From Pivotal Software, Inc.
I'm a Software craftsman, Spring Data Engineer at Pivotal, and a member of the CDI 2.0 expert group. I was developing Java server-, frontend-, and web applications since 1999 and my focus is now on software architecture, Spring, and Redis.
Running multiple instances of microservices, deploying Docker images to Kubernetes is the current trend. But what about security? Are you encrypting passwords? Where do you store the key? How often do you rotate secrets? A modern system requires access to a multitude of secrets: database credentials, API keys for external services, credentials for service-oriented architecture communication and often much more.
Traditional, manual patterns cannot keep the security bar high with dynamic deployment scenarios. Secrets should stay secret and not get distributed amongst the landscape.
Come to this session to learn how to keep the security bar high while running services that require secrets. You'll see how to securely share and manage secrets (certificates, passwords, keys) for your services using Vault and how to use it with Spring Boot.
Building reactive applications does not simply end by throwing arbitrary reactive libs on the classpath and picking an appropriate frontend technology. It's a cross-cutting concern throughout the entire stack. We'll have a look on Spring Data utilizing Project Reactor and Spring 5 get hold of a reactive data access layer on top of NoSQL stores.
An opportunity for discussing Spring Framework 5, Spring Boot 2, Spring Cloud, Project Reactor and everything around... as well as JDK 9 and Java EE 8 from a Spring perspective.