The Building Plan: Thinking Architecturally

You are ready to level up your skills. Or, you've already been playing accidental architect, and need to have a structured plan to be designated as one. Well, your wait is over.

From the author of O'Reilly's best-selling “Head First Software Architecture” comes a full-day workshop that covers all that you need to start thinking architecturally. Everything from the difference between design and architecture, and modern description of architecture, to the skills you'll need to develop to become a successful architect, this workshop will be your one stop shop.

We'll cover several topics:

• What is architecture, what is design, and the spectrum between them
• The modern description of architecture
• Understanding architectural characteristics
• A brief coverage of some architectural styles
• Other skills you need to have to become a successful architect

This is an exercise heavy workshop—so be prepared to put on your architect hat!

System Design AI Mastery: Architecting for Scale, Speed, Reliability - Full Day

Modern system design has entered a new era. It’s no longer enough to optimize for uptime and latency — today’s systems must also be AI-ready, token-efficient, trustworthy, and resilient. Whether building global-scale apps, powering recommendation engines, or integrating GenAI agents, architects need new skills and playbooks to design for scale, speed, and reliability.

This full-day workshop blends classic distributed systems knowledge with AI-native thinking. Through case studies, frameworks, and hands-on design sessions, you’ll learn to design systems that balance performance, cost, resilience, and truthfulness — and walk away with reusable templates you can apply to interviews and real-world architectures.

Target Audience

Enterprise & Cloud Architects → building large-scale, AI-ready systems.

Backend Engineers & Tech Leads → leveling up to system design mastery.

AI/ML & Data Engineers → extending beyond pipelines to full-stack AI systems.

FAANG & Big Tech Interview Candidates → preparing for system design interviews with an AI twist.

Engineering Managers & CTO-track Leaders → guiding teams through AI adoption.

Startup Founders & Builders → scaling AI products without burning money.

Learning Outcomes

By the end of the workshop, participants will be able to:

Apply a 7-step system design framework extended for AI workloads.

Design systems that scale for both requests and tokens.

Architect multi-provider failover and graceful degradation ladders.

Engineer RAG 2.0 pipelines with hybrid search, GraphRAG, and semantic caching.

Implement AI trust & security with guardrails, sandboxing, and red-teaming.

Build observability dashboards for hallucination %, drift, token costs.

Reimagine real-world platforms (Uber, Netflix, Twitter, Instagram) with AI integration.

Practice mock interviews & chaos drills to defend trade-offs under pressure.

Take home reusable templates (AI System Design Canvas, RAG Checklist, Chaos Runbook).

Gain the confidence to lead AI-era system design in interviews, enterprises, or startups.

Workshop Agenda (Full-Day, 8 Hours)
Session 1 – Foundations of Modern System Design (60 min)

The new era: Why classic design is no longer enough.

Architecture KPIs in the AI age: latency, tokens, hallucination %, cost.

Group activity: brainstorm new KPIs.

Session 2 – Frameworks & Mindset (75 min)

The 7-Step System Design Framework (AI-extended).

Scaling humans vs tokens.

Token capacity planning exercise.

Session 3 – Retrieval & Resilience (75 min)

RAG 2.0 patterns: chunking, hybrid retrieval, GraphRAG, semantic cache.

Multi-provider resilience + graceful degradation ladders.

Whiteboard lab: design a resilient RAG pipeline.

Session 4 – Security & Observability (60 min)

Threats: prompt injection, data exfiltration, abuse.

Guardrails, sandboxing, red-teaming.

Observability for LLMs: traces, cost dashboards, drift monitoring.

Activity: STRIDE threat-modeling for an LLM endpoint.

Session 5 – Real-World System Patterns (90 min)

Uber, Netflix, Instagram, Twitter, Search, Fraud detection, Chatbot.

AI-enhanced vs classic system designs.

Breakout lab: redesign a system with AI augmentation.

