Marcel de Vries

Global MD & CTO Xebia Microsoft Services

Zutphen, The Netherlands

Marcel is the co-founder and Global MD & CTO Xebia Microsoft Services. Xebia Microsoft Services started as an individual company under the Xebia group in 2014 and provides high-end consulting services to companies on Microsoft Azure, DevOps, Cloud Native Software Development, and Managed Services.

Marcel spends most of his time working with organizations to deliver software to production multiple times a day in a secure and compliant way! He helps organizations and leadership teams move to become high-speed, innovative, and productive while still being secure and compliant.

Marcel loves to learn new technologies and use this to advance his customers. He shares his learnings at conferences and training. Marcel has the conviction the CEO title in technology companies should have a second meaning: Coding Executive Officer. This is driven by his strong belief that great leaders in tech need to be technical! Only by staying on top of technology, you can lead the way going forward.

Marcel is a frequently asked public speaker at well-known industry events like Microsoft //Build, Microsoft Ignite, Azure Lowlands, Visual Studio Live!, Techorama, and KCDC, to name a few.

Marcel is part of the Techorama board and helps organize this event in Europe. In his spare time, he also builds online courses for Pluralsight. You can find his courses here: https://app.pluralsight.com/profile/author/marcel-devries

Marcel has been awarded by Microsoft the Microsoft MVP award for more than 17 consecutive years and has been a Microsoft Regional Director since 2008. You can always contact him to talk about subjects like Cloud Adoption Strategies, Business Development, DevOps, Cloud Computing, Microservices, Containers, IaaS, PaaS, and SaaS.

Awards

Area of Expertise

Information & Communications Technology

Topics

Azure
Software Architecture
Solution Architecture
Appium
DevOps
Azure DevOps
Soft Skills
Keynotes
IT Career Motivation
Kubernetes
Containerization
GitHub
Cloud Native
Cloud & DevOps

Integrating AI into your existing applications using semantic kernel & C#

Semantic Kernel is an open-source SDK by Microsoft that helps you build AI-infused applications and agents. It enables developers to seamlessly integrate existing code with AI models from OpenAI, Azure OpenAI, and Hugging Face.

In this session, we explore how Semantic Kernel can help you in AI orchestration and give you the capabilities to create copilot-like experiences in your application.
We will go through some of the fundamental concepts needed to understand how to use Semantic Kernel and where it helps you with the automation of complex tasks by combining AI-generated responses with diverse programming languages. With Semantic Kernel, you can even allow an LLM to create a complex plan that can be executed locally, going far beyond what you might think LLMs can do.

The talk also highlights Semantic Kernel's extensibility, allowing the integration of memories, AI models, and plugins, making it a key player in the landscape of AI development.

Cloud aspirations: building cloud-native applications with .NET Aspire

In this workshop we will look at how you can build scalable, robust and observable cloud-native solutions built with .NET 8 and 9 using .NET Aspire. Microsoft has introduced .NET Aspire as an opinionated cloud-ready stack to create distributed application. It addresses cloud-native concerns such as observability, discoverability and composition.
We will start by examining typical distributed applications and their common architecture styles in the cloud, leveraging PaaS services from cloud providers with their resilience and scalability characteristics.
After this overview we will introduce the common concerns for distributed applications, such as observability, service discovery and configuration, and how .NET Aspire can help. You will see how you can build your applications with .NET Aspire, by making proper use of the orchestration, components and tooling it offers. We are also covering the .NET Aspire service discovery and connection management, discover the programming model and the developer workflow.
In the hands-on labs you will experience and practice this yourself. You will enhance an existing application by composing it using the .NET Aspire primitives of projects, containers and cloud resources. With guided exercises you can explore how your application changes with .NET Aspire, the way of working as a developer and DevOps engineer.
Finally, we are going to dive into the inner workings of .NET Aspire and see what happens under the covers during development and in production.
Whether you are maintaining an existing application on premise or are building brand new applications, this workshop will help you understand what .NET aspire can bring to you and how you can apply it in your application context.

Building cloud-native microservices with Dapr

Modern distributed applications require much more than just application logic. Features such as state management for services, communication using publish/subscribe messaging and event-driven binding to cloud resources might be needed. Dapr introduces a runtime to offer such building blocks, and is less invasive in your application, allowing you to pick and choose what you need. In this workshop, we will look at the approach that the Dapr runtime takes with a sidecar architecture, separating application logic from the Dapr runtime components. You learn to develop distributed applications in .NET using Dapr's features and, how to bind to messaging infrastructure and cloud resources.

