Home >> Blog – EN >> Voxxed Days Luxembourg 2023 – Feedback

Voxxed Days Luxembourg 2023 – Feedback

28 June 2023

By Romain Boulanger.

A few words to start…

I had the chance this year to be selected for the Voxxed Days which took place in Luxembourg on June 21 and 22, 2023 to present my talk on “Déployer de manière dynamique votre code avec GitLab CI”. It had been a while since I had set foot on stage for an event like this.

This conference brings together several developers, but above all real enthusiasts who want to share content or discuss several topics: software development, UX/UI, Cloud, Big Data, security, automation, etc. The level of the conferences was very varied, whether you are a beginner or an expert, there is something for everyone!

On the menu, several types of formats: Keynote for the start of the day, University (2 hours), conferences (45 minutes), Tools in Action (25 minutes) and Quickies (15 minutes).

In this article, I offer you the opportunity to discover or rediscover with me the few conferences I had the chance to attend.

First day

Opening Keynote: Numérique et éthique : l’impossible équation ?

Link to summary

By Audrey Neveu and Agnes Crepet

To begin with, the opening Keynote of this first day discussed about ethics in tech with the environmental cost of digital which today represents less than 4%.

The objective is obviously to lower this percentage by simple gestures in particular to keep his mobile phone longer. These phones are indeed very little recyclable, only 20% of the materials can be recovered and this represents 57 million electronic waste. In 20% of cases, a phone is changed due to lack of software support.

In addition, a mobile phone is extremely polluting: its creation requires more than 200 components including 50 minerals, i.e. the extraction of more than 70kg of raw materials.

The fact of always producing so many telephones creates other problems:

  • Difficult working conditions;
  • The work of minors;
  • Very low pay.

Several other ethical issues are also mentioned:

Theft of data due to an application that is too insecure;
Surveillance by tracing or easy recognition;
The dangers of AI and the progress associated with it over time.

Therefore, the responsibility of the developer when creating an application to avoid retrieving sensitive data from a user without his consent.

This keynote ends on the fact of changing mentalities and changing habits: it is better to keep your phone as long as possible (the benefit for a phone with a lifespan of 7 years would be a 44% reduction in CO2 emissions) or have it repaired.

The conferences

Real-time Fraud Detection – Challenges and Solutions

Link to summary

By Fawaz Ghali

Through this conference, Fawaz Ghali first highlights the losses due to fraud: 28 billion dollars in 2020 and with an estimate of 408 billion between 2021 and 2031, which is significant!

The purpose of fraud detection is to analyze suspicious behaviors without impacting the daily lives of application users (not increasing processing time, latency, etc.).

The example that is taken is based on the banking sector where banks use several models in order to detect unusual activities, in particular as soon as a person changes country, spends excessive amounts by creating a score which makes it possible to say at the end whether it is suspicious activity or not.

Finally, the presentation ends with a demonstration where data is analyzed in real time and uses a detection engine thanks to the Hazelcast solution.

A legacy app enters a Serverless bar

Link to summary

By Sébastien Blanc

Sébastien Blanc, in a presentation in the form of a tale, tells us all the steps necessary to transform an old Spring 3.0 application into Serverless. We are talking about an application that allows you to order Stroopwafel which are Dutch waffles.

First of all, this application interacts with others in a desynchronized way: the objective is to add connectors in order to react to events so as to streamline the processing of orders. Then comes the moment when KNative technology is mentioned to benefit from Serverless technology for containerized applications so as to invoke only these when there are orders.

Visite de la production de Doctolib

Link to summary

By Nicolas Martignole

In this feedback, Nicolas Martignole tells us about the organization of the production of Doctolib which is in fact a monolithic application in Ruby which allows, among other things, the scheduling of medical appointments. This application is containerized and runs on the Frankfurt and Paris AWS Regions.

He indicates that Doctolib is also three production releases per day while using the Datadog supervision solution to operate while having a multitude of probes.

The application may be a monolith, but it is broken down into “Engine” (Ruby concept), which makes it possible to isolate the code in the sub-perimeter.

Finally, when it comes to infrastructure deployment, Terraform and Github Actions are used.

Gérer les drifts des ressources Terraform grâce à la méthode GitOps

Link to summary

By Katia Himeur

Katia Himeur evokes in this talk the GitOps method applied to Terraform in particular with the aim of eliminating drifts (difference between the declared state and the desired state), which are the main concern of this tool.

Several options are mentioned to avoid this problem:

  • Option 1: Hope that no one comes to manually modify the deployed resources, which is often utopian;
  • Option 2: Use in-house scripts or tools like driftctl to reconcile the state, this solution is often not easy to maintain;
  • Option 3: Configure a standalone tool that can alert and reconcile status, which seems the most optimal option.

It is solution 3 that was favored and highlighted during a demo using the GitOps method associated with Flux and TF-Controller.

Depending on the configuration, the state will be reconciled every minute.

Finally, Katia mentions several advantages of Flux coupled with TF-Controller:

  • Possibility of having multi-tenancy;
  • Drift visualization in read-only mode;
  • A manual step can be added to approve or not approve infrastructure changes.

Déployer de manière dynamique son code Terraform avec GitLab CI

By me 🙂

Link to summary

It’s my turn to present my subject!