Session 6 – Interviews & Chaos Drills (75 min)

Mock interview challenges: travel assistant, vector store sharding.

Peer review of trade-offs, diagrams, storytelling.

Chaos drills: provider outage, token overruns, fallback runbooks.

Closing (15 min)

Recap: 3 secrets (Scaling tokens, RAG as index, Resilient degradation).

Templates & takeaways: AI System Design Canvas, RAG Checklist, Chaos Runbook.

Q&A + networking.

Takeaways for Participants

AI System Design Canvas (framework for interviews & real-world reviews).

RAG 2.0 Checklist (end-to-end retrieval playbook).

Chaos Runbook Template (resilience drill starter kit).

AI SLO Dashboard template for observability + FinOps.

Confidence to design and defend AI-ready architectures in both career and enterprise contexts.

AI Security for Developers and Practitioners - full day

This full-day, hands-on workshop equips developers, architects, and technical leaders with the knowledge and skills to secure AI systems end-to-end — from model interaction to production deployment. Participants learn how to recognize and mitigate AI-specific threats such as prompt injection, data leakage, model exfiltration, and unsafe tool execution.

Through a series of focused labs, attendees build, test, and harden AI agents and Model Context Protocol (MCP) services using modern defensive strategies, including guardrails, policy enforcement, authentication, auditing, and adversarial testing.

The training emphasizes real-world implementation over theory, using preconfigured environments in GitHub Codespaces for instant, reproducible results. By the end of the day, participants will have created a working secure AI pipeline that demonstrates best practices for trustworthy AI operations and resilient agent architectures.

The course blends short conceptual discussions with deep, hands-on practice across eight structured labs, each focusing on a key area of AI security. Labs can be completed in sequence within GitHub Codespaces, requiring no local setup.
1.Lab 1 – Mapping AI Security Risks
Identify the unique attack surfaces of AI systems, including LLMs, RAG pipelines, and agents. Learn how to perform a structured threat model and pinpoint where vulnerabilities typically occur.
2.Lab 2 – Securing Prompts and Contexts
Implement defensive prompting, context isolation, and sanitization to mitigate prompt injection, hidden instructions, and data leakage risks.
3.Lab 3 – Implementing Guardrails
Use open-source frameworks (e.g., Guardrails.ai, LlamaGuard) to validate LLM outputs, enforce content policies, and intercept unsafe completions before delivery.
4.Lab 4 – Hardening MCP Servers and Tools
Configure FastMCP servers with authentication, scoped tokens, and restricted tool manifests. Examine how to isolate and monitor server–client interactions to prevent privilege escalation.
5.Lab 5 – Auditing and Observability for Agents
Integrate structured logging, trace identifiers, and telemetry into AI pipelines. Learn how to monitor for suspicious tool calls and enforce explainability through audit trails.
6.Lab 6 – Adversarial Testing and Red-Teaming
Simulate common AI attacks—prompt injection, model hijacking, and context poisoning—and apply mitigation patterns using controlled experiments.
7.Lab 7 – Policy-Driven Governance
Introduce a “security-as-code” approach using policy files that define allowed tools, query types, and data scopes. Enforce runtime governance directly within your agent’s workflow.
8.Lab 8 – Secure Deployment and Lifecycle Management
Apply DevSecOps practices to containerize, sign, and deploy AI systems safely. Incorporate secrets management, vulnerability scanning, and compliance checks before release.

Outcome:
Participants finish the day with a secure, auditable, and policy-controlled AI system built from the ground up. They leave with practical experience defending agents, MCP servers, and model workflows—plus learning for integrating security-by-design principles into future projects.

Bootiful Spring Boot: the Deep-Dive

Hi, Spring fans! Developers today are being asked to deliver more with less time and build ever more efficient services, and Spring is ready to help you meet the demands. In this workshop, we'll take a roving tour of all things Spring, looking at fundamentals of the Spring component model, look at Spring Boot, and then see how to apply Spring in the context of batch processing, security, data processing, modular architecture, miroservices, messaging, AI, and so much more.