Simplify Microservices development with Dapr

Dapr is a vendor and language-neutral Distributed Application Runtime build in open source, supported by the CNCF, that you can use to build Microservices solutions. In this session, I will show you what Dapr is, How it works, and how you can use it to build your microservices that are completely agnostic of vendor implementations for state management, pub/sub communication, secret management, observability, and secure and resilient communications.

Workshop: Build the Distributed Apps of the Future Using Dapr

Building distributed application is hard… As developers, we want to focus on delivering business value with new features but there are so much things to also take care of on the side, especially in a distributed environment. Things as pub/sub, state management, bindings & triggers, service discovery, distributed tracing etc. Dapr tries to solve this problem by providing all of this to you so you can mix and match what pieces you want to use and also pick between many implementations of for example state management like cosmosDB, redis or dynamoDB.

In this workshop, you'll get hands on experience in building your own microservice based application using Dapr. You'll learn the following features of Dapr:

State management
Service discovery
Pub/sub
Distributed Tracing

We'll be building the application using ASP.NET Core, C#, Docker & Kubernetes. Basic knowledge of C#, Docker & Kubernetes is advised to get the most out of this workshop.

Legacy Lift-off: Bringing your legacy .NET application into the modern cloud and AI age

In today's fast-paced digital landscape, legacy software can be a bottleneck to innovation and growth. Yet, a green field rebuild is hardly ever your best way to success. There is so much value in your existing system that can be salvaged and modernized.

Join us for a hands-on exploration as we delve into modernizing a legacy .NET Framework 4.8 / WinForms application for the cloud and AI age. Through a series of interactive modules, participants will learn essential skills such as deciphering legacy code using AI, transitioning to modern technology stacks, and implementing best practices for refactoring, performance, security, and quality assurance. To finish it off, we will infuse the application with some AI to make it smart and ready for the new era.

By the end of the workshop, we will have transitioned from a legacy .NET / WinForms application to a cloud-ready, AI infused web application with Blazor.

Hands-On Lab: Code to Cloud with GitHub

Join us for a full-day hands-on workshop exploring the exciting world of GitHub and Azure.

This day will cover DevOps Engineering, Site Reliability Engineering, and Platform Engineering. During this day, we will mix a lot of hands-on with the practical, theoretical background and real-life anecdotes we encounter as consultants every day when empowering DevOps teams.

In Module 1, participants will learn how to ensure a fast first-time commit by introducing themselves through a markdown file in their own GitHub repo. They will also experience the automation process that generates prerequisites for each attendee, including a GitHub Pages website, Azure resource group, web apps, an app service plan, and a repository with issues.

Module 2 focuses on getting up to speed with legacy code using CodeSpaces and Co-Pilot. Participants will familiarize themselves with a provided microservices e-commerce website and set up their IDEs to make changes to the code.

In Module 3, we dive into fearless refactoring, discussing the benefits of breaking up applications into a microservices architecture. Participants will build two features with the help of Co-Pilot and run the application locally in their CodeSpaces.

Module 4 delves into securing legacy code, covering secure development practices and introducing GitHub Advanced Security (GHAS). Participants will learn how to visualize, stop leaks, and fix vulnerabilities using branch protection, secret protection, CodeQL, and automated workflows.

In Module 5, we take the application to the cloud and beyond. Participants will deploy the application to an Azure resource group, incorporating OpenID Connect, secrets in GitHub Actions and creating a continuous deployment workflow. We will also explore observability, load testing, and deployment strategies for zero-downtime deployments.

Join us for this immersive workshop to enhance your coding skills and learn how to integrate GitHub and Azure for efficient code-to-cloud workflows seamlessly.

Deploying ASP.NET Core applications to Kubernetes in the real world

You build an ASP.NET core application, and it works great on your machine. Now you want to deploy this to a kubernetes cluster; now what? In this session, I will show you how you can take an existing application that uses ASP.NET core, multiple other Rest services, and a SQL server and move that to a kubernetes cluster. I will not only cover the basics but also how you can improve your application to be more observable, support zero downtime deployments, and secure it using SSL, and I will share tips on how to harden your cluster so you can actually run it in production.

