Master of None
By Dinakaran Sankaranarayanan
Master of None Feb 19, 2021
What the heck is Digital Transformation anyway ?
What the heck is Digital Transformation anyway ?
Digital Transformation has caught the fancy of large organisations in the last 5 to 6 years. We get to hear about organisations becoming more digital.And what does this becoming Digital means ? We have been in the digital world and have been using banking services and other online services for well over 15 years now and they are mostly digital as a customer. So what has changed? I tried to address this aspect in the podcast. Like DevOps , if you speak to different people , each will have their own perspective on what Digital Transformation is all about. And to be a great extent , it might be true as well. I would like to bring my perspective on what Digital Transformation is all about, by taking a real world example and applying the core elements of Digital Transformation that involves people , process and technology. I also delve into the metrics , goals and outcomes that are required for Digital Transformation and the evolving trends and process in software engineering that can help to make Digital Transformation successful.
Hope you like it.
Deployment Strategies for Modern Infrastructure
In this podcast, we are going to discuss the Deployment Strategies that can be adopted for managing modern infrastructure. Customers are digitally savvy these days and downtime is frowned upon. So how can we plan our deployment in such a way so that there is little to no downtime for the end-users? To arrive on a deployment strategy, we need to understand the requirements to start with and then mapping each deployment strategy with pros and cons. I have discussed on the capabilities and requirements for arriving and deciding on deployment strategies, the various deployment strategies like Recreate, Rolling Updates, Blue Green, Canary and A/B Testing. Monitoring and Deployment Automation is another important aspect that needs to be factored. With Modern workloads in the cloud, Immutable Infrastructure as a paradigm is gaining traction. Finally, we end up discussing the best practices for Safer Production Deployment.
Some of the topics discussed :
Capabilities of Deployment
1.Provision
2.Configure
3.Deploy
4.Scale
5.Monitor
Requirements to firm up a Deployment Strategy
1.Zero Downtime
2.Real Traffic Testing
3.Targeted Users
4.Cost
5.RollBack
6. End User impact
7. Complexity of Setup
Deployment Types:
1.Re-create
2.Blue Green
3.Rolling Updates / Ramped Up
4.Canary
5.A/B testing
Other factors to be considered :
-Monitoring and Automation of Deployment
-Immutable Infrastructure As A Paradigm
-Tips and Best Practices for Safe Deployment
Demytisfying oAuth And OpenID Connect
Authentication and Authorization as a concept has been there for a long time. oAuth is the most standard way in which authorization is implemented and OpenID Connect is a preferred mechanism for authentication. In this podcast, we will Demystify oAuth and OpenID Connect - why, what and how. We will briefly touch upon the history of authentication, OAuth Grants, Scopes and Claims. We also discuss the different types of tokens like ID Token, Access Token and Refresh Tokens. We also briefly touch upon the differences between Cookie and Token and finally ending with how API validates these token. I hope you find the topics discussed in this episode useful.
DevSecOps - Security is not an afterthought
DevSecOps is a relatively new term coined that focus on the collaboration between Application Development, Operations and Security Teams coming together to deliver applications and software in an agile fashion in an iterative, faster and secure way.
In this podcast, we discuss the reason why DevSecOps have come into focus in the last few years. And for teams to start adopting DevSecOps practices, what are different aspects, perspectives and approaches that need to be considered are also briefly touched upon. Threat Modelling is the starting point to understand the security posture, identifying gaps and prioritize critical aspects that need attention. We also discuss the tools, technology and automation that are required for successfully building DevSecOps practices.