Basics
which IDE? IntelliJ, VSCode, and Eclipse
your choice of Java: GraalVM
start.spring.io, an API, website, and an IDE wizard
Devtools
Docker Compose
Testcontainers
banner.txt
Development Desk Check
the Spring JavaFormat Plugin
Python, gofmt, your favorite IDE, and
the power of environment variables
SDKMAN
.sdkman
direnv
.envrc
a good password manager for secrets
Data Oriented Programming in Java 21+
an example
Beans
dependency injection from first principles
bean configuration
XML
stereotype annotations
lifecycle
BeanPostProcessor
BeanFactoryPostProcessor
auto configuration
AOP
Spring's event publisher
configuration and the Environment
configuration processor
AOT & GraalVM
installing GraalVM
GraalVM native images
basics
AOT lifecycles
Scalability
non-blocking IO
virtual threads
José Paumard's demo
Cora Iberkleid's demo
Cloud Native Java (with Kubernetes)
graceful shutdown
ConfigMap and you
Buildpacks and Docker support
Actuator readiness and liveness probes
Data
JdbcClient
SQL Initialization
Flyway
Spring Data JDBC
Web Programming
clients: RestTemplate, RestClient, declarative interface clients
REST
controllers
functional style
GraphQL
batches
Architecting for Modularity
Privacy
Spring Modulith
Externalized messages
Testing
Batch Processing
Spring Batch
load some data from a CSV file to a SQL database
Microservices
centralized configuration
API gateways
reactive or not reactive
event bus and refreshable configuration
service registration and discovery
Messaging and Integration
“What do you mean by Event Driven?”
Messaging Technologies like RabbitMQ or Apache Kafka
Spring Integration
files to events
Kafka
a look at Spring for Apache Kafka
Spring Integration
Spring Cloud Stream
Spring Cloud Stream Kafka Streams
Security
adding form login to an application
authentication
authorization
passkeys
one time tokens
OAuth
the Spring Authorizatinm Server
OAuth clients
OAuth resource servers
protecting messaging code

AI 3-in-1: Agents, RAG and Local Models

Learning and understanding AI concepts is satisfying and rewarding, but the fun part is learning how to work with AI yourself. In this 1/2 day workshop, author, trainer, and experienced technologist Brent Laster will help you do both! We’ll explain why and how to run AI models locally, the basic ideas of agents and RAG, and show how to assemble a simple AI agent in Python that leverages RAG and uses a local model through Ollama. And you'll get to follow through with hands-on labs and produce your own instance running on your system in a GitHub Codespace

In this workshop, we'll walk you through what it means to run models locally, how to interact with them, and how to use them as the brain for an agent. Then, we'll enable them to access and use data from a PDF via retrieval-augmented generation (RAG) to make the results more relevant and meaningful. And you'll do all of this hands-on in a ready-made environment with no extra installs required.

No experience is needed on these technologies, although we do assume you do have a basic understanding of LLMs.

AI for App Development

This hands-on workshop teaches developers how to build modern AI-driven applications using local LLMs, intelligent agents, and standardized tool protocols. Participants learn to move beyond simple prompting to architect production-ready AI systems that integrate reasoning, retrieval, and external data sources. The course emphasizes real-world implementation through step-by-step labs in GitHub Codespaces, requiring no local installs.

By the end of the workshop, attendees will have created functional AI agents that use Ollama for local model execution, FastMCP for standardized tool communication, and RAG (Retrieval-Augmented Generation) for context-grounded responses—all deployable to Hugging Face Spaces.

