SUGCON 2018 Berlin: from an ops perspective

Since there were 60 sessions to participate in, it seemed like a hard job to make a selection. On the other hand, there weren’t as much sessions with focus on operations which made things easier. The opening session was about connecting and processing data with x-connect that is not coming from within a Sitecore application. Basically it explained that all data can be pushed to/consumed by the x-connect API. Think about all data enrichment IOT, RFID, Bluetooth beacons, Microsoft Flow etc. could give us. I can imagine, for example, personalized billboards triggered by the marketing automation engine. Personalized HoloLens projections behind shopping windows of items YOU would buy while walking through the mall (ordered using wearables?). The specific message that was given to the community is that thinking outside the box will lead to new perspectives and opportunities.

The sessions related to continuous delivery using Azure seemed like something that we, at Macaw, early adopted and are ahead of in comparison with the majority. The round table sessions ( Azure / SIF ) were more interesting due to the interactivity, although there are still a few things I didn’t get a fulfilling answer on yet.
* What is the best way of setting up a multiregional Sitecore environment with multiple core databases? So we won’t lose HA and/or latency.
* How to handle the queueing mechanism and how to keep these core databases in sync?
* Are there plans on increasing the Azure search field limitation of 1000?
* Are there more people experiencing ETIMEDOUT errors while using the app service deployment task within VSTS and how to solve?

Basically I was told to address bug reports and create UserVoice topics.

The SIF was new to me, I am convinced of the power but ‘was’ confused by directions.. should we not aim to build all our implementations on PAAS from now on and whenever possible? Luckily there were a few, just a few, developers to explain me why developing on their local machine is basically a prerequisite for fast debugging and coding. I believe that SIF fits in to VSTS perfectly. By using version control and remote PowerShell we are able to create similar Dev environments for all developers with centralized configuration. By just changing the host and credentials to deploy to a local machine I guess we could easily role out Sitecore installations on Dev machines. This would make it easier to maintain the update process as well. Since we organize and maintain Sitecore binaries and deployment scripts centralized.

The XP scaling session was clarifying quite a lot of the possibilities for keeping the environment running smooth. Main note was that it all depends on the load you are handling, the load you are expecting and the load you should expect. It would make sense to load/stress test your environment and know what actions to take in case of urgent needs. I guess it is an open door to mention, but please configure SKU, monitoring and alerts based on the metrics that you AND your customers define to be the correct values.

I joined the EXM Live! session to get some additional knowledge about the purpose and use of EXM. I was stunned by the slides of, really enjoyed the intro!
It seems like with Sitecore 9+ EXM is becoming more popular since it is included and the most teething should be lost. What was said is that EXM should be able to mail
4 million messages a day. Probably with enough dedicated dispatch servers and a decent SMTP provider, but other than that, quite impressive.

The white hat hacker session seemed to be an eye opener to a lot of people. It is a subject that still not seems to be adopted by everyone. While doing a great job, obviously, it did not seem to be that much work for the presenter to find weak links within the public available Sitecore environment. By creating a robot and scanning for known paths and files that have been marked as vulnerable he found that 52% off all sites found seemed to be unprotected is some kind of way. I guess the Sitecore security guidelines are not always followed as should. Besides that I think the most important message that was sent is awareness. Do patch, do use vulnerability scanner(s), don’t burn your hands on customers that do not ‘feel like’ upgrading, do use IP restrictions, protect endpoints with WAF and or firewalls, do use NSGs and last but not least, http … really? Conclusion, great session. We all should adopt security in our ALM processes.

The final piece I would like to mention is the use of Sitecore Flow. It is an incredible feature that you can now easily expand Sitecore with Microsoft Flow, just by installing a module. This basically gives us so many new use cases to think about. What about triggering a workflow that executes an API call to execute Sitecore PowerShell commands and so be able to configure/control Sitecore from web-based actions. What about all those easy to implement connectors that are now being available. Really awesome work!

I sure hope that next year there will be more sessions in relation to architecture, performance management, monitoring and best practices on building deployment pipelines. Perhaps even more examples or talks about different environments within Azure. Other than that, perfect and well organized event. This was my first Sugcon .. ‘with a OPS point of view..’.

Hope you enjoyed the read as I did the conference!

Bram Stoop
System Engineer

What's your challenge?