 Hello and welcome to Kubernetes Edge Day. My name is Prasinjit Singh. I am the director of cloud and DevOps practice at Stars Play Dubai where we are reinventing video streaming with state-of-the-art engineering on the cloud and the edge across 20 plus countries worldwide. Today I'll talk about DevOps on the edge. Essentially we'll touch upon DevOps tools, tailored practices that will define the journey to the edge computing and assess where we stand today in terms of edge capabilities. Well I must tell you these are really exciting times and we are heading towards a disruption and I'm saying this because three contemporary technologies are on course to define the next ticket. Number one containers that we have machine learning and 5G networks. While containers provide portability, 5G provides the speed and bandwidth, while machine learning provides you the insights. So just imagine what power these three can bring together. These have diverse applications right from auto driven cars to medical lifesaving equipments, video streaming, collaborative gaming, space exploration and the list goes on. In fact this combination paves the way for a massive disruption which we call edge computing. This will transform how enterprises run applications and services today. Code to this transformation is also the ability to deploy these applications to edge location. Now before we go on and understand deployments let's understand the edge. Now what is edge? For the uninitiated edge computing is a distributed computing architecture that moves applications as close as possible to the user base. So what happens edge computing moves IT resources closer to where data is produced and consumed. So the traffic from the devices is processed and analyzed in near real time. Unlike the cloud deploying closer to the edge enhances consumer experiences by reducing latency and network calls. It also makes the technology reliable enough to handle critical applications like say remote patient monitoring by hospitals, content delivery for streaming providers, then you have energy management in power grids and of course autonomous vehicles. Now all this sounds very cool and futuristic but what are the challenges? Let's have a look. Well the edge is a crowded place smaller footprint but more numbers. It is distributed across thousands of locations with limited space, limited cooling power, scars, computing resources, architecture heterogeneity and then edges made up of different nodes, various sizes, vendors and technologies, large small PNF, Acreno, you have AWS, Greengrass, Azure, Edge and AWS Outposts etc etc. So this requires a proper and flexible and lightweight orchestration tool. So yes orchestration is one of the biggest challenges because of this heterogeneity in the edge environments. Then we have scalability challenges. Edge nodes are small, availability for resources, for applications is not guaranteed and then because of the numbers and heterogeneity visibility is another blocker. So you need good monitoring and insights framework to track and solve issues on the edge. Adding to that when we keep running edge nodes we keep generating data. So edge locations would not have ample resources to store and archive that data. So there needs to be a proper policy to recycle, store or archive data. So that becomes a challenge on the edge. And finally data at the edge is highly distributed which means enlarged attack surface. So hackers can easily gain access to edge devices and at the same time because you have less visibility of what's going on it can be disastrous. So how is all this tackled? What is the answer to this? What is the answer to these challenges in fact? I believe DevOps is the answer. DevOps practices provide a framework for delivering consistent and reliable software and the changes are done as fast as possible. Microservices, containers, orchestrators like Kubernetes and CI CD pipelines solve the problem of heterogeneity and deployments. DevOps allows build infrastructures on the edge using Terraform and to manage configurations of infrastructure and software defined networks and Ansible can also be used to manage configuration, playbooks can be used to run lifecycle operations and archive and backup the data to back to the cloud from the edge to different object stores like S3 or whatever. So that is how DevOps allows to solve problems in the edge. Now DevOps practices ensure applications built for open containers can be securely deployed, tested, run and managed on multiple devices with services executed from multiple private and public clouds. Also lightweight monitoring probes enable real-time telemetry of these devices. Finally DevOps provides the guardrails to your developers early in the development cycle so that they can stay agile and without inadvertently compromising security. Checks can be integrated in CI CD pipeline to prevent security issues and from vulnerabilities to make the way to your edge environment or it can also alert the developers to know what is going on at the correct time and remediate that problem before it's too late. So that is another advantage DevOps provides and shifting security left this approach from DevOps is good for reducing not only cyber risk but also it reduces cost. So that's how DevOps practices solve the problems of orchestration, security, scalability, monitoring and lifecycle. So now let's discuss how is that to be done, like how and what are the tools we'll use so that DevOps can be tailored for the edge. Well custom DevOps for the edge requires a few tweaks. You can either go with public cloud offerings AWS Azure and even IBM and Red Hat they have very good solutions for the edge. Well it depends upon your choice and scale you can even go open source if you want. Well assuming you go open source so first thing use GitOps. So the core idea of GitOps is having a Git repository that always contains declarative descriptions of infrastructure currently desired in the production environment and the automated process to make the production environment matched the described state in the repository. So that will set up CI CD on the top of declarative infrastructure so you can stop scripting and start shipping your products to the edge. So GitLab, GitHub, Bitbucket these are all good enough and they have various GitOps tools with them as well. You can even create your own open source Git repository for this. Well the second thing for declarative pipelines and CI CD on the edge you can use drone. Drone is a very lightweight CI CD tool and you can use it to build the image launch tests and deploy on different environments. It is lightweight and does the job. Well if you have a hybrid in for a where you can afford to run Jenkins server say on the cloud then you can use that too. But it is a bit heavy weight because it's Java so if you're just doing it on the edge prefer to do it with drone. Then you can use a rancher to manage application catalog, help charts, monitoring project access, rights, and Kubernetes nodes. You can use GT to manage sources for the applications and you can use Helm charts to version those in the source repository and if you are doing it open source and not in the cloud for Docker image storage you can use something called Harbor it's open source image repository and you can store Docker images there check vulnerabilities and you have various storage controls as well. Fourth as the orchestrator you can use Kubernetes and use the lightweight version of Kubernetes. There are a couple of lightweight versions and I prefer k3s from Rancher you can use that too very lightweight easy to deploy and start using. And finally you can use lightweight monitoring tools like net data it's open source monitoring tool and you can also use a combination of Prometheus plus Grafana. So Prometheus will act as the agent and collect data while Grafana will be used for creating your dashboards. Finally shift left for your security gates in the most simple terms shift left security is moving security to the earliest possible point in the development process. So in this case it will be incorporated in the pipeline even before the container is baked. This along with other peripheral security layers will make the edge apps robust. So what are the takeaways? Because edge has a smaller footprint use lean tools that's the number one takeaway. Use lightweight strip down fat-free tools. Number two shift left introduce your security checks in the beginning of the pipeline itself instead of going for just a final check after the application is deployed by having a firewall in place or something like that. Better to have the checks in the code level so that even if someone violates he would not be able to make much out of your vulnerability. Then of course practice DevOps principles CICD continuous deployment continuous integration and continuous feedback by getting alerts from your devices on the edge. And finally not the least use Kubernetes because that makes orchestration seem like a breeze and because when you're talking about the edge say you're monitoring a car then the car is not a car it's a worker node of a Kubernetes cluster. That's all from me today. Stay connected for the upcoming sessions at Kubernetes Edge. Thank you.