The course begins with an explanation of running models locally with tools like Ollama and LangChain. Participants progressively advance through seven structured labs covering the following topics :

1.Running Models Locally: Using Ollama to pull, serve, and query models such as llama3.2 via CLI, API, and Python integration.
2.Creating Agents: Building a reasoning agent that uses the Thought → Action → Observation loop to call weather APIs.
3.Exploring MCP (Model Context Protocol): Implementing standardized tool discovery and invocation through a FastMCP server-client setup.
4.Vector Databases: Indexing and searching local data with ChromaDB to enable semantic search and similarity matching.
5.RAG with Agents: Combining retrieval and reasoning so agents can access relevant context from external data sources.

    6.    Streamlit Web Application – Wrap the RAG agent in a modern web UI using Streamlit, complete with a memory dashboard, real-time status, and visual feedback.

1. Deploying to Hugging Face Spaces – Publish the Streamlit app to a live, shareable web environment, learning how to authenticate, push, and auto-deploy projects for public access.

Each lab reinforces the previous one, culminating in a fully functional, classification-driven RAG agent that demonstrates multi-domain reasoning, semantic search, and modular design.

Enforcing Architecture Decisions Using Tests

In the fast-paced world of software development, maintaining architectural integrity is a
continuous challenge. Over time, well-intended architectural decisions can erode, leading to unexpected drift and misalignment with original design principles.

This hands-on workshop will equip participants with practical techniques to enforce architecture decisions using tests. By leveraging architecturally-relevant testing, attendees will learn how to proactively guard their system's design, ensuring consistency, scalability, and security as the codebase evolves. Through interactive exercises and real-world examples, we will explore how testing can serve as a powerful tool for preserving architectural integrity throughout a project's lifecycle.

Key Takeaways
Participants will learn to:
Write architecture-driven tests that validate and enforce design constraints.
Identify architectural drift early and prevent unintended changes.
Maintain consistent, scalable, and secure architectures over time.
Collaborate effectively within teams to sustain architectural excellence.
Prerequisites
Basic Understanding of Software Architecture: Familiarity with architectural patterns and
principles
Experience with Automated Testing: Understanding of unit, integration, or system testing
concepts
Collaboration and Communication Skills: Willingness to engage in discussions and
teamwork
Experience working with Java
Optional
Familiarity with Static Analysis and Code Quality Tools: Knowledge of tools like ArchUnit,
SonarQube, or custom linters is beneficial but not required
Experience with Large-Scale Systems: Prior work on complex systems can enhance the

Key Takeaways:

Participants will learn to:
Write architecture-driven tests that validate and enforce design constraints.
Identify architectural drift early and prevent unintended changes.
Maintain consistent, scalable, and secure architectures over time.
Collaborate effectively within teams to sustain architectural excellence.

Prerequisites:

Basic Understanding of Software Architecture: Familiarity with architectural patterns and principles
Experience with Automated Testing: Understanding of unit, integration, or system testing concepts
Collaboration and Communication Skills: Willingness to engage in discussions and
teamwork
Experience working with Java

Optional
Familiarity with Static Analysis and Code Quality Tools: Knowledge of tools like ArchUnit,
SonarQube, or custom linters is beneficial but not required
Experience with Large-Scale Systems: Prior work on complex systems can enhance the

Full Stack Engineering - Encryption

If you ask the typical technologist how to build a secure system, they will include encryption in the solution space. While this is a crucial security feature, in and of itself, it is an insufficient part of the plan. Additionally, there are a hundred ways it could go wrong. How do you know if you're doing it right? How do you know if you're getting the protections you expect?

Encryption isn't a single thing. It is a collection of tools combined together to solve problems of secrecy, authentication, integrity, and more. Sometimes those tools are deprecated because they no longer provide the protections that they once did.Technology changes. Attacks change. Who in your organization is tracking and validating your encryption strategy? How are quantum computing advancements going to change the game?No background will be assumed and not much math will be shown.

Git features you aren't using

Git continues to see improvements daily. However, work (and life) can take over, and we often miss the latest changelog. This means we don't know what changed, and consequently fail to see how we can incorporate those in our usage of Git.