Github Actions in Action

So, you know the basics of GitHub actions, but how do I organize the Action Workflows so they are maintainable, use as few minutes as possible, save cost, and match the GitFlow branching strategy? This session will answer all these questions by showing a full end-to-end solution with multiple microservices in a mono repo while deploying individual services to a kubernetes cluster. We will go through cost and performance optimizations and ways to separate Continuous Integration from Deployments and Deployments from releases. This way, you will be able to release any moment of the day without interrupting your users.

Building, Running & Continuously Deploying Microservices with Docker Containers on Azure

You are a (lead-)developer or architect who wants to design and implement a modern Microsoft based microservices architecture using Microsoft technologies.
You want to transition from a monolithic architecture to an architecture that consists out of small and independent services that you can scale independently on your different develop, test and production environments.

In this one day Workshop we will guide you through the concepts behind Micro Services, Containers and Containerized delivery to help you build and manage MSA based systems.

We will show how to build services and deploy them to different hosting environments like Azure ACS (with either Kubernetes, DC/OS or Swarm), Service fabric or on your own on premises container environment.
Topics that will be covered:
- Microservice architectures on a Microsoft Stack
- Containers & Docker on Windows
- Continuous delivery with VSTS of containerized applications
- Setting up ACS clusters with Kubernetes, DC/OS or Swarm
- Deploying to different environments including clusters
- Adding Telemetry to your system to find issues in the constellation of services
- Zero downtime deployments of new versions of your application, including the database!

Hands-On Lab: Secure and Compliant Cloud Delivery Embracing DevOps

In this Hands-on Lab we will teach you how to use all the great features GitHub has to offer. We will start with an overview of how to come from Idea to Code by using GitHub Discussions, Issues, Pages and Wiki. Next, we will move the ideas to code and start using the Git features. From here, we dive into the use of Branch Protection Rules, Code Owners, Actions for CI, CD, and Deployments to the Azure Cloud. We will also have a look at how GitHub can help you in your Secure Development Lifecycle with Credential scanning, Package Vulnerability Scanning, and Code Scanning to expose programming mistakes that might lead to vulnerabilities in the future. After this hands-on workshop, you know what GitHub offers you and your organization to easily implement Secure and Compliant DevOps.

Hands-on workshop GitHub Code to Cloud

In this Hands-on workshop we will teach you how to use all the great features GitHub has to offer. We will start with an overview how to come from Idea to Code by using GitHub Discussions, Issues, Pages and Wiki. Next we will move the idea's to code and start using the Git features. From here we dive in to the use of Branch Protection Rules, Code Owners, Actions for CI, CD and Deployments to the Azure Cloud. We will also have a look at how GitHub can help you in your Secure Development Lifecycle with Credential scanning, Package Vulnerability Scanning and Code Scanning to expose programming mistakes that might lead to vulnerabilities in the future. After this Hands-on workshop, you know what GitHub has to offer to you and your organization to implement Secure and Compliant DevOps with ease.

Microservices made easy with DAPR

In this session you’ll learn why you want to use the Dapr to simplify the development of a microservices application. I will discuss common challenges when building microservices and how Dapr can simplify many of these challenges by providing building blocks that implement industry best practices to the problems without any hassle and how dapr makes this all possible.
After this session, you’ll have the knowledge to decide if you want to use dapr to build your next microservices application, and how dapr works. You can then use this to incorporate dapr into an existing microservices application, or to use it for a brand new solution.

Workshop: Dapr for Building Distributed .NET Applications

Azure And GitHub the big picture

Continuous delivery is essential for modern businesses and projects. In this Session, you will get an overview of how to use the GitHub tool suite to implement continuous delivery and DevOps for your projects or organization.

First, we start with the exploration of GitHub Repositories and how to set up your your repository to deliver compliant software. We create new repositories, push to the GitHub cloud-based
service, set up branch policies, and use GitHub pull requests to ensure a "four eyes" principle for all code changes. This will help you satisfy a very important requirement for most enterprises. Next, you'll learn how you can use GitHub Issues, projects, and pages to support your team in their agile way of work and the way this integrates with the repo to provide end-to-end traceability from requirement to code change. Then, we look at automation and how we can use GitHub Actions to automate everything, how to build a pull request verification, and how to deploy the software to the Microsoft Azure Platform so you can implement continuous delivery. Finally, after you know how to automate everything, we go into the use of package management and the use of the supply chain tools to ensure you scan your code for known vulnerabilities, and the scanning of packages that also can contain known vulnerabilities. we include with the use of Codespaces, which provides a cloud-based Integrated Development Environment for your team members and enables remote work from anywhere without the need for any installation of software on your local computer. At the end of this session, you will have a clear overview of what the GitHub tool suite can do for you and how you can use it to implement continuous delivery and DevOps in your organization to deliver software to the Azure Cloud.

