3 Themes from the Velocity Conference 2019

This week we attended the Velocity Conference in San Jose, CA. Velocity focuses on best practices and tools for building, deploying, and running complex, distributed applications and systems. During the conference we heard three main themes: 1) resiliency, 2) observability, and 3) distributed system security. Interestingly, the themes we observed were the same as last year.

We analyzed the ~70 session talks across 10 categories and found observability, security, and resiliency were the main technology topics. We tagged each talk to only one category, which we acknowledge can be hard.

Speaking to attendees on day one, the biggest theme that stood out was resiliency testing, which is the ability gracefully handle and recover quickly from failures. Notable talks included Kolton Andrus the CEO of Gremlin, an enterprise resiliency testing solution, and Aaron Rinehart of UnitedHealth that uses chaos engineering to proactively experiment on recurring security incident patterns.

The observability and security talks remained fairly consistent year-over-year. For observability, the most noticeable addition was a new sponsor Flowmill that offers distributed application monitoring.

Regarding security, many vendors are using the language “identity is the new perimeter.” Given execution environments range from VMs to containers to serverless functions and span public, private, and edge environments, individual services must be cryptographically verified. The security talks emphasized that modern security requires “identity distribution and trust management, global governance of policy and access rules, and uniform enforcement of authorization across execution environments.” Vendors in this space include Aporeto, Edgewise Networks, amongst other.

Professional development represented a larger portion of talks than expected. A recent O’Reilly survey found, “Nearly 50% of respondents cited lack of skills as the top challenge their organizations face in adopting cloud native infrastructure.” Technologies’ rapid innovation appears to be outpacing individuals’ skills.

Kubernetes, currently the hottest infrastructure-focused open source project, represented a smaller percentage of talks than expected. Since Kubernetes is becoming the default orchestrator, we believe individuals are trying to learn how to extend it to interoperate with other technologies; hence, these talks were marked in other categories.

Finally, we were surprised serverless technologies were not a larger portion of the conversation. AWS Lambda is almost five year old, about six months younger than Kubernetes, and yet serverless didn’t have as large of a presence as we would have anticipated.

Overall, technology themes remained consistent at Velocity Conference. Resiliency testing seemed to have a larger presence than last year while observability and security were in line. Skill development seems to be a limiting factor for cloud native infrastructure adoption. Kubernetes chatter was ubiquitous but serverless wasn’t.