deploy it to AKS. I will use dotnet custom templates, Azure DevOps Environments and multi-staged Azure Pipelines for this purpose. The whole flow will be demonstrated: from the point we install a dotnet custom template until the microservice is up and running in AKS. During the demo we'll also take a look at how microservice blueprints that were created with dotnet custom templates can be extended to include automatic security and quality controls to ensure that new code or configuration doesn't introduce breaking changes or security vulnerabilities.

Azure User Group Sweden User group

September 2022

Azure Back to School 2022

September 2022

Kristina Devochko

Spreading love for secure and sustainable cloud tech - and cats!😻 Open Sourceress. Potterhead. With coding and animal welfare at heart.

Oslo, Norway