Day 2 of ChefConf ’21: Online proved just as informative and entertaining as day 1, beginning with another morning coffee session with the Developer Relations team for Chef, and continuing with a Product Keynote and Live Q&A featuring the Chef product leadership team.
Captured during live Q&A with Chef leadership team
Sudhir Reddy, VP of engineering, Prashanth Nanjundappa, senior director of product management went into greater detail about new features and plans for Chef products. The talk showed where we’re focusing our energy this year, the best new features we’ve launched, and had some great conversation triggered by questions from the community.
Sudhir also announced this year’s Awesome Chef award winners! This year's winners include some of our most active and longest-standing community members: Jeff Brimager, Ben Hughes, and Lamont Granquist. See this blog post for more information on those three and the Awesome Chef awards.
In the next hour, speakers from Progress Chef convened for the panel, “Continuous Compliance and Productivity with Chef Desktop.” Sundeep Charles, senior manager of product marketing; Spencer Hopkins, Americas manager; Nischal Reddy, senior product manager; and Niamh Cahill, director of Chef Solution Architects, discussed the importance of continuous compliance of distributed laptops and desktops – something that’s become especially critical with more people working from home.
Hopkins noted, “People are getting a lot more intelligent around how they configure these laptops for their employees, and then even more so how these configurations are constantly secure and compliant with all their security needs. This idea of DevSecOps and automation for the fleet management of desktops is really starting to take off.”
“Instead of just thinking about our data centers or our cloud workloads, we’re thinking about all endpoints that we might be able to control and make sure that they’re compliant,” he added. “And desktop is just the next natural iteration of that beyond servers and thinking about those edge-type use cases. That’s where Chef and a lot of our customers are taking us.”
During “Chef’ing with Terraform, the New Way,” Kyle Ruddy, senior technical product marketing manager at Hashicorp, talked about the removal and deprecation of the Chef provisioner and what it means for existing Terraform configurations.
“We recently released Terraform 1.0,” Ruddy said. “This was a huge release because when it comes to Hashicorp and the 1.0 releases, it really is about long-term support – being able to give everybody the confidence of using Terraform within their infrastructures to continue with that workflow in a dependable way throughout the lifecycle of the 1.x product.”
“When it came down to trying to support those things and building this dependable workflow, there was some cleanup that needed to be done,” he continued. “And with that, there were a couple things that had to be removed, one of which happened to be vendor provisions. The important part here is that we announced the deprecation going back to 0.13.4. So, hopefully we’ve given everybody enough time to get up to date and find this new way in order to continue using Chef in their environments with Terraform.”
In “DevSecOps from the Palm of Your Hand – On a Weekend,” speakers from Progress and Krista Soft showed how Chef and Krista can empower organizations to conduct remediation processes and keep their environments compliant from any mobile device. “Testing ‘Hardware’ Cookbooks with Kitchen” featured Joe Nuspl of Workday, who presented strategies of varying complexity to test hardware specific cookbooks.
In a mid-afternoon session, Chris Hughes, CISO and co-founder at Aquia; AJ Yawn, co-founder and CEO of ByteCheck; and Chris Medina, director and general manager of public sector sales at Progress Chef talked through DevSecOps practices from top to bottom.
“DevSecOps Roundtable: Why Automation Matters” aimed to help attendees understand what DevSecOps really means, show how DevSecOps and Automate can deliver continuous compliance or security, and explore how DevSecOps practices can affect organizations from different industries.
“DevSecOps, to me, is all about the philosophy,” said AJ Yawn. “It’s all about the mindset, how you’re thinking about security early on in the process. A lot of times, organizations will care about spending a ton of money before they think about what exactly DevSecOps is at their organization, and what it actually means.”
“Good security always requires context, so you should be thinking, ‘How does this fit in my organization?’” Yawn stated. “It’s making decisions and educating your users and operators and engineers to think about security earlier on in the process. When we’re more specifically talking about developing web applications or software tools like we do at Byte Chek, that’s earlier on in the development process.”
Session on "Improve Your Automation to Reduce Toil" by Mandi Walls
ChefConf attendees also heard from Mandi Walls, DevOps advocate at PagerDuty, who covered key considerations for building out your automation library, as well as the characteristics of good automation. And in “Pitfalls of Infrastructure as Code (And How to Avoid Them!,” Tim Davis discussed everything from infrastructure pitfalls to coding pitfalls, and how organizations can be successful in their IaC journey.
Day 2 wrapped up with a recap and the winners for our social media contests being announced, as well as announcing the dates for next year’s ChefConf, an event that promises to be just as insightful, community-driven and fun as every ChefConf in the past.