CodeToCloud with GitHub and Azure DevOps Hands-on Workshop

This workshop focuses on the Code to Cloud journey. The journey includes the integration with Azure Boards, working with GitHub Codespaces, the GitHub Flow, and the GitHub Container Registry. Students will learn to use docker and docker-compose and deploy their solution to an Azure Web App using GitHub Actions, and Azure DevOps pipelines.
To make it challenging for the students, the workshop contains challenges that can also be done individually. To make sure students do not get stuck, there are scripts available with instructions to "automatically" fix a challenge, so students can continue. The workshop also contains extensive Step-By-Step videos and written instructions. There are also videos that explain the concepts that are used in the exercises.

We will cover the following modules:
Module 1: improving the Developer Workflow
Learning Objectives
In this module your students will learn to:
• Create a backlog of work with Azure Boards and relate that to your code
• Use Docker to containerize your code, to enable a consistent environment
• Use the GitHub workflow to work together on the same codebase
• Use Pull Requests to improve the quality of your code
• Set up a Continuous Integration build to quickly get feedback
• Use GitHub Security scanning tools to shift left security issues
• Use Docker Compose to create an environment that consists of multiple components

Module 2 - Moving to the Cloud
Learning Objectives
In this module your students will learn to:
• Use Infrastructure as Code to set up idempotent infrastructure in the cloud
• Set up a resource group in Azure and assign permissions
• Set up a CosmosDB via automation scripts
• Set up an Azure Web App that runs a multi-container application via automation scripts
• Set up a pipeline that deploys the infrastructure on demand

Module 3 - Closing the Feedback Loop
Learning Objectives
In this module your students will learn to:
• Implement Application Insights in the application
• Monitor the containers and the platform
• Implement Continuous Delivery in GitHub Actions
• Set up a CI/CD pipeline with Azure DevOps to automatically deploy containers
• Set up a manual and automatic approval gate in the release pipeline, to control the release of new versions

DAPR the big picture

You might have heard of DAPR a microservices application framework. In this session, I will give you insights into what DAPR is, why you would like to use it and why it is smart to keep an eye on this technology and start applying it in your solutions now.

Design, Build and Deliver a Microservices solution the cloud native way

In this workshop, we will take you from start to finish if it comes to building a Software As A Service solution based on a microservices architecture in a cloud-native way. In this workshop we start with the foundation for success and that is designing the microservices architecture. How do you define service boundaries, what are smells of wrong boundaries and how do you replicate data in a system that is inherently eventually consistent?
Next, we show you how you can translate a microservices design into actual services that you then can run in the Azure Cloud. We will go through the creation of the services, the containerization of these services and the trade-offs when to use containerization or e.g. an alternative delivery using serverless infrastructure like azure functions.
Once we have our initial set of microservices up and running, the next step is to deliver new features in a cloud-native way. This means we run a 24x7 operation and we take a DevOps and SRE approach to the delivery of the software to production. We then look at the development process, how we automate everything and how we are able to deploy new features also when they involve database schema changes.
At the end of this workshop, you have combined many things that you could see in individual sessions throughout the conference, but here we combine them all and make all pieces of the puzzle fit into place. You now know how to build and deliver a world-class SaaS solution on the Azure Cloud.
What you will learn:
Microservices design
Implementing microservices with ASP.NET core and DAPR
Containerization of the solution and deployment to Azure Kubernetes services
Continuous Delivery of a SaaS solution in a cloud-native way
SRE practices to ensure we meet our SLO’s

The Future of IT

What is the future of IT? That is a fascinating question to ask,
but extremely hard to answer. Confucius said: “you need to
study the past to define the future.” So let's ask ourselves the
question first, what has changed our industry in the past
decades? To simplify things, let us take the perspective of
writing software and see what has changed. As Marc Andreessen
described in his article in The Wall Street Journal in 2011:
“Software is eating the world,” and by looking at software,
we might be able to see what is changing the most and see what
lies ahead of us. Nowadays, software is everywhere. It is not only
at the places you expect it, like your laptop computer or your iPad, but it is in our cars, our refrigerators, the toys we buy for our kids, our home, our washing machine and, it sounds scary, even in your toilet in the future. So software is everywhere. But how do we build software? Has that changed significantly?

