Overview

Attending Cloud Summit for the first time allowed me to gain a deeper understanding of cloud technologies. I am quite happy to see that the industry has many new tools and technologies that simplify complex tasks, continuously pushing the capabilities of Taiwan’s software industry.

Of course, a speaker who discussed the double-edged nature of the Cloud, highlighting both its advantages and disadvantages. In this era of AI, technological iterations are happening rapidly, but the unchanging principle remains that we must maintain our motivation to learn and embrace new technologies.

Various Exhibitors

The number of booths at this summit, compared to the SRE Conference I attended a few months ago, was overwhelming, with over 40 booths. I believe this is a good thing for two reasons: firstly, it allows everyone to get to know the latest cloud technologies and broaden their horizons; secondly, it might help us introduce these technologies into our future work environments and understand the latest developments. Most importantly for everyone, the gifts from the exhibitors was plentiful. The best item I received was an universal travel adapter (with a 1/9 chance of winning by rolling two red dice).

One exhibitor directly gave me a phone stand and a swipe card without even needing me to fill out any information (maybe they wanted to distribute their goods quickly and head home?).

Upon entering, I rushed through 40 booths to swipe cards to get a pink t-shirt in the afternoon (laugh). The exhibitors were proactive in swiping cards, although some required you to share personal information in exchange for a swipe.

Speech Insights

Exploring the Gradually Lost Technical Skills in the Cloud Native Era

The most recommended topic of this summit was “Exploring the Gradually Lost Technical Skills in the Cloud Native Era” For detailed information, refer to the speaker’s slide link. Here, I want to share my personal reflections.

After listening to the speaker, I couldn’t help but reflect that while technological iterations are an inevitable result of technological progress, are we losing essential developer skills in the process?

Currently, with the rapid development of Cloud and the convenience of Kubernetes (K8S), deploying a complex service has become very easy. This convenience is a benefit but also a drawback, as the speaker mentioned, it’s a double-edged sword. Often, everything works fine, but when issues arise, we might be unable to solve them (YAML often hides some details). The speaker criticized that many might just be YAML engineers. In this era where Cloud is so convenient, one might also be called a Click engineer, deploying complex services with just a few clicks. However, without delving into fundamental knowledge, debugging can be prolonged and misdirected.

Services that used to take months to develop can now be completed in weeks or even a day. This might give supervisors the illusion that any problem should also be resolved within a few days. But as described above, due to the convenience of deployment, our understanding of the underlying logic might be insufficient, leading to unforeseen problems.

This issue also extends to the AI level. When using ChatGPT, we might become lazier, skipping developer documentation and directly asking AI. While this isn’t inherently bad, as natural language queries can save us a lot of time searching for code syntax and quickly acquire knowledge, the days of using Stack Overflow and Google keywords are fading. Today’s engineers can quickly get applicable code but might not understand why it works.

The speaker concluded by emphasizing the importance of fundamental knowledge and continuous learning, such as joining study groups to regularly acquire new knowledge. I strongly agree and believe it remains crucial in this AI era. Fundamental knowledge helps us approach problems from different angles and understand the simplified processes of cloud platforms (one button might execute several scripts).

Experience with Enterprise-level DevSecOps Platform — Enhancing Code Quality and Security Vulnerability Fixes

I have previously heard of DevOps and applied it in workflow, but as information security has gained more attention in recent years, DevSecOps has also become increasingly important among engineers (Sec stands for Security).

Applying this platform in actual work would be very convenient. This product integrates CICD processes with vulnerability scanning and allows registration to replace multiple platform accounts (as it integrates third-party services like GitLab, SonarQube, etc.). The selling point is that it can use AI to fix issues detected by SonarQube, and customization can be done in the YAML file for the degree of fixes. Of course, AI-generated code might still have significant issues, highlighting the importance of “unit testing”, ensuring AI-fixed code passes these tests.

However, this convenient platform somewhat contradicts the previous recommended speech. If a company adopts such a convenient platform, developers still need basic domain knowledge to handle it and avoid being clueless when problems arise.

Conclusion

Recently, our company is also looking to adopt CICD processes, so this summit was a great opportunity to learn new concepts and hear industry perspectives and exchanges. Overall, I found the summit quite rewarding, despite not getting a lunch voucher in the morning (the announcement said to come before 8:30 to get a lunch voucher, but I arrived at 8:15, and the queue was unexpectedly long).