In this session we'll take a tour of some features that you might or might not have heard of, but can significantly improve your workflow and day-to-day interaction with Git.

Git continues to see improvements daily. However, work (and life) can take over, and we often miss the changelog. This means we don't know what changed, and consequently fail to see how we can incorporate those in our usage of Git.

In this session we will look at some features you are probably aware of, but haven't used, alongside new features that Git has brought to the table.

Hexagonal Architecture

This workshop will explore the principles of the Ports and Adapters pattern (also called the Hexagonal Architecture) and demonstrate how to refactor legacy code or design new systems using this approach. You’ll learn how to organize your domain logic and move UI and infrastructure code into appropriate places within the architecture. The session will also cover practical refactoring techniques using IntelliJ and how to apply Domain Driven Design (DDD) principles to ensure your system is scalable, maintainable, and well-structured.

What You’ll Learn:

1. What is Hexagonal Architecture?
   Understand the fundamental principles of Hexagonal Architecture, which helps isolate the core business logic (the domain) from external systems like databases, message queues, or user interfaces. This architecture is designed to easily modify the external components without affecting the domain.

2. What are Ports and Adapters?
   Learn the key concepts of Ports and Adapters, the core elements of Hexagonal Architecture. Ports define the interface through which the domain interacts with the outside world, while Adapters implement these interfaces and communicate with external systems.

3. Moving Domain Code to Its Appropriate Location:
   Refactor your domain code to ensure it is correctly placed in the core domain layer. You will learn how to separate domain logic from external dependencies, ensuring that business rules are isolated and unaffected by user interface or infrastructure changes.

4. Moving UI Code to Its Appropriate Location:
   Discover how to refactor UI code by decoupling it from the domain logic and placing it in the appropriate layers. You’ll learn how to use the Ports and Adapters pattern to allow the user interface to communicate with the domain without violating architectural boundaries.

5. Using Refactoring Tools in IntelliJ:
   Learn how to use IntelliJ’s powerful refactoring tools to streamline code movement. Techniques such as Extract Method, Move Method, Extract Delegate, and Extract Interface will be applied to refactor your codebase.

6. Applying DDD Software Principles:
   We’ll cover essential Domain-Driven Design principles, such as Value Objects, Entities, Aggregates, and Domain Events.

7. Refactoring Techniques:
   Learn various refactoring strategies to improve code structure, Extract Method, Move Method, Extract Delegate, Extract Interface, and Sprout Method and Class

8. Verifying Code with Arch Unit:
   Ensure consistency and package rules using Arch Unit, a tool for verifying the architecture of your codebase. You will learn how to write tests confirming your project adheres to the desired architectural guidelines, including separating layers and boundaries.

Who Should Attend:

This workshop is perfect for developers who want to improve their understanding of Ports and Adapters Architecture, apply effective refactoring techniques, and leverage DDD principles for designing scalable and maintainable systems.

Java Testing Lab: Test Driven Development (with Ai)

In this half-day workshop, we’ll practice Test-Driven Development (TDD) by solving a real problem step by step. You’ll learn how to think in tests, write clean code through refactoring, and use your IDE and AI tools effectively. We’ll also explore how modern Java features (like lambdas and streams) enhance testability, and discuss what’s worth testing — and what’s not.

• Process of Testing
• Refactoring and Clean Code
• Benefits
• Setting a Project
• Using IDEs to your absolute advantage
• What role do new Java 8 Lambdas play in testing
• What to test and what not to test
• Integration with Ai
• Property-Based Testing

MLOps Half Day Workshop

MLOps is a mix of Machine Learning and Operations. It is the new frontier for those interested in or knowledgeable about both of these disciplines. MLOps supports the operationalization of machine learning models developed by data scientists and delivers the model for processing via streaming or batch operations. Operationalizing Machine Learning Models is nurturing your data from notebook to deployment through pipelines.