I talk about different ways to deploy the code of your infrastructure with Terraform, whether it’s a small project with code contained in a folder, but also for larger projects with a code base distributed in different folders. The infrastructure used is based on Google Cloud.

The objective is first to check before deployment that our code is clean by using several tools:

  • It is correctly indented (terraform fmt);
  • It respects good practices: the variables are correctly used, addition of a description and a type, etc. (tflint);
  • It does not expose any security problem: excessive rights given to a user, storage space in public mode (checkov);
  • It does not involve regression by running an end-to-end test (terratest).

In the first demo, I show a GitLab CI pipeline with all of the above steps to deploy a minimalist framework.

Then, I continue with a more advanced case, where in a mono repo we have several layers or components (folder, project, network, etc.) of our infrastructure, and, we want to visualize all of these via steps distinct whether for the plan but also for the apply.

That’s why I rely on an advanced feature of GitLab CI called child pipelines. This makes it possible to generate a “sub-pipeline” from the main pipeline so as to create a set of Terraform stages according to the layers or components of the infrastructure.

Faire du Kubernetes multi-providers en mode GitOps avec CrossPlane

Link to summary

By Ludovic Piot

Another presentation based on GitOps, but this time with CrossPlane which is an operator deploying in a Kubernetes cluster allowing the creation of Cloud resources but not only. This solution aims to avoid drifts when using Terraform.

First of all, a presentation of the tool is made by Ludovic Piot who indicates that the number of providers continues to grow in different categories: Cloud, infrastructure as code, CI/CD, but also tools supervision.

However, a problem exists when we want to deploy CrossPlane to create resources: we need a Kubernetes cluster.

During his demonstration on Google Cloud, Ludovic uses the MiniKube integrated with CloudShell to initialize CrossPlane and start the deployment of resources.

The big advantage of this type of tool: being able to deploy the application but also the infrastructure contained in YAML files. Small point of attention, unlike Terraform, this tool does not make a “plan” to visualize the resources created and does not manage dependencies. It uses the concept of “retry” when an error occurs.

The presentation ended with the presentation of Anthos, which is a Google Cloud-specific product for managing a fleet of Kubernetes clusters whether on other Cloud providers or in the company’s datacenter. Anthos has the advantage of integrating with all Google Cloud services and benefiting from very interesting features such as Workload Identity which allows you to link a Kubernetes service account to a Google service account.

Second day

Opening Keynote: Coding to the Beat: When AI Joins the Band

Link to summary

By Laurent Kratz

This second Keynote focuses on the AI ​​associated with music. A brief summary is made on the difference between AI and Machine Learning (ML) where the latter is one of the means that is based on learning. This learning consists of an algorithm to be trained with a set of rules.

Laurent tells us that music has a very strong link with mathematics. This allows the use of artificial intelligence to compose melodies or songs.

Finally, the last part focuses on ethics where new regulations are to be expected. In particular with regard to the European Union with the fact of having to display explicitly if a content has been generated by an Artificial Intelligence.

The conferences

Je malmène ta prod en direct avec 15 failles de sécu

Link to summary

By Gaetan Eleouet

In this talk, Gaetan Eleouet highlights that security is everyone’s business. A figure is quoted: 72% of security issues come from the code!

During this presentation, which alternates between theoretical content and demonstration, Gaetan lists several flaws as well as their respective impacts:

  • SQL injections: Modification of an SQL query intentionally;
  • Cross Site Request Forgery (CSRF): Authentication flaw to execute actions implicitly;
  • Cross-origin resource sharing (CORS): Mechanism which makes it possible to recover resources through a domain other than that of the site in question;
  • Cross-site scripting (XSS): Code injection;
  • and many others…

The consequences associated with these flaws can be presented in the form of the CIA trigram: Confidentiality, Integrity and Availability.

The OWASP (Open Web Application Security Project) makes it possible to list all of these vulnerabilities for the security of web applications. In addition, the OWASP Top 10 aims to popularize the most common security problems with the aim of raising awareness and reducing their risk of occurrence within the developed applications.

Progressive Delivery in the Kubernetes Era

Link to summary

By Kevin Dubois

In this last presentation I was able to attend, Kevin Dubois talks to us about GitOps with the use of Argo and Tekton, all in a Kubernetes cluster.

During this talk, Kevin wants to develop his application which is a car game made up of two teams. The goal is to implement a new feature and to deploy it to all users.

This is why Tekton allows running several steps called “steps” to containerize the application within a task until updating the deployment YAML file with the sha256 of this new image.

The next step is to deploy this new image with Argo, and more specifically, Argo Rollouts which allows for gradually deploying the new version if it does not contain errors with a metric system based on Prometheus.

To do this, Kevin uses an object of type AnalysisTemplate coupled with a Rollout to allow progressive deployment.

It’s time to conclude!

This 2023 edition of Voxxed Days Luxembourg was an opportunity for me to present my talk while browsing through several conferences on interesting topics. As you can see, I targeted cloud-based and automation conferences.

I am really grateful to have had the chance to participate in this conference and I would like to thank all the organizers of the event as well as SoKube, who allowed me to go there.

I look forward to future editions of this event, with why not, the possibility of applying again on another subject to present.

Leave a Reply

  Edit this page