LinuxCon + CloudOpen + ContainerCon NA 2015: Full Schedule

Visit the LinuxCon Website
Visit the CloudOpen Website
Visit the ContainerCon Website

11:00am PDT

OpenStack Neutron: What's New In Kilo and a Look Toward Liberty - Kyle Mestery and Carl Baldwin, HP

OpenStack Neutron is a networking as a service technology to enable a scalable, pluggable, cloud networking technology for OpenStack deployments. Neutron has continued to evolve such that it has now over 50 plugins and drivers from open source projects and vendors. The project itself has continued to scale as the number of developers has grown. With each release, the team works to enhance the experience for those submitting code.

In this talk we'll cover some of the new features and enhancements made in the Kilo release of Neutron. We'll also look forward to the upcoming Liberty release and show some enhancements underway for this release. And finally, we'll discuss some operational changes the project has made to smooth the developer experience.

Speakers

Carl Baldwin

Senior Engineer II, DigitalOcean

Carl started his career developing electronic design automation software with HP’s microprocessor design projects: PA-RISC and Itanium. Years later, he spent a short time on a few of HP's network attached storage products. The whole time, he felt drawn to computer networking. He... Read More →

Kyle Mestery

Senior Principal Engineer, Intel

I am a technology executive and distinguished engineer with experience building teams to deliver cloud security solutions using a combination of open source and custom software. I write code, architecture documents, and help mentor members of the team to perform their best. In Open... Read More →

Monday August 17, 2015 11:00am - 11:50am PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

11:00am PDT

oVirt Integration with Foreman and Katello - Bringing Your Virtualized Data-Center Into The Next Level - Yaniv Bronheim, Red Hat

In the session Yaniv will present oVirt, Foreman, and how oVirt integrates with Foreman to ease different flows in the system.
Foreman is a servers management product that allows the user to control each part of the hardware life cycle - Starting with provisioning and ending with a fully operational server.
Foreman provides much more but we will concentrate on provisioning abilities. In the session Yaniv will show how external products can use Foreman's RestAPI for servers management manipulations.
oVirt 3.5 integration with Foreman allows us to bring new bare-metal hardware to a fully operational hypervisor in one click from one central management dashboard. In oVirt 3.6 we plan to expose also package management, configurations control, upgrade flows and more abilities which uses Foreman's force.
Yaniv will present and explain the way those flows work in detail.

Speakers

Yaniv Bronheim

Senior Software Engineer, RedHat

My name is Yaniv Bronhaim, a Senior Software Engineer from Red-Hat. I contributed to the oVirt project (the community project for RHEV-M). I'm an active maintainer for the VDSM project and responsible for the VDSM oVirt community. Nowadays I developed in various environments based... Read More →

Monday August 17, 2015 11:00am - 11:50am PDT
Issaquah

CloudOpen Developer Experience Level - Intermediate

11:00am PDT

Running Distributed Services at Scale in the Cloud - Chris Barclay, Amazon

It is relatively easy to run a few containers on your laptop, but building and maintaining an entire infrastructure to run and manage distributed applications is hard and often requires a lot of undifferentiated heavy lifting. In this talk we will discuss some of the core architectural principles underlying Amazon EC2 Container Service (ECS), a highly scalable, high performance service to run and manage distributed applications using the Docker container engine. We will walk through a number of patterns used by our customers to run their microservices platforms, to run batch jobs, and for deployments and continuous integration. We will dive deep into the Amazon ECS Service Scheduler that is optimized for long running applications by monitoring container health, restarting failed containers, and load balancing across containers.

Speakers

Chris Barclay

Chris Barclay is the product manager for Amazon EC2 Container Service. Before Amazon, he worked as a product manager, a developer, and various other roles at a handful of software companies, ranging from one the world’s largest to some of the world’s smallest.

Monday August 17, 2015 11:00am - 11:50am PDT
Grand Ballroom A

CloudOpen Experience Level - Intermediate Operations

11:00am PDT

Building Clustered Applications with Kubernetes and Docker - Steve Watt, Red Hat

Kubernetes is a relatively new Apache Licensed project originating from Google that provides a framework for building clustered applications that run in Docker containers. This talk will begin with an introduction to the Kubernetes project and discuss the architectural principles behind the project. We will then explore how to implement and deploy Kubernetes and then close with walk-throughs of how to build several different kinds of containerized applications using Kubernetes.

Speakers

Stephen Watt

Consulting Software Engineer, Red Hat

Steve Watt is a Consulting Software Engineer at Red Hat and is a member of the Kubernetes Storage Special Interest Group (SIG). Steve leads Red Hat’s Platform (OpenShift and RHEL Atomic) and Storage (Gluster and Ceph) engineering initiatives for Container Storage.

Kubernetes ContainerCon pdf

Monday August 17, 2015 11:00am - 11:50am PDT
Grand Ballroom B

ContainerCon Developer Experience Level - Intermediate

11:00am PDT

Managing Kubernetes and OpenShift with ManageIQ - Alissa Bonas, Red Hat

Kubernetes presents many challenges to the IT person that needs to deploy and administer the cluster. This session will cover how the Open Source ManageIQ Kubernetes and OpenShift providers cover the lifecycle of Kubernetes, leveraging ManageIQ advanced features and allow a clear view for the administrators of the system, while
still abstracting the different container technologies and terminology to the IT admin (Kubernetes, Amazon ECS, etc.)

The solution shows the relationships between the entities and their related events, the insight on what is running on each Kubernetes node, capacity and utilization, managing the nodes and their underlying infrastructure (OpenStack, oVirt, VMWare, etc) from a single system, root cause analysis across the layers and deployment aspects.

Speakers

Alissa Bonas

Engineering manager, Red Hat

Alissa Bonas is an engineering manager in Kiali open source project at Red Hat. She has development experience in several programming languages, and is a contributor and a maintainer in many open source projects. Alissa has been working with Kubernetes from its early days, and has... Read More →

Monday August 17, 2015 11:00am - 11:50am PDT
Willow A

ContainerCon Experience Level - Intermediate Operations

11:00am PDT

Xen and Docker: Uniting Best of Both Worlds - Oliver Lambert, Vates

Containers and hypervisors are different technologies. And also they lead to different usage, sometimes contradictory: Xen is a powerful hypervisor, allowing SysAdmins to build strong IT infrastructures, with security, control, resources isolation and flexibility. Docker is a container project bringing simplicity and universality for developers to build, test and ship their applications without thinking of what’s behind it. That’s why if you let everyone create Docker containers on your whole infrastructure, it will surely wreak havoc: CPU, RAM, network or disk usage without limits could lead to very serious problems. This talk will cover how developers can benefit from the flexibility containers provide, while avoiding potential shortcomings. By uniting Linux container and hypervisor technology, developers can get the best of both worlds and answer today’s cloud computing challenges.

Speakers

Olivier Lambert

CEO and co-founder, Vates

Olivier Lambert has been working with free software projects since 2005, deploying Xen since 2008. He was the creator of Xen Orchestra in 2009 and XCP-ng in 2018. He's one of the founder of Vates (https://vates.tech), a French company specialized in Open Source virtualization. Regular... Read More →

Monday August 17, 2015 11:00am - 11:50am PDT
Cirrus

ContainerCon Experience Level - Intermediate Operations

11:00am PDT

Lessons Learned Maintaining a Stable Tree - Sasha Levin, Oracle

If you're using any of the common Linux distros, you're using a stable kernel.

While it's easy to see why the concept of stable kernels is good, usually the way they work is hidden from the end users - who mistakenly assume that it's just a matter of "someone applying patches to older kernels".

This presentation will break the stable kernel process into smaller bits, and will explain how this seemingly complicated process (imagine sifting through 10000's of upstream commits) gets done, and will share personal experiences from maintaining the 3.18 stable tree.

The presentation will also cover some of the formal bits of stable kernels: how to submit patches, how to test them, and how to not piss off the maintainers.

Speakers

Sasha Levin

Kernel Engineer, NVIDIA

Sasha helps maintain the Linux Kernel Stable and LTS trees. He is currently employed by Google where he helps make Linux better. Previously, Sasha was employed by Microsoft and the Ksplice team in Oracle.

Monday August 17, 2015 11:00am - 11:50am PDT
Diamond

Developer Experience Level - Intermediate LinuxCon

11:00am PDT

Processing of Hardware Interrupts in Linux - Petr Holášek, Red Hat

Hardware interrupts are crucial part of I/O communication of Linux systems. Hardware topologies are very complex nowadays and minimizing interrupt processing latencies needs overview of the whole system, e.g. position of hardware on bus, loads of particular parts of hardware hierarchy from processors to NUMA nodes or special affinity requirements of drivers. This task is solved (or is tried to solve) either by manual pinning or by automated tools. Petr Holášek will thoroughly describe the irqbalance tool at the presentation. He will show its current interrupt distribution algorithm, possible improvements of it and prove or refute why this task cannot be done by kernel itself now.

Speakers

Petr Holasek

Monday August 17, 2015 11:00am - 11:50am PDT
Grand Ballroom C

Developer Experience Level - Intermediate LinuxCon

11:00am PDT

Move Fast and Upgrade Kernels - Yannick Brosseau, Facebook

Move fast is at the core of Facebook values, but applying it to our management of the kernel was not an easy road to take.
When we upgraded our fleet to 3.10 and now to 4.0, we faced many hurdle. And the technical ones where not the hardest challenges.
We first had to convince services owners that upgrading is beneficial and establish a trust that the new kernel won't break their
services. On the technical side, we'll talk about building, testing and deployment strategies and tooling. We'll mention our main issues and where do we go from now.