In this workshop, we will describe the processes:

• Model Development
• Model Packaging
• Model Deployment
• Model Cataloging
• Model Monitoring
• Model Maintenance

Some of the technologies we will discover include:

• Airflow, Kubeflow, MLFlow
• Prometheus & Grafana
• TensorFlow, XGBoost,
• Serving
• Hyperparameter Tuning

Our exercises will include running and understanding MLFlow.

Platform Engineering: The What, Why & How

Platform engineering is the latest buzzword, in a industry that already has it's fair share. But what is platform engineering? How does it fit in with DevOps and Developer Experience (DevEx)? And is this something your organization even needs?

In this session we will aim to to dive deep into the world of platform engineering. We will see what platform engineering entails, how it is the logical succession to a successful DevOps implementation, and how it aims to improve the developer experience. We will also uncover the keys to building robust, sustainable platforms for the future

Practical API Design First in Action

APIs are everywhere! Yet, designing APIs that are intuitive, evolvable, and developerfriendly remains a challenge. This workshop introduces the API Design First approach, which emphasizes collaboration, consistency, and exceptional developer experience by focusing on crafting your API contract before implementation. We’ll explore why API Design First matters, how it compares to the traditional Code First method, and how adopting this approach can transform the way teams build APIs.

Through interactive exercises, you’ll gain handson experience with OpenAPI, learning to craft “good” API contracts grounded in RESTful principles. You'll also dive into API Design Reviews, participating in mock sessions to understand how collaboration can elevate the quality and consistency of your designs. By experiencing proven API Design First practices, you’ll leave with a clear roadmap to enhance your own APIs and elevate your organization’s API program. Whether you’re a developer, architect, or product manager, this workshop equips you with the skills, tools, and mindset to create APIs that deliver lasting value and exceptional developer satisfaction.

Vector Databases : Accelerating Learning and Discovery

If you are getting tired of the appearance of new types of databases… too bad. We are increasingly relying on a variety of data storage and retrieval systems for specific purposes. Data does not have a single shape and indexing strategies that work for one are not necessarily good fits for others. So after hierarchical, relational, object, graph, columnoriented, document, temporal, appendonly, and everything else, get ready for Vector Databases to assist in the systematization of machine learning systems.

This will be an overview of the benefits of vectors databases as well as an introduction to the major players.

We will focus on open source versus commercial players, hosted versus local deployments, and the attempts to add vector search capabilities to existing storage systems.

We will cover:

• A brief overview of vectors
• Why vectors are so important to machine learning and datadriven systems
• Overview of the offerings
• Adding vector search to other systems
• Sample use cases shown with one of the key open source engines

Web Security for APIs

There's a clear need for security in the software systems that we build. The problem for most organizations is that they don't want to spend any money on it. Even if they did, they often have no idea how much to spend. No particular initiative is likely to imbue your system with “security”, but a strong, deep defensive approach is likely to give you a fighting chance of getting it right.

Web Security as applied to APIs in particular are an important part of the plan. In this workshop, we'll show you how approaches to defining “enough” as well as concrete techniques to employ incrementally in your designs.

In this workshop, we will pick a hands on framework for implementation, but the ideas will generally be standards-based and transcend technology choice so you should have a strategy for mapping the ideas into your own systems.

We will cover a broad range of topics including:

• The concepts behind Building Security in
• Designing for Security
• Authentication and Authorization Strategies
• Identity Management
• Protecting Data in transit
• Protecting Data at rest
• Frameworks for selecting security features
• Attack and Threat Models for APIs

What's New In Java Half-Day Part 1

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• sealed classes
• record
• Pattern Matching
• Text Blocks
• switch expressions
• Stream Gatherers
• Flexible Constructor Bodies

What's New In Java Half-Day Part 2

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• Implicitly Declared Classes & Enhanced Main Methods
• Simple Web Server
• HTTPClient
• Multi-File Source Launching
• JShell
• Stable Values