The knight of NIH ... a developer tale

Once upon a time, our industry was based upon innovation and renewal. Where brave developer knights built upon the ideas and dreams of others. But as it goes in every tale, we were struck by a curse. The curse of stubbornness... in this session, I will take a look at the history of our industry and how we have evolved in the field of software development. I show based on historic examples where we as an industry could have been and where we have chosen to be the knights of Not Invented Here making us build software over and over again while we could have advanced instead. This lightweight talk gives a perspective on our profession and hopefully will make you think twice next time when you think you need to build something yourself instead of looking at what is already out there and build on the shoulder of giants instead.

Patterns and Tools for Parallel Programming

Isn't it great that we have so many cores in our computers today? But how can you as a software developer maximize the benefits from this phenomenon? In this session, I will take you on a tourney through .NET and the patterns you can apply in your software and the tools you have at your disposal to maximize the utilization of all your CPU cores and make your software perform the best possible way.

Secure and Compliant cloud delivery embracing DevOps

One of the most common challenges, when organizations move to the cloud, is getting an answer on how to do this in a secure and compliant way. This involves ensuring you set up your azure landing zones in such a way that you enable teams to deliver their solutions secure and compliant by default.
The cloud requires a completely different security model than what we are used to in the on-prem world. One important concept here is ensuring we build our cloud using a zero-trust model.
If it comes to compliance, there are many things to discuss. What does it mean to be compliant? In my work as a CTO, this is often covered by smoke curtains and vague use of terminology. But what are the fundamental concepts behind compliance and how do you achieve this in such a way you can still ensure maximum performance of your teams in delivery? This involved a high degree of automation and empowerment of your teams.
I will share what we learned over the years ensuring secure and compliant delivery for our customers. Many of those customers work in highly regulated environments like government, banks, and pharma.

Architecting systems for DevOps and Continuous Delivery

You build it, you run it!” It is a great DevOps tagline, but how can you make this work in practice?
In order to “run” the software you need to have insights in how your application is doing in production.
You need insights into the performance, usage, infrastructure utilization and new releases that are deployed and their impact.
In this session I will provide you with practical architectural principles that will help you:
Separate deployment from release so you can deliver your software any time you want, without downtime
Get telemetry and insights on product usage, Performance and infrastructure utilization.
In DevOps you also strive for autonomy. You just don’t want dependencies on other teams. How do you design your system to be independent of other system, while still integrating?
I will talk about: how to gather telemetry and performance data, deployment techniques, development techniques that prevent downtime.
After this talk, you will have new insights how to build a system that you can build and run without losing sleep when you are on pager duty.

Writing Maintainable Test Automation

How well do you test your application or Web site? Are you still testing your applications or sites manually and does that take a lot of time? Do you find it hard to create and maintain automated tests for your applications? Have you created automated tests but do you find them hard to maintain? This session will teach you how to build maintainable automated test suites using various technologies like Selenium or Appium and integrate it with Microsoft Azure DevOps to give you a holistic view of your current sprint in terms of test completion and coverage.
In this session you'll learn to build test suites in such a way that they are maintainable by default. This session will introduce the concepts like: Page Objects, DRY and DAMP tests.

An Introduction to Service Meshes on Kubernetes

A service mesh is an infrastructure layer that allows you to manage communication between your application's micro services. As more developers work with micro services, service meshes have evolved to make that work easier and more effective by consolidating common management and administrative tasks in a distributed setup.

In this session I will show you how you can set up a Service Mesh on Kubernetes and run a Micro Services application written in .NET and C#. You will discover how we can utilize the service mesh to have different deployment strategies and ways to secure your communication between micro services.

From one release per quarter to 30 times a day

In this session I will take you along a journey where we have an existing legacy application that we will enable to be released multiple times a day.
I will teach you how to apply modern release techniques that enable you to move from long and tiresome release cycles to releasing multiple times a day. I will cover the fundamental concepts of DevOps that will enable multiple releases
a day. think of concepts like: Feature Toggles, Red/Green Deployments, Telemetry, Cloud technologies, deployment automation, etc. This session will learn you how
to release quality software any moment you want.

Implementing Zero Downtime Application Deployments on Azure PaaS

How can I deploy my applications to Azure PaaS like Azure Web Apps and AKS without having any downtime? How can I automate this and how can I ensure my customers won't notice changes are happening, even when you need to update your database schema? In this session I will show you how to use Azure DevOps Build and Deployment pipelines to deliver your application to production many times a day while not interrupting your users.