Speakers

Yannick Brosseau

Production Engineer, Facebook

Yannick is a Production Engineer at Facebook working on the kernel team. As such he works on improving the stability and performance of the kernels deployed on the Facebook infrastructure and develops testing, monitoring and deployment tools to help in this endeavor. nPreviously... Read More →

Monday August 17, 2015 11:00am - 11:50am PDT
Redwood

DevOps Experience Level - Intermediate LinuxCon

12:00pm PDT

Data Plane Acceleration Open Source - Margaret Chiosi, AT&T

The pivot of the networking industry to a virtualization environment has made data plane acceleration through a Linux environment critical for this industry to move into this environment. AT&T is at the forefront of this transition with a goal of moving 75% of our network by 2020 onto NFV and SDN platforms. AT&T thinks it is critical for the industry to converge ODP, DPDK and Linux IO into hopefully one set of solutions so that the VNFs will be able to focus on innovation in their space beyond getting higher throughput through a COTS/Linux environment. Should Virtual Switches and Virtual Routers be part of the Linux Operating System vs separate?

Speakers

Margaret Chiosi

Distinguished Network Architect, AT&T

Margaret Chiosi, Distinguished Network Architect AT&T Labs, has been involved in data networking for 30+ years. Margaret is currently focused on implementing the virtualization platform for network functions as well as SDN in the L1-L3 and mobility space (D2.0 Architecture). She has... Read More →

Monday August 17, 2015 12:00pm - 12:50pm PDT
Cedar

Business LinuxCon Experience Level - Intermediate

12:00pm PDT

OVN: Virtual Networking for Open vSwitch - Russell Bryant, Red Hat; Justin Pettit

OVN is a relatively new effort within the Open vSwitch project to provide native virtual networking support for OVS. Integration with OpenStack Neutron has been developed in parallel. OVN greatly simplifies what is needed from OpenStack Neutron to provide virtual networking with Open vSwitch. This presentation will review the capabilities of OVN and its OpenStack Neutron integration.

Speakers

Russell Bryant

Distinguished Engineer, Red Hat

Russell is a Distinguished Engineer in Service Delivery, leading SD's adoption of OVN across our managed services. Russell also has a long history with OVN, having helped create the project back in 2015 and leading the planning for product teams to take over ownership of OVN by 2... Read More →

Justin Pettit

Monday August 17, 2015 12:00pm - 12:50pm PDT
Grand Ballroom A

CloudOpen Developer Experience Level - Intermediate

12:00pm PDT

Reduce Time to Value: Focus First on Configuration Management Debt - Chris Sterling, CenturyLink

The value of software is only potential value until it is in users’ hands. There can be many roadblocks to software getting into those hands. These roadblocks tend to revolve around elaborate deployment pipelines stemming from Configuration Management Debt:
• Over-burdened release engineering and operations teams
• High coupling with centrally managed architecture element/component
• Source control practices that impact delivery velocity
• Too many variations/versions of the software supported in production
• Poor integration processes across architecture components and scaled team delivery
• Too many hand-offs between teams in order to release software to users
• Code changes feel too risky and takes too long to validate before releasing into production
• Poor documentation practices
This presentation will focus on how to reduce Configuration Management Debt.

Speakers

Chris Sterling

Senior Lead Product Manager, CenturyLink Cloud, CenturyLink

Chris Sterling is Senior Lead Product Manager, CenturyLink Cloud, involved with all things Cloud Foundry at CenturyLink Cloud. Chris has an extensive technology, process, and consulting background and brings his experience and deep passion for software development into his daily work... Read More →

Monday August 17, 2015 12:00pm - 12:50pm PDT
Issaquah

CloudOpen Developer Experience Level - Intermediate

12:00pm PDT

How Open Source is Driving DevOps Innovation - Gordon Haff, Red Hat

It’s no coincidence that all the interest around DevOps today comes at a time when open source technologies and processes are so dominant in cloud computing, data storage and analysis, and--increasingly--in networking. Innovations in Linux and other projects, including containers, configuration management, and continuous integration, are what make DevOps workflows and portable application deployments possible. But it’s also the result of open source culture, practices, and the tools supporting those practices that have made iterative development and collaboration such a powerful model for creating great software in communities. And now, they’re also providing a template for how to develop and operate applications internally within enterprises. In this session, we will discuss how open source tools and practices can be applied to create effective DevOps workflows and practices.

Speakers

Gordon Haff

Technology Advocate, Red Hat

Gordon Haff is Technology Advocate at Red Hat where he works on market insights; writes about tech, trends, and their business impact; and is a frequent speaker at customer and industry events. Among the topics he works on are edge, AI, quantum, cloud-native platforms, and next-generation... Read More →

Monday August 17, 2015 12:00pm - 12:50pm PDT
Aspen

CloudOpen Experience Level - Intermediate Wildcard

12:00pm PDT

Docker for Developers - Michael Hrivnak, Red Hat

Docker is not just for deployment. As a developer, there are many ways Docker can make you more productive, regardless of how your app gets deployed.

In this session, you will learn practical strategies for using Docker, including how to:

- Run unit tests locally in multiple environments with almost no overhead.
- Make your integration tests easy for anyone to run by distributing them in a Docker image.
- Simulate advanced network topologies, especially for a service-oriented architecture.
- Make a Docker image in 5 minutes or less that produces builds from a consistent environment.
- Isolate database state changes in your test suite by using a pool of disposable containers.

Speakers

Michael Hrivnak

Principal Software Engineer, Red Hat, Inc.

Michael Hrivnak is a Principal Software Engineer at Red Hat. During his time as Team Lead for the Pulp project, he became involved in solving real-world container orchestration problems. He now works in that domain as part of the Automation Broker project. With experience in both... Read More →

Monday August 17, 2015 12:00pm - 12:50pm PDT
Grand Ballroom B

ContainerCon Developer Experience Level - Intermediate

12:00pm PDT

In the Trenches: Deploying Containers in Production and at Scale - Sunil Shah, Mesosphere

Configuring containers on your Macbook is one thing. Running container-based architectures at the scale of Google, Twitter or even Yelp is something else altogether. Learn the secrets of building an architecture that can support millions and millions of containers running on thousands and thousands of host servers, handling everything from long-running application services to hourly batch-processing jobs. This talk will also cover the process-management aspects of running containers at scale, including how to empower developers, standardize configuration processes and reign in rogue tasks.

Speakers

Sunil Shah

Engineering Manager, Airbnb

Sunil Shah is an Engineering Manager at Airbnb. His team builds and maintains the Kubernetes-based platform that powers Airbnb.com. Prior to Airbnb, Sunil managed compute for Yelp, helped commercialise Apache Mesos at Mesosphere, studied robotics at UC Berkeley, and build ingestion... Read More →

ContainerCon Presentation pdf

Monday August 17, 2015 12:00pm - 12:50pm PDT
Cirrus

ContainerCon Developer Experience Level - Intermediate

12:00pm PDT

Libcontainer: One Lib to Rule Them All - Andrey Vagin, OpenVZ

Libcontainer is a new library for external and internal containers management. It has been born as a result of agreement between developers of Linux Containers. The goal of this library is to make container features available via an unified library which can be used with different languages. Libcontainer will help applications to work effectively in containers and use container technology for their own needs.
This talk will cover reasons of creating the new library, the current status and future goals for Libcontainers.

Speakers

Andrei Vagin

Virtuozzo, Virtuozzo

Andrew Vagin is interested in Container Virtualization (LXC, OpenVZ). He started to write autotest for OpenVZ in 2006, when he was a student at the Moscow Institute of Physics and Technology (MIPT). Now Andrew works in OpenVZ kernel team. In addition he is an active developer in the... Read More →

ContainerCon Andrey Vagin Seattle 2015 pdf

Monday August 17, 2015 12:00pm - 12:50pm PDT
Willow A

ContainerCon Developer Experience Level - Intermediate

12:00pm PDT

Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - Jerome Petazzoni, Docker

Containers are everywhere. But what exactly is a container? What are they made from? What's the difference between LXC, butts-nspawn, Docker, and the other container systems out there? And why should we bother about specific filesystems?

In this talk, Jérôme will show the individual roles and behaviors of the components making up a container: namespaces, control groups, and copy-on-write systems. Then, he will use them to assemble a container from scratch, and highlight the differences (and likelinesses) with existing container systems.

Speakers

Jérôme Petazzoni

Tinkerer Extraordinaire, Tiny Shell Script LLC

Jérôme was part of the team that built and launched Docker. He worked there for 7 years. These days he teaches Kubernetes at Enix, a French Cloud Native shop. When he's not busy with computers, he collects musical instruments. He can arguably play the theme of Zelda on a dozen of... Read More →

Monday August 17, 2015 12:00pm - 12:50pm PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Wildcard

12:00pm PDT

GENEVE Tunnels for Linux Endpoints - John W. Linville, Red Hat

GENEVE is a tunneling protocol used to create virtual networks on top of real IPv4 and IPv6 underlay networks. In many ways GENEVE is similar to VXLAN, NVGRE, and other tunneling protocols, but it is designed to be more suitable than other existing technologies for meeting modern challenges.

An Open vSwitch virtual port implementation of GENEVE has been available for some time, but until recently there was no Linux kernel network driver implementation. Without such an implementation, it has been difficult or impossible to use GENEVE for connections to servers at the edge of a virtual network. More recently, I have been implementing such a driver.

This presentation will provide an overview of GENEVE and its features. It will also provide a progress report on the GENEVE network device implementation, and it will discuss ongoing work relating to use of GENEVE on Linux servers.

Speakers

John W. Linville

Kernel Engineer, Red Hat

As the former Linux kernel maintainer for wireless LANs, John presided over the transition of that subsystem from "constant heartache" to "mostly just works" status. More recently, John's technical pursuits have included SDN and NFV topics. Employed at Red Hat for over a decade, John... Read More →

Monday August 17, 2015 12:00pm - 12:50pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

12:00pm PDT

The Kernel Report - Jon Corbet, LWN.net

The Linux kernel is at the core of any Linux system; the performance and capabilities of the kernel will, in the end, place an upper bound on what the system can do as a whole. In this presentation, Jon Corbet will review recent events in the kernel development community, discuss the current state of the kernel, the challenges it faces, and look forward to how the kernel may address those challenges.

Speakers

Jonathan Corbet

Penguin herder, LWN.net

Jonathan Corbet is the kernel documentation maintainer, co-founder of LWN.net (and the author of its Kernel Page), a member of the Linux Foundation's Technical Advisory Board, and the lead author of Linux Device Drivers, Third Edition. He lives in Boulder, Colorado, USA.

Monday August 17, 2015 12:00pm - 12:50pm PDT
Grand Ballroom C

Developer Experience Level - Intermediate LinuxCon

2:20pm PDT

Cloud Orchestrators and Container Orchestrators, Any Difference? - Sebastien Goasguen, Citrix

Over the last 7 years, the cloud industry has been hard at work developing and operating so called cloud orchestrator. These orchestrators or data center schedulers or virtual machine management systems have succeeded to provide cloud capabilities to the enterprise.
They offer a self-service, elastic, pay as you go system at the data center infrastructure layer. These systems are known as IaaS. Interestingly with the advent of Docker, a new type of orchestrator are being developed (Swarm, Kubernetes, Rancher) they are tailored for containers rather than virtual machines. But is there a real difference between these systems. They both have a set of machines under management, they both receive request from users to place a computing entity onto a machine and they both try to handle large scale and resiliency. In this talk we will discuss these systems, trying to compare their capabilities and see if there is a real difference between them. What is at stake of course, is whether systems like CloudStack and OpenStack should orchestrate containers, or whether new systems like Kubernetes and Rancher should start dealing with virtual machines. Or whether we should let everyone do what it does best.

Speakers

Sebastien Goasguen

Citrix

Sebastien Goasguen is a Cloud Computing evangelist for Citrix. He is a Apache CloudStack committer and Program Management Committee (PMC) member. He has fifteen years of experience in distributed systems from high performance computing to clouds and big data systems. Recently he has... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Jefferson

CloudOpen Experience Level - Intermediate Operations

2:20pm PDT

Deploying OpenDaylight - Daniel Farrell, Red Hat

Docker, Vagrant, Puppet, Ansible, RPMs - oh my!

Quite a few new ways to deploy OpenDaylight were developed during the Lithium release cycle. This talk will guide you through the options, providing a technical overview and examples of each.

The speaker, Daniel Farrell, created most of the deployment options mentioned above. He’s also supporting OPNFV’s major OpenDaylight+OpenStack deployment effort from the upstream OpenDaylight side.

Speakers

Daniel Farrell

Software Engineer, Red Hat

Daniel Farrell is a Software Engineer on Red Hat’s SDN Team, where he contributes to upstream ODL and OPNFV. He has been involved in SDN since it emerged from Stanford, including early OpenFlow and OpenStack work. He’s now an active committer on ODL’s Integration Team. During... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Issaquah

CloudOpen Wildcard Experience Level - Intermediate

2:20pm PDT

Converting Existing Installed OS and Applications to Docker - Marc Merlin, Google

Google has been using the same shared server image between the booting OS and the applications that runs in containers. Container solutions like docker were designed to let you run an application on a vanilla OS image. This is great if you want to totally decouple a new application from the underlying OS. This is not great if you don't want to have to maintain 2 operating systems (the host one and the container one) if you already have well customized OS, and if you simply want to run some existing applications in a container. This gives you the security benefit from resource/disk/network separation between untrusted applications and the rest of your operating system without having to start from scratch with a base OS and lots duplicate packages between the container and the host OS. More importantly this lets you switch existing working applications to a state where half their functionality (like the web facing portion with untrusted php code) runs in a read only container, while the backend that needs access to local disk and network resources, run outside the container, and post the data to a filesystem that is only read only in the container but sufficient for serving results.

You also benefit from completely controlling the container image and not relying on an image retrieved from the internet that may not be trustworthy by reusing the exact same OS image inside and outside the container, also minimizing upgrade time and cost.

My talk will show how to use docker to achieve those goals and get a chance to containerize applications that you probably wouldn't get around to run in containers otherwise

Speakers

Marc Merlin

Linux Engineer, Google

Marc has been using linux since 0.99pl15f (slackware 1.1.2, 1994), both as a sysadmin and userland contributor. He has worked for various tech companies in the Silicon Valley, including Network Appliance, SGI, VA Linux, Sourceforge.net, and now Google both a server sysadmin and software... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Cirrus

ContainerCon Developer Experience Level - Intermediate

2:20pm PDT

The App Container Spec - Jonathan Boulle, CoreOS

Application containers are taking the Linux community by storm. While some of the underlying technologies and concepts are mature, best practices and the software itself are evolving rapidly and the field is arguably still in its infancy. Nonetheless, 2015 has been declared by some to be the "year of the production-ready container."

The App Container spec project (appc) was announced in late 2014 as an effort to create a common, interoperable and well-defined specification standardizing what "application containers" are. The subsequent months saw the spec being widely adopted and implemented in the industry. This talk will give an overview of the state of the union in the appc world. It will review the history and evolution of the App Container project as it went from just an idea to a solidified specification with a number of production-ready implementations on different platforms.

Speakers

Jonathan Boulle

Jonathan Boulle is working on all things containers at CoreOS, driving the App Container specification and development of rkt, the application container runtime. Previously he was one of the lead engineers on fleet, contributed heavily to etcd, and, in a past life, worked on Twitter's... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Developer

2:20pm PDT

Get Ship Done - Charles Eckel, Cisco & David Tootill, Cisco

Developers are driving the market for cloud consumption and leading each industry into the new era of software defined disruption. There are no longer questions about elastic and flexible agile development as the way to innovate and reduce time to market for businesses. However, Physical and cloud Infrastructure does not enable application development platforms natively nor provide the ability to create applications that are cloud native with elastic services. In addition, businesses are moving to application development architectures leveraging microservices which are becoming more strategic to their business strategy. When making the decision to build and operate an application on physical or on a cloud platform, microservices became central to your application architecture and strategy. This presentation will clearly define what a microservices infrastructure is and how it enables elastic, flexible, and portable application workload deployment. It introduces Cisco's cloud-based Shipped product that addresses these continuous evolving needs, and includes a demo of using Shipped to set up a development project and deploy it to the cloud in minutes, including creation of associated source repositories and continuous integration builds. Lastly it introduces DevNet (devnet.cisco.com), Cisco’s developer program, which provides resources to help you learn and use Shipped and other Cisco technologies to create innovative solutions quickly.

Speakers

Charles Eckel

Principal Engineer, Global Technology Standards, Cisco

Charles is a recognized champion of open source, standards, and interoperability. As a member of Cisco's Global Technology Standards team, Charles is responsible for identifying and guiding open source efforts related to key standards initiatives. In IETF, he started and runs the... Read More →

David Tootill

Innovation Architect, Cisco

David Tootill is a senior developer and architect for Cisco Systems, currently working on their forthcoming Shipped product for rapid development and deployment to the cloud. He has co-founded two software companies, and is the principal architect and developer of three major software... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Willow A

ContainerCon Experience Level - Intermediate Operations

2:20pm PDT

Large Scale Container Management with LXD and OpenStack - Stéphane Graber, Canonical

LXD, our new container manager (lightervisor) can either be driven by a simple command line tool or through an OpenStack Nova Compute plugin.

This talk focuses on the latter. The LXD integration with OpenStack that's developed and shipped in Ubuntu makes it possible to mix virtual machines and containers in a safe, scalable and very natural way.

This means that with nova-compute-lxd, it's now possible to have some users get regular VMs and some others get containers, using the exact same source image. Management of the resulting container also works exactly like a virtual machine would, with the difference that it's much faster and less resource hungry than a full fledged virtual machine.

This talk will go over what nova-compute-lxd is, go through some performance tests we did and include a brief demo of nova-compute-lxd in action.

Speakers

Stéphane Graber

Software Engineer, Canonical Ltd.

Stéphane Graber works as the technical lead for LXD at Canonical Ltd. He is the upstream project leader for LXC and LXD and a frequent speaker and track leader at the various containers and other Linux related events.Stéphane is also a long time contributor to the Ubuntu Linuxdistribution... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Grand Ballroom B

ContainerCon Operations Experience Level - Intermediate

2:20pm PDT

Catch Up on the Raspberry Pi - Ruth Suehle, Red Hat

Maybe you bought a Raspberry Pi a year or two ago and never got around to using it. Or you built something interesting, but now there's a new Pi and new add-ons, and you want to know if they could make your project even better?

The Raspberry Pi has grown from its original purpose as a teaching tool to become the tiny computer of choice for many makers, allowing those with varied Linux and hardware experience to have a fully functional computer the size of a credit card powering their ideas. Regardless of where you are in Pi experience, join Ruth Suehle and Tom Callaway to hear some of the best tricks for getting the most out of the Raspberry Pi. They'll also share some of the best projects they and others have built, from gaming devices to home automation, and they'll fill you in on what the Raspberry Pi 2 can help you do.

Speakers

Ruth Suehle

Director, Community Outreach, Open Source Program Office, Red Hat

Ruth Suehle is Director of Community Outreach in Red Hat’s Open Source Program Office. She is also executive vice-president of the Apache Software Foundation, co-chair of the Free and Open Source Software SIG in the International Game Developers Association (IGDA), and governing... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Redwood

Developer Experience Level - Intermediate LinuxCon

2:20pm PDT

Extending the Secure Boot Certificate and Signature Chain of Trust in the OS - Fionnuala Gunter, Hypori

The Linux kernel's integrity subsystem verifies and enforces file
integrity based on file signatures. Files are currently signed, post
install, by walking the file system - a time consuming process. A better, more complete,
solution is to include file signatures in software packages, similar to
the existing file hashes. This enables files to be automatically labeled
with signatures during installation.

This talk describes extending the UEFI secure boot certificate chain of
trust to the OS to prevent unauthorized software/files from being
executed or accessed. It will cover proposed software package manager
changes for including and installing file signatures, locally signing
certificates used for verifying file signatures, and loading the signed
certificates onto the trusted IMA keyring.

Speakers

Fionnuala Gunter

Security Software Developer, Hypori

Fionnuala Gunter extended RPM Package Manager to include and install file signatures while at IBM. She is currently a Security Developer at Hypori.

Extending Secure Boot pdf

Monday August 17, 2015 2:20pm - 3:10pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

2:20pm PDT

Kernel Network Stack Challenges at Increasing Speeds - Jesper Brouer, Red Hat

As network speeds continue to increase from 10Gbit/s, to 40Gbit/s, and very soon to 100Gbit/s the rate at which packets can arrive increases, and as a result the amount of of time to process packets decreases to as little as 6.7ns per packet at 100Gbit/s.

This talk explains the challenges the kernel network stack is facing, and describe some strategies and mitigation techniques to handle these increasing network speeds.

Recent improvement to the TX layer will be explained, but it cannot standalone. Further improvements to the RX layer and qdisc layer are still needed.

The memory subsystem is also pressured to its limits, and plumbering and cooperation between networking and MM (Memory Management) kernel developers are needed.

Speakers

Jesper Brouer

Linux Kernel Developer, Red Hat Inc

Jesper Dangaard Brouer is senior Kernel Engineer at Red Hat, and is part of the team that maintains the Linux Kernel Network Stack. He is working from the comfort of this home in Denmark, outside Copenhagen. He has participated in several invitation only developer conferences, including... Read More →

net stack challenges 100G pdf

Monday August 17, 2015 2:20pm - 3:10pm PDT
Grand Ballroom C

Developer Experience Level - Intermediate LinuxCon

2:20pm PDT

Resurrecting Internet Booting - Boot Boot, Booting Over the Internet - John Hawley, Intel

Boot Boot is the spiritual successor to a project that met an untimely demise in 2011, however it's now 2015 and the band is getting back together. Boot Boot will explore the technologies and pieces needed to create and run an internet booting infrastructure, as well as explore network booting in the general sense. There will be a discussion of how to either integrate with Boot Boot, or take the respective pieces and run them in your own infrastructure. The use cases are more obvious now with the greater proliferation of cloud deployments, virtual machines and the ubiquity of high speed internet.

Speakers

John Hawley

Open Source Developer, VMware - OSPO - OSTC

John 'Warthog9' Hawley led the system administration team on kernel.org for nearly a decade. His other exploits include working on Syslinux, OpenSSI, a caching Gitweb, and patches to bind to enable GeoDNS. He's the author of PXE Knife, Boot Boot, as well as SyncDiff(erent) a state-full... Read More →

Monday August 17, 2015 2:20pm - 3:10pm PDT
Diamond

DevOps Experience Level - Intermediate LinuxCon

3:20pm PDT

Application Containers Stack, rkt to Kubernetes - Brandon Philips, CoreOS

Organizations use tools based on Linux containers like Docker and rkt because it lets teams separate physical and VM infrastructure from applications. Containerization brings real benefits for devops at companies large and small, but also unique challenges with getting started: primarily it introduces a number of new concepts and ideas.

Come learn those concepts from: rkt, an app container runtime for Linux, to the Kubernetes cluster management system. Understand key rkt features like the concept of pods, image verification, container network configuration and integrations with init systems and cluster orchestration tools. Learn how Kubernetes can take those containers and deploy them on a set of cohesive cluster APIs and concepts.

This session brings it together to build an app container image, mirror that image on an HTTP endpoint and deploy it on top of a Kubernetes cluster.

Speakers

Kelly Tenn

Kelly Tenn, CoreOS

Monday August 17, 2015 3:20pm - 4:10pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Developer

3:20pm PDT

Building High-Performance NFV Solutions Using Containers - Jun Nakajima, Intel

Although the light-weight container infrastructure provides VNFs (Virtual Network Function) with high density and efficiency, we have challenges when building high-performance NFV solutions using containers. In our view, two are outstanding there: 1) network configuration, especially with SR-IOV, and 2) performance isolation to guarantee deterministic execution with minimal latency and jitters.

In this present, we will share best practices and our solutions to those challenges. We will 1) talk about network configuration options for SR-IOV, performance, and security, and 2) discuss real-time requirements, cgroups, real-time containers, and soft partitioning to achieve deterministic execution for data plane VNF containers. We will also touch on container/hypervisor coexistence, including our KVM enhancements for NFV, some of which are applicable to containers as well.

Speakers

Jun Nakajima

Sr. Principal Engineer, Intel Corporation

Jun Nakajima is a Senior Principal Engineer at the Intel Open Source Technology Center, leading virtualization and security for open source projects. Jun presented a number of times at technical conferences, including LSS, KVM Forum, Xen Summit, LinuxCon, OpenStack Summit, and USENIX... Read More →

Monday August 17, 2015 3:20pm - 4:10pm PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Developer

3:20pm PDT

Getting Started with Embedded AArch64 Development - Mark Charlebois, Qualcomm Technologies

Mark Charlebois, Director of Open Source Software Strategy at Qualcomm Technologies, Inc., will provide an overview of the current state of embedded Linux SW for the AArch64 platform, and will use the low cost DragonBoard 410c community board as an example platform. A brief overview of the 96 Boards specification will be presented, including certain “gotchas” to be aware of. The presentation will also cover where to find developer resources, how to build a kernel with the necessary features, toolchain and distro options, and will cover the experience using the board for rapid prototyping for the AARCH64 platform.

Speakers

Mark Charlebois

Director Open Source Software Strategy, Qualcomm

Mark Charlebois is a Director of Open Source Software Strategy at Qualcomm Technologies Inc. (QTI), a subsidiary of Qualcomm, Inc. He has been developing software for Unix, Linux and embedded systems for more than 25 years, and currently contributes to the PX4 Firmware project and... Read More →

Monday August 17, 2015 3:20pm - 4:10pm PDT
Diamond

Developer Experience Level - Intermediate LinuxCon

3:20pm PDT

Why Link-State Matters - Andy Gospodarek

For most of it's existence the default behavior for the Linux kernel has been what most would consider a 'weak host' model. This will means that the kernel will chose to forward frames by any means necessary to ensure connectivity between a source and destination. Unfortunately one of the system states not taken into consideration when making a routing decision is outgoing link-state. In the past, the Linux kernel has relied on an array of userspace applications to solve this problem and either remove routes or perform configuration changes when link state changes. This talk will cover recent kernel changes that provide a configuration option to change route table behavior based on link-state, the benefits of this in the kernel for users and administrators, and possible future development plans for this feature.

Speakers

Andy Gospodarek

Software Architect, Broadcom

Initially worked at LVL7 (acquired by Broadcom in 2007) doing application porting ("Why doesn't this work on Linux?") and later doing platform and board support for an embedded network operating system product. Moved to Red Hat in 2005 and spent most of his time maintaining network... Read More →

Monday August 17, 2015 3:20pm - 4:10pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

3:20pm PDT

Linux Kernel Networking Walkthrough - Thomas Graf, Noiro Networks

This presentation features a walk through the Linux kernel networking stack for users and developers. It will cover insights into both, existing essential networking features and recent developments and will show how to use them properly. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as networking namespaces, segmentation offloading, TCP small queues, and low latency polling and will discuss how to configure them.

Speakers

Thomas Graf

Noiro Networks (Cisco), Noiro (Cisco)

Thomas Graf has been a Linux kernel developer for 10 years, working on a variety of networking subsystems. His current focus is on network virtualization and SDN. He contributes to various open source projects, such as the Linux kernel and Open vSwitch. Thomas is currently at Noiro... Read More →

Monday August 17, 2015 3:20pm - 4:10pm PDT
Grand Ballroom C

DevOps Experience Level - Intermediate LinuxCon

3:20pm PDT

Building Containerized Applications - Dusty Mabe, Red Hat & Daniel Walsh, Red Hat

Note: Please ensure that you bring your personal laptop to this lab, and seating is only available for 50 participants.

In this hands-on lab, learn how to use Project Atomic's container technologies around docker, Kubernetes and the Atomic App to create multi-container applications from scratch and from existing applications. See how to deploy the new containers to the Atomic Host and Openshift.

In this lab, you will:

Quickly develop a basic containerized application.
Migrate a simple popular application to a containerized version.
Deploy your new applications to a container host.

You’ll get a feel for the the use of containerization across traditional Enterprise IT and devops use scanarios. Understand different container host platforms and learn how to choose the best one for your container needs. Plus, you’ll understand what to consider when thinking about implementing a containerized microservices architecture.

Speakers

Dusty Mabe

Principal Software Engineer, Red Hat

Dusty Mabe is a Principal Software Engineer at Red Hat helping to enable container technologies in next generation datacenters and the cloud. He is currently participating in several upstream projects that help build a strong platform for containerized applications to run. In the... Read More →

Dan Walsh

Senior Distinguished Engineer, Red Hat

Daniel Walsh has worked in the computer security field for over 30 years. Dan is a Consulting Engineer at Red Hat. He joined Red Hat in August 2001. Dan leads the Red Hat Container Engineering team since August 2013, but has been working on container tec

Monday August 17, 2015 3:20pm - 5:10pm PDT
Willow A

ContainerCon Developer Experience Level - Intermediate

4:20pm PDT

Private Cloud is Dead, Long Live Public Cloud - James Bottomley, Odin

A recent report by Gartner showed that the number of virtual instances belonging to the enterprise but not running in the enterprise data centre is growing rapidly (up from 3% in 2011 to 20% in 2014). This rapid flight is generated by novel technologies (like containers) which are being delivered by outside service providers but are not available within the enterprise data centre. The primary trend the enterprise is questing for is agility, which aligns very well with Docker and the Container ecosystem.

This talk will explain how containers drive agility, why the enterprise is seeking it and also explore what the future holds in this brave new world (how much flight does there have to be before the enterprise data centre ceases to exist in its own right). We will also review some of the technologies designed to save the enterprise data centre and why they are doomed to failure.

Speakers

James Bottomley

Distinguished Engineer, IBM

James Bottomley is a Distinguished Engineer at IBM Research where he works on Cloud and Container technology. He is also Linux Kernel maintainer of the SCSI subsystem. He has been a Director on the Board of the Linux Foundation and Chair of its Technical Advisory Board. He went to... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Issaquah

Business CloudOpen Experience Level - Intermediate

4:20pm PDT

At-Scale Datacenters and the Demand for New Storage Architectures - Allen Samuels, San Disk

Best practices of large-scale data centers are changing the way that storage is being built and delivered. New technologies such as storage over converged networking infrastructure, heterogeneous replication strategies, scalable object storage and low-cost enterprise grade flash memory are experiencing rapid adoption in the market place. These new technologies place new and heavier demands on kernel and storage management software which must evolve to meet these needs.

Speakers

Allen Samuels

Engineering Fellow, Western Digital

Allen joined SanDisk in 2013 as an Engineering Fellow, he is responsible for directing software development for SanDisk’s system level products. He has previously served as Chief Architect at Weitek Corp. and Citrix, and founded several companies including AMKAR Consulting, Orbital... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Cedar

Business LinuxCon Experience Level - Intermediate

4:20pm PDT

Cloud Foundry on OpenStack: It’s what's on the Stack That Matters! - Ramiro Salas, Pivotal

The goal for both OpenStack and Cloud Foundry foundations is to build open source software and communities. The software is intended for public, private and managed clouds. CloudFoundry is intended for a variety of IaaS including vSphere, OpenStack and Amazon Web Services.

Attend this session for a quick technical overview of Cloud Foundry and to be able to deploy a variety of apps. on the platform that handle requirements such as HA, Scaling, Logging, Monitoring, Debugging, etc.

After attending this session you should be able to walk away with a good understanding of Cloud Foundry and how it complements an IaaS like OpenStack.

Speakers

Ramiro Salas

Staff Technologist II, VMware, Inc.

Ramiro Salas (CISSP), is a technologist with VMware R&D, specializing in Networking, Security, and modern development platforms, with over 30 years of experience in the software and telecom industries in multiple countries. He was CTO of the first privately owned ISP in Chile in 1995... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

4:20pm PDT

KVM, OpenStack, and the Open Cloud - Adam Jollans, IBM and Mike Kadera, Intel

KVM is the primary hypervisor used in OpenStack deployments, combining two major open source projects to deliver open cloud computing. This presentation will review the architecture of both KVM and OpenStack, highlight the potential synergies and benefits, and discuss production OpenStack cloud deployments which use KVM. It will also look forward to future developments in KVM, OpenStack and their ecosystems and how these will influence open cloud computing.

Speakers

Adam Jollans

Linux Strategy Manager, IBM

Adam Jollans is currently leading the worldwide cross-IBM Linux and open virtualization strategy for IBM. He has been involved with Linux and open source since 1999, and previously was a programmer and supported customer projects. He graduated from Cambridge University with a degree... Read More →

Michael Kadera

Open Source Technology, Intel

Michael Kadera works in Intel’s Open Source Technology Center leading the Cloud & Data Center Technical Marketing Engineering team. Michael has over 18 years-experience in Intel leading enterprise software development, Cloud and Infrastructure DevOps teams. Michael led Intel... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Grand Ballroom A

CloudOpen Experience Level - Intermediate Operations

4:20pm PDT

The 7 Characteristics of Container Native Infrastructure - Casey Bisson, Joyent

Containers are changing the manner in which applications are run across all data centers. However, it’s time to improve the efficiency of containers by removing VMs altogether and enabling containers to exist as first class citizens in the datacenter. The removal of the VM is just one of the seven characteristics of container-native infrastructure that offers specific performance and operational advantages to Docker in production.

From more convenient networking to improved host management and overall better performance, container-native infrastructure is the future of the data center. In this session, Joyent Product Manager Casey Bisson will explore the difference between container-native and legacy infrastructure, including a side-by-side demonstration of clear differences.

Speakers

Casey Bisson

Joyent

Casey Bisson is an engineer and product manager at Joyent, the container infrastructure company. At Joyent, he helps lead and deploy SmartDataCenter for on-premises and hybrid clouds. Prior to Joyent, he was Director of Engineering at Gigaom where he assembled an in-house engineering... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Cirrus

ContainerCon Developer Experience Level - Intermediate

4:20pm PDT

Avocado: Open Source Softtware Testing Made Easy - Lucas Meneghel Rodrigues, Red Hat

Automated testing tools have often been developed to help dedicated testing teams. Those tools are usually designed with the workflow of these teams in mind, and it's our experience that the resulting product has a bunch of great features, but often comes with a steep learning curve. That curve tends to alienate an important part of the development team's base.

Avocado (http://avocado-framework.github.io/) is a new testing framework, developed to give developers an easy to approach test runner. It also features testing APIs for multiple languages, integration with GDB and profiling tools, and a plugin system that lets developers modify the framework in new useful ways, such as adding new test exchange data formats. This presentation briefly covers Avocado's design goals, followed by a more thorough demo of its capabilities and use cases.

Speakers

Lucas Meneghel Rodrigues

Senior Software Engineer, Amazon

Lucas is a Senior Software Engineer working for Amazon. Founder and co-maintainer of the avocado testing framework (https://github.com/avocado-framework/avocado), maintainer of the Autotest framework and contributor/maintainer of other automated testing related subjects (https://github.com/autotest... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

4:20pm PDT

MariaDB: The New MySQL is FIve Years Old & Everywhere - Colin Charles, MariaDB

MariaDB is now shipping in every Linux distribution and is the default MySQL in many. Come to this talk and learn about how to manage the new MySQL with all the advanced options available to both developers and operators. Some highlights include: * using authentication plugins, like PAM, and turning on two-factor authentication * Using & managing various storage engines in your queries: SphinxSE for full-text search, connecting to a Cassandra cluster, making use of ODBC & other various data sources via CONNECT (eg. joining data from Microsoft SQL Server with MariaDB is entirely possible), and automatic sharding in the database via SPIDER. (backup strategies, deployment, network, etc. are all covered) * Configuring the threadpool for your workload * Taking advantage of new replication features * Using SQL Roles And more

Speakers

Colin Charles

Consultant, codership (galera cluster)

Colin Charles is a Consultant at Codership, the makers of Galera Cluster. Previously, Colin was on the founding team of MariaDB Server, and has been around the MySQL ecosystem including being an early employee at MySQL, and worked actively on the Fedora and OpenOffice.org projects... Read More →

Monday August 17, 2015 4:20pm - 5:10pm PDT
Redwood

DevOps LinuxCon Experience Level - Intermediate

10:30am PDT

Hard Partitioning for Linux: The Jailhouse Hypervisor - Jan Kiszka, Siemens

The Jailhouse project adds a new, unique partitioning hypervisor to the Linux ecosystem. It aims at filling the gap between abilities of standard Linux and challenging requirements of low-latency real-time and safety scenarios with an open source solution.

This presentation will introduce the Jailhouse architecture and explain its differences compared to other approaches. While Jailhouse originally only executed non-Linux workload besides the main Linux partition, it just gained support for booting multiple Linux instances, strictly isolated from each other. We will provide information about these recent developments, current hardware requirements for the supported x86 and ARM platforms and will give a short live demonstration.

Speakers

Jan Kiszka

Principal Key Expert, Siemens

Jan Kiszka is working as consultant, open source evangelist and Principal Key Expert Engineer in the Linux Expert Center at Siemens Technology. He is supporting Siemens businesses with adapting, enhancing or strategically driving open source as platform for their product demands... Read More →

Tuesday August 18, 2015 10:30am - 11:20am PDT
Grand Ballroom A

CloudOpen Developer Experience Level - Intermediate

10:30am PDT

Tales From the OpenStack's Gate: How Debugging the Gate Helps Your Enterprise - Matthew Treinish, OpenStack

OpenStack is incredibly complex with tons of moving parts. As part of the community's continuous integration system, often called the gate, we run tests against a running OpenStack cloud. However, sometimes things fail for reasons unrelated to the patch being tested. These failures, often called "flakey failures" by developers, are normally an exposure of interesting timing problems in OpenStack and they can often be very tricky to debug. However, we've found that almost all of these issues and the difficulty in debugging them also apply to real deployments. This talk will go over the mechanics of debugging gate failures. As part of the discussion comparisons will be drawn to show how similar the process of debugging gate failures is to production OpenStack issues. To reinforce that anything we see in the gate most likely is being dealt with by users and operators.

Speakers

Matthew Treinish

Software Engineer, IBM Research

Matthew Treinish has been working on and contributing to Open Source software for most of his career. Matthew currently works for IBM Research developing open source software for quantum computing. He is also a long time OpenStack contributor and a former member of the OpenStack TC... Read More →

Tuesday August 18, 2015 10:30am - 11:20am PDT
Issaquah

CloudOpen Developer Experience Level - Intermediate

10:30am PDT

The Lies We Tell Our Code - Casey Bisson, Joyent

From dev to deploy, we're constantly lying to our code. We lie about the systems, networks, storage, RAM, CPU and other resources that are critical to our application performance. Some of these lies protect applications from each other, and some even improve performance. Others, however, decrease performance and create barriers to productivity. In this session, Joyent Product Manager Casey Bisson will delve into the "dishonest" relationship we all have with our code and show why the lies we tell can both help and hurt us. Attendees will learn which white lies to keep on telling and, conversely, where to start being honest with your code.

Speakers

Casey Bisson

Joyent

Tuesday August 18, 2015 10:30am - 11:20am PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

10:30am PDT

Stateful NAT with OpenvSwitch - Thomas Graf, Noiro Networks

As containers are being deployed as part of multi tenant clusters, virtual multi layer switches become essential to interconnect containers while providing isolation guarantees. Assigning tenants their own private networks requires stateful network address translation (NAT) implemented in a scalable architecture to expose containers to public networks. Existing virtual switches integrated into the Linux kernel did not support stateful NAT so far. This presentation introduces a new virtual NAT service deployable as container built using existing kernel functionality such as network namespaces, routing rules and Netfilter to provide NAT services to existing virtual switches such as Open vSwitch and the Linux bridge but also the core L3 layer of Linux.

Speakers

Thomas Graf

Noiro Networks (Cisco), Noiro (Cisco)

Tuesday August 18, 2015 10:30am - 11:20am PDT
Cirrus

ContainerCon Developer Experience Level - Intermediate

10:30am PDT

Container Performance Monitoring and Management Using cAdvisor - Victor Marmol, Google

Monitoring the performance of applications today is difficult. It typically entails deep understanding and knowledge of an application and all its components. Containers have begun to make this easier by allowing us to break down applications and provide finer-grained information than ever before. cAdvisor has begun exposing higher level performance metrics aimed at answering the question “how are my applications performing?”. We will present what metrics are exposed and how these metrics can be used to automatically tune the performance of your containers.

Speakers

Victor Marmol

Google, Google

Victor is a Senior Software Engineer at Google. He is part of the containers infrastructure team which runs all of Google's compute jobs across the world; starting over 2 billion containers per week. He has open sourced some of Google's containers infrastructure through two projects... Read More →

Tuesday August 18, 2015 10:30am - 11:20am PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Operations

10:30am PDT

The Dark Art of Container Monitoring - Loris Degioanni, Sysdig

Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. This talk will cover the current state of the art for container monitoring and visibility, including pros / cons and live demonstrations of each method. Special emphasis will be put on sysdig, an open source troubleshooting tool authored by the presenter. Sysdig offers unprecedented container visibility without the need to break the “sanctity” of the container.

Speakers

Loris Degioanni

Founder & CEO, Sysdig

Loris is the creator and CEO of Sysdig, a popular open source troubleshooting tool for Linux environments. He is a pioneer in the field of network analysis through his work on WinPcap and Wireshark: open source tools with millions of users worldwide. Loris was previously a senior... Read More →

Tuesday August 18, 2015 10:30am - 11:20am PDT
Grand Ballroom B

ContainerCon Experience Level - Intermediate Operations

10:30am PDT

Maximum Performance: How to Get It and Avoid Pitfalls - Christoph Lameter

Maximum performance is possible if we can get all hardware components and software components that influence our particular workload to operate at the limits of what those components allow. Performance is most frequently determined by the interaction of hardware, software and the application. Getting there is actually a balancing act between what can be done by the applications, the way that the operating system can be configured to interact with a given piece of hardware and the operating modes of the hardware.

The talk will cover a couple of common scenarios that have been seen repeatedly with applications that require maximum storage throughput, network throughput or that are bound by the number crunching or memory access capabilities of the processors. It also will delve into the some of the common trade offs that may exist and prevent systems from running at top performance.

Speakers

Christoph Lameter

R&D Team Lead, Jump Trading LLC

Christoph Lameter is working as a lead in research and development for Jump Trading LLC (an algorithmic trading company) in Chicago and maintains the slab allocators and the per cpu subsystems in the Linux Kernel. He contributed to a number of Linux projects since the initial kernel... Read More →

Tuesday August 18, 2015 10:30am - 11:20am PDT
Redwood

DevOps LinuxCon Experience Level - Intermediate

11:30am PDT

Speeding Up the Core of the Cloud - David Stewart, Intel

OpenStack at its core is very dependent on the Python programming language. As powerful as Python is, its performance compared with other languages is fairly poor. Intel is now making a major effort to improve Python performance. In this presentation, David Stewart will talk about the work Intel is doing to improve Python performance and similar server dynamic languages, some of the successes we have achieved and future challenges to the OpenStack community and their use of Python and how we can help.

Speakers

David C. Stewart

Sr Director, Security & Privacy, Intel Corporation

David Stewart is Senior Director of Security & Privacy. David has been an operating systems and compiler expert for his whole career. David serves on the Yocto Project Advisory Board (Emeritus) and the Open Source Security Foundation Working Group on Critical Infrastructure. Prior... Read More →

Tuesday August 18, 2015 11:30am - 12:20pm PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

11:30am PDT

Clear Containers and Other Technology from the Clear Linux Project - Arjan van de Ven, Intel

Clear Containers are a new way to use hardware features to make containers as secure as virtual machines.... because Clear Containers *are* lightweight virtual machines. In the presentation, Arjan will explain the whys and hows of Clear Containers and how one can use them to make your containers more secure. In addition, Arjan will go into details of some of the other new technical features provided by the Clear Linux Project for Intel Architecture.

Speakers

Arjan van de Ven

Sr Principal Engineer, Intel

Arjan is an engineer at Intel's open source technology center, and the lead for the Clear Linux Project for Intel Architecture. Over the past 15 years, Arjan has been working on a wide range of Linux Kernel and general Linux OS topics, and has presented at dozens of conferences.

Tuesday August 18, 2015 11:30am - 12:20pm PDT
Cirrus

ContainerCon Developer Experience Level - Intermediate

11:30am PDT

Taking Containers to the Next Level - James Bottomley, Odin

Although container technology has been around for nearly two decades, it is only recently that the virtualization properties that provide very different use cases from traditional hypervisors are being explored. One of the interesting things about containers is that they are not all or nothing, like hypervisors, but may have each subsystem virtualization separately applied. There has been quite a bit of work in the past year to bring granular container virtualization directly to applications via libcontainer and its extensions (instead of via an orchestration system). This talk will explore exactly what properties applications can expect to gain directly from container technology (things like multi tenancy, configuration update/rollback, memory constraints, and advanced networking) and what the nature of cloud applications might become in future as this trend evolves.

Speakers

James Bottomley

Distinguished Engineer, IBM

Tuesday August 18, 2015 11:30am - 12:20pm PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Wildcard

11:30am PDT

Docker, Containers & Security: State of the Union - Jerome Petazzoni, Docker

Docker is two years old. While security has always been at the core of the questions revolving around Docker, the nature of those questions has changed. Last year, the main concern was "can I safely colocate containers on the same machine?" and it elicited various responses. Dan Walsh, SELinux expert, notoriously said: "containers do not contain!", and at last year's LinuxCon, Jérôme delivered a presentation detailing how to harden Docker and containers to isolate them better.

Today, people have new concerns. They include image transport, vulnerability mitigation, and more.

After a recap about the current state of container security, Jérôme will explain why those new questions showed up, and most importantly, how to address them and safely deploy containers in general, and Docker in particular.

Speakers

Jérôme Petazzoni

Tinkerer Extraordinaire, Tiny Shell Script LLC

Tuesday August 18, 2015 11:30am - 12:20pm PDT
Grand Ballroom B

ContainerCon Operations Experience Level - Intermediate

11:30am PDT

How to Design a Linux Kernel API - Michael Kerrisk

The Linux kernel-user-space API is littered with design errors: APIs that are non-extensibe, unmaintainable, overly complex, limited-purpose, violations of standards, and inconsistent. Most of those mistakes can't be fixed because doing so would break the ABI that the kernel presents to user-space binaries. To further rub salt into the wound, kernel-user-space APIs are often buggy when first shipped. Thus, it's important to get API designs right the first time. Taking (good and bad) examples from past APIs, I'll cover a number ideas on improving the design of future kernel user-space APIs. Those tips are relevant both for kernel developers producing the APIs and for user-space programmers looking at what kernel developers are serving to them. I'll also look at some strategies that developers can pursue in order to get help with improving the designs of APIs that they are producing.

Speakers

Michael Kerrisk

Trainer/consultant, man7.org Training and Consulting

Michael Kerrisk is the author of the acclaimed book, "The Linux Programming Interface" (http://man7.org/tlpi/), a guide and reference for system programming on Linux and UNIX. He contributes to the Linux kernel primarily via documentation, review, and testing of new kernel-user-space... Read More →

designing linux kernel APIs LCNA 2015 Kerrisk pdf

Tuesday August 18, 2015 11:30am - 12:20pm PDT
Grand Ballroom C

Developer Experience Level - Intermediate LinuxCon

11:30am PDT

Hydra: Multikernel and Virtualization for Many-Core Systems - Vitaly Bordyug, Huawei

Heterogeneous systems offer tremendous flexibility in terms of matching of compute resources to the actual task, including huge number of cores, different CPU architectures bound by some interconnect, and so on. The upper possibilities apply also a number of challenges to the originally-monolithic Linux architecture.

Hydra project aims to mitigate the most severe issues, without drastic redesign or micro-kernel migration; it adds necessary tweaks to the kernel, to enable it to run several kernels (each of the appropriate architecture, in heterogeneous case). State synchronization is handled using kexec/remoteproc/rpmsg/virtio frameworks, adapted for extended needs.

The talk will cover architecture and current state of the project, as well as broader set of tasks, that this generic heterogeneous framework aims to address.

Speakers

Vitaly Bordyug

Principal Architect, Huawei

Vitaly Bordyug is Principal Architect in OS and Virtualization department of Huawei Technologies in Germany. Before joining Huawei, he was working at Mentor Graphics, with major focus on Automotive Linux solutions, and at MontaVista Software as kernel architect before that. At Huawei... Read More →

Tuesday August 18, 2015 11:30am - 12:20pm PDT
Diamond

Developer Experience Level - Intermediate LinuxCon

2:00pm PDT

From Zero to Continuous Validated Learning: Lean Startup on PaaS - Chris Sterling, CenturyLink

This session will take us on a journey from idea to "validated learning”, implementing an idea and measuring for its expected effect on behavior. Cloud computing, Agile software development, and Lean Startup have all contributed to lowering the cost of learning and accelerating time to market for businesses. Platform as a Service (PaaS) is further accelerating the validated learning cycles in application development to increase successful business outcomes. We will show how to use Cloud Foundry as a PaaS and a Lean Startup approach to take us from zero to a valuable platform that helps us inspect and adapt our business based on validated learning.

Speakers

Chris Sterling

Senior Lead Product Manager, CenturyLink Cloud, CenturyLink

Tuesday August 18, 2015 2:00pm - 2:50pm PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

2:00pm PDT

etcd: A Cornerstone of Distributed Systems For Containers - Brandon Philips, CoreOS

etcd is an open source distributed consistent key-value store that was introduced by the team at CoreOS. Since its release two years ago it has become a mature cornerstone of a variety of systems in the container ecosystem for doing networking, service discovery, configuration management and load balancing. This talk will explore what etcd is, how it works, why it is used, how a cluster is maintained and some best practices. It will show off some example applications built on etcd such as locksmith, vulcand, Kubernetes, skydns and confd.

Speakers

Kelly Tenn

Kelly Tenn, CoreOS

Tuesday August 18, 2015 2:00pm - 2:50pm PDT
Grand Ballroom D

ContainerCon Developer Experience Level - Intermediate

2:00pm PDT

Containerizing Distributions - Colin Walters, Red Hat

Containerizing distributions (Colin Walters, Red Hat) - This talk will look at how the rise of Docker and other container technologies have impacted the Fedora, CentOS, and Red Hat Enterprise Linux distributions from both a release engineering and developer/user perspective. We will look at several package system/container integration issues, such as:

- `docker build` reproducibility with packages, other systems like the OpenShift Build Service
- package systems requiring root privileges versus best practice of unprivileged containers
- uid/gid synchronization
- rpm versus the Docker overlayfs backend

In addition, we will look at technologies for minimal container hosts, such as (rpm-)OSTree, Snappy, the CoreOS updater and how they intersect with containers.

Speakers

Colin Walters

Software Engineer, Red Hat

Colin Walters works on Project Atomic, an effort to containerize distributions, for Red Hat, Inc.

Tuesday August 18, 2015 2:00pm - 2:50pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Developer

2:00pm PDT

IGMP/MLD Snooping Enhancements on Linux - Satish Ashok, Cumulus Networks

IGMP/MLD snooping in bridge driver has been used for snooping IGMP/MLD queries, leaves and reports. This talk would discuss about support needed for -Vlan filtering, Multi Chassis Link Aggregration and Hardware offload
VLAN filtering requires MDB groups and router ports to be created per VLAN within a bridge.
To support Multi Chassis link aggregation(MLAG) where two hardware offload switches act as one switch to a dually connected host, multicast database and router port entries need to be synced to a neighboring switch. We would discuss about various issues, solutions and tradeoffs of the various approaches.
To hardware offload this functionality multicast group entries need to be created with a list of ports. Interactions with static multicast group, router port and userspace STP would also be covered.

Speakers

Satish Ashok

Member of Technical Staff, Cumulus Networks

Software Developer at Cumulus Networks. Contributed to mstpd open source project and IGMP snooping hardware offload and enhancements.

Tuesday August 18, 2015 2:00pm - 2:50pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

2:00pm PDT

Provisioning Linux Servers Made Easy: PayPal's Success - Mason Katz, StackIQ

Today's distributed systems built with commodity servers allow enterprises to seize new data and cloud opportunities with a speed and agility unattainable by their legacy system predecessors, and at a lower cost. However, getting a handful, hundreds or even thousands of collaborative servers up and running in a production environment is complicated, time consuming and error prone. By automating bare metal provisioning, enterprises eliminate complexity and speed deployment. Mason Katz will examine the installation and provisioning process for Linux servers in infrastructures of any size, from the zero state to configuration, utilizing StackIQ's server provisioning tool. Whether for a single node or thousands of nodes, attendees will learn how to get systems to a ping and a prompt in minutes, and get the most out of today's Big Data and Cloud applications.

Speakers

Mason Katz

Mason Katz is the Chief Technology Officer and co-founder of StackIQ. Prior to joining StackIQ, he co-founded the open-source Rocks Clusters Group at the San Diego Supercomputer Center (SDSC) located on the campus of the University of California at San Diego (UCSD). He has 20 years... Read More →

Tuesday August 18, 2015 2:00pm - 2:50pm PDT
Redwood

Experience Level - Intermediate LinuxCon Operations

3:00pm PDT

HOUZE® LIVING LABS: Internet of Everything Demonstration Centers - David Goswick, HOUZE

HOUZE® is establishing a network of over 25 Zero Energy Living Labs that will serve as demonstration sites for the connected lifestyle and the Internet of Everything. The Living Labs will integrate technologies, products and services for a consortium of stakeholders including leading universities and global companies. The HOUZE® network of labs is a user-centric, open-innovation ecosystem integrating concurrent research and innovation processes within public-private-people partnerships. Each of the Living Labs will feature: The Smart Home of the Future; Next Generation Retail Showroom; Connected Car/Mobility of the Future; Concept Hotel Rooms; Concept Medical; Organic Smart Gardens and Greenhouse; on-site energy generation, storage and management to demonstration the open-platform Internet of Everything.

Speakers

David Goswick

David Goswick is the CEO/co-founder of HOUZE® Advanced Building Science Inc. He is a 30 year visionary in home building, real estate and technology industries. He has been recognized with over 400 national, regional and local real estate marketing and technology awards. Goswick was... Read More →

Tuesday August 18, 2015 3:00pm - 3:50pm PDT
Cedar

Business Experience Level - Intermediate LinuxCon

3:00pm PDT

Handling large MySQL and MariaDB farms with MaxScale - Max Mether, MariaDB

MaxScale is a new proxy and query routing layer that allows you to transparently handle connections to large data farms of different architectures. With the addition of binlog routing in the latest version of MaxScale, MaxScale further enhances the options for large scale replication topologies. This talk will look at the different options for using MaxScale and will focus on large setups (over 100 slaves per master) using binlog routing. A use case example will also be studie in detail.

Speakers

Max Mether

SkySQL

Max Mether, a native of Finland received his M.Sc (Eng) in Physics and Maths from Helsinki University of Technology. Max joined MySQL AB in 2001 starting as a Consultant and an Instructor and ended up creating the MySQL training program and managing the curriculum under MySQL Ab and... Read More →

Tuesday August 18, 2015 3:00pm - 3:50pm PDT
Jefferson

CloudOpen Experience Level - Intermediate Operations

3:00pm PDT

HDInsight: Do Hadoop in the Cloud With All You Already Know and Love - Adnan Ijaz, Microsoft

Join this session to learn how you can run Apache Hadoop in the Azure cloud to take advantage of its flexibility and cost effectiveness while leveraging your existing skillset in Linux and open source software (OSS). We’ll do a short introduction of Azure HDInsight – Microsoft’s managed Hadoop-as-a-service offering which is built on top of the Hortonworks Data Platform (HDP) and Ubuntu Linux – and then jump right into building a demo application from scratch. We’ll start with raw data, cleanse it, process it and then visualize it – all, using the tools (e.g. SSH), OSS (e.g. Apache Ambari) and Hadoop ISV applications you have come to use and love over the years.

Speakers

Adnan Ijaz

Adnan is a Senior Program Manager at Microsoft on Azure HDInsight team focused on building platform components that make Hadoop run great on Azure. Adnan has been with Microsoft for nearly 7 years and, before joining the big data team, he worked as a primary PM for the recently announced... Read More →

Tuesday August 18, 2015 3:00pm - 3:50pm PDT
Issaquah

CloudOpen Experience Level - Intermediate Operations

3:00pm PDT

Super Privileged Containers - Daniel J. Walsh, Red Hat

Most people consider containers a way to isolate applications workloads from the host and other containers. Super Privileged Containers, treat containers as a mechanism for shipping software to the host. With the advent of Minimal OS Container platforms like ProjectAtomic and CoreOS, people are always asking for missing applications from the host. SPC containers allow admin and developers to ship software that can take advantage of containers image for shipping its content, but can see and even manipulate the host OS.

This talk will also talk about using the container image as the sole unit for shipping an application, how to build the Install, uninstall and run commands directly into the image. And how it uses SPC to be able to install a containerized application.

Speakers

Dan Walsh

Senior Distinguished Engineer, Red Hat

Tuesday August 18, 2015 3:00pm - 3:50pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Developer

3:00pm PDT

Writing Applications for the Containers World - Ahmet Alp Balkan, Microsoft

Let's turn back the clock to the 1960’s and see how we can adopt the mindset and philosophy of Unix to design our tools, applications and micro-services in this new world of containers. We will talk about the best practices for configuration, logging, secrets, command line interfaces, output streams and inter-process communication and show examples, both good and bad, applied by real-world open source projects and tools.

Speakers

Ahmet Alp Balkan

Software Engineer, Google

Ahmet works at Google on Kubernetes/GKE and Knative projects. He is focused on getting the developer experiences right for Google Cloud products and open source projects. Follow on twitter: @ahmetb.

Tuesday August 18, 2015 3:00pm - 3:50pm PDT
Grand Ballroom B

ContainerCon Experience Level - Intermediate Operations

3:00pm PDT

ACPI for Network Switches - Dustin Byford, Cumulus Networks

We're at the beginning of a revolution in the networking industry. For the first time, you can buy a whitebox network switch with modern ASICs (think 48-10G ports + 6-40G ports), and an operating system, separately. At Cumulus, the OS choice is Linux. Working with several switch ODMs we've ported our Debian-based distro to about 25 whitebox switch platforms. Through that process we've developed an understanding of common switch hardware designs and what it takes to make those systems, despite their platform differences, act like a standard Linux box. We believe the next step is to define a way to encode those platform differences into firmware using ACPI. This talk will focus on the work we've done at Cumulus, including a proposed patch set, to describe switch-specific platform details using ACPI.

Speakers

Dustin Byford

MTS, Cumulus Networks, Inc.

Biography coming soon.

Tuesday August 18, 2015 3:00pm - 3:50pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

4:00pm PDT

Some Lessons From Scaling a Large, Web-Scale Social Platform - Igor Perisic, LinkedIn

Any company looks very fondly at the potential of explosive growth. It is identified with success. After all, growth means that your members appreciate your offering and exponential growth can be construed to simply mean that these members appreciate it very much. How a company survives when it hits that geyser is an interesting story. Indeed no services are infinitely scalable from their inception, neither does any company have infinite manpower. We’ll take a look at various lessons learned through our experience at LinkedIn. The talk will present some of our experiences from scaling backend infrastructures, developing machine learned models for various relevance problems and the consequences of having a rapidly growing organization. At the core, a picture of Data Integrity and Experimentations will develop as key success fact

Speakers

Igor Perisic

Igor Perisic is currently VP of Engineering, Data and Analytics, at LinkedIn where he built and manages a team of engineers working in the areas of Search, Real Time Social Graph Engine, Relevance and Relevance Infrastructure. His team is involved in all areas of LinkedIn where Personalization... Read More →

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Aspen

CloudOpen Developer Experience Level - Intermediate

4:00pm PDT

Open Platforms for Federated Futures - Ryan Jarvinen, Red Hat

Learn how to design applications that allow users to reclaim control of their data, and define their own terms of service, by leveraging various open standards of the web.

We’ll discuss open standards for identity, authorization, and data sharing, while exploring the underlying architectures of several existing federated network applications.

This talk covers several new protocols for federated communication (pump.io, diaspora, tent.io, gnu social) and evaluates the major tradeoffs that one may encounter when designing and using these systems.

Speakers

Ryan Jarvinen

Developer Advocate, Red Hat

Ryan Jarvinen is a Developer Advocate and Open Source Evangelist focusing on improving developer experience in the container community. He lives in Oakland, California and is passionate about open source, open standards, open government, and digital rights. You can reach him as "RyanJ... Read More →

Open Platforms for Federated Futures Linuxcon2015 pdf

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Issaquah

CloudOpen Experience Level - Intermediate Wildcard

4:00pm PDT

Denser Containers With PF Cache - Pavel Emelyanov, Odin

Two greatest benefits of containers over VMs are -- much higher density and elasticity. One of the reasons for the former one is that containers can share most of their disk memory cache due to libraries (and sometimes binaries) being the same. Depending on the way containers' files are stored, different techniques to disk cache deduplication should be used. The growing popular approach based on device-mapper requires cross-disks cache manager.

In this presentation Pavel will review different approaches to organizing container's storage and their pros-n-cons, will describe the benefits of disk cache sharing and then will proceed to the PFCache technology from Odin that implements the mentioned cross-disk cache sharing and gives times larger density for containers.

Speakers

Pavel Emelyanov

Architect at server virtualization dpt, Odin

Pavel is a principal engineer at Odin working on company’s Cloud Server projects. He holds a PhD degree in Applied Mathematics from the Moscow Institute of Physics and Technology. He now maintains CRIU and works on its integration with other Linux containers projects. His speaking... Read More →

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Grand Ballroom D

ContainerCon Developer Experience Level - Intermediate

4:00pm PDT

Using Clocker With Calico and Docker to Run Workloads in the Cloud - Andrew Kennedy, Cloudsoft

This talk will show how to use Clocker to test and deploy Apache Brooklyn blueprints for your worloads in the Cloud. Using Docker containers instead of virtual machines, Clocker enables testing of a full simulation of your production topology, allowing every aspect of your resilience, failover and scaling policies to be tested thoroughly. We will show how a multi tier, multi network application can be deployed a Clocker managed Docker Cloud, using Calico SDN technology to provide a full suite of network choices. Clocker uses Apache jclouds to provide this seamless access to both containers and virtual machines, thanks to its provider agnostic API, and Apache Brooklyn allows complex topologies to be described using industry standard YAML blueprints.

Speakers

Andrew Kennedy

Distributed Systems Hacker, Cloudsoft

Andrew is a Senior Software Engineer at Cloudsoft and the founder of the Clocker project. He is a contributor to several Open Source projects including jclouds and Qpid and is on the Apache Brooklyn PMC. Areas of interest include Distributed Systems, Virtualisation, Messaging, Information... Read More →

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Grand Ballroom B

ContainerCon DevOps Experience Level - Intermediate

4:00pm PDT

Bringing N-Tier Applications to Containers - Chris Haddad

Containerization is moving from lab work to production application projects. Teams desire to achieve deployment agility, application resilience, and resource optimization. While container cookbooks show simple scenarios, containerizing production N-tier applications requires complex considerations. Chris describes how teams select complementary open source projects (i.e. Docker Compose, Apache Mesos, Mesos Marathon, Google Kubernetes, Apache Stratos) and craft an open source platform that shifts legacy applications away from virtual machines and into containers. He demonstrates how teams effectively manage container dependencies, independently scale container tiers, and deliver quality of service. From a developer’s perspective, Chris will show micro-service architecture patterns guiding teams towards application packaging strategies and container lifecycle decisions.

Speakers

Chris Haddad

VP Platform Evangelism, WSO2

A Cloudy PaaS and SaaS architect since the turn of the century, Chris is an Apache Stratos, Kubernetes, and Cloud architecture afficionado who has worked with clients to deploy innovative ecosystem PaaS environments. He is currently writing a book on how to build microservices using... Read More →

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Willow A

ContainerCon Experience Level - Intermediate Developer

4:00pm PDT

KernelAddressSanitizer: A Fast Memory Error Detector for Linux Kernel - Andrey Konovalov

Memory access bugs, including buffer overflows and uses of freed memory, are a serious problem for Linux kernel. These bugs not only lead to crashes, but also introduce exploitable vulnerabilities. Many memory error detectors exist for user-space applications, but only a few for Linux kernel, and most of them are either slow or detect a limited set of bugs, or both.

This paper presents KernelAddressSanitizer, a new dynamic memory error detector for Linux kernel. Our tool finds out-of-bounds accesses to heap, stack, and global objects, as well as use-after-free bugs. The tool is based on compiler instrumentation an uses similar ideas as the user-space memory bug detector AddressSanitizer.

KernelAddressSanitizer is efficient and accurately detects bugs at the point of occurrence. It has found over 50 previously unknown bugs in Linux kernel.

Speakers

Andrey Konovalov

Google

I'm an intern at Google. I'm working on bug finding tools for Linux kernel. I developed a prototype for KernelAddressSanitizer, a tool for finding memory bugs, such as out-of-bounds and use-after-frees. Right now I'm working on KernelThreadSanitizer, a tool for finding data races... Read More →

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Willow B

Developer Experience Level - Intermediate LinuxCon

4:00pm PDT

Reexamining Scheduler Statistics: Do We Have What We Need?- Rick Lindsley, IBM

In 2004, "The Cursor Wiggles Faster: Measuring Scheduler Performance", presented at the Ottawa Linux Symposium, patches were introduced to create some objective metrics by which to judge scheduler performance. Revisions of these patches were eventually accepted into the kernel and persist to today.

But eleven years later, the scheduler has changed dramatically. Some of those original measurements are still in the code. Additional, equally useful metrics have been introduced outside of the 2004 framework. The need to evaluate scheduler changes has not decreased, but workloads and system capabilities have shifted. Do we still have effective tools to evaluate current work? This paper discusses the aging of scheduler statistics, and discusses whether the old patches need to be gently merged, subtly enhanced, or even completely removed.

Speakers

Rick Lindsley

Rick Lindsley is an advisory software engineer at IBM who has worked on Linux and Unix for over 30 years. He introduced the original schedstats patch eleven years ago at the Ottawa Linux Symposium, and has maintained a website of related tools since that time. He currently serves... Read More →

Tuesday August 18, 2015 4:00pm - 4:50pm PDT
Diamond

Developer Experience Level - Intermediate LinuxCon

10:25am PDT

Extreme Agile - Managing Fully Distributed Opensource Software Teams - Alan Bennett, Linaro

It is challenging—if not impossible—to find local experts in low-level Linux or specific open-source software projects. However, this isn’t a challenge with a fully-distributed organization which has this talent worldwide. So the challenge becomes how to effectively manage, motivate, and retain this talent. At Linaro, Alan is responsible for producing many of their open source products. Having successfully worked with Kanban and Scrum in the past, Alan was surprised how difficult implementing agile practices was when the workdays of most team members overlapped only an hour or less. Realizing that their sprint planning and retrospectives were not going to be sustainable, the team knew they would have to make some changes. Alan shows you how his teams effectively manage their workload, combine agile with open source software processes, and create a system that survives and thrives.

Speakers

Alan Bennett

VP Engineering, Foundries.io

Currently Vice President of Engineering at Open Source Foundries. Alan drives all aspects of engineering and product management. Alan has built a team of open source and upstream experts from around the world with expertise in front-end, back-end and embedded software. the OSF team... Read More →

Bennett ExtremeAgile LinuxCon 2015 pdf

Wednesday August 19, 2015 10:25am - 11:15am PDT
Cedar

Business LinuxCon Experience Level - Intermediate

10:25am PDT

In a World of Ephemeral Containers, How Do We Keep Track of Things - Brian Dorsey, Google

Docker makes it far easier to develop and deploy programs. Kubernetes helps you build and run systems of 100s or 1000s of containers. Your system stays up while individual containers come and go as needed. But what about your data? With ephemeral containers, where does the data live?

This talk is a tour of emerging patterns for keeping state in clusters of containers. First, a review of the challenges, solutions and their tradeoffs for keeping track of things when running a cluster of ephemeral containers. We will cover both configuration management and data storage (databases, etc), and a survey of the different ways people are dealing with these challenges. Examples will be illustrated in Kubernetes, an open source cluster manager and scheduler that simplifies deploying and managing container based applications. These patterns are also helpful when running on PaaS or VMs directly.

Speakers

Brian Dorsey

Developer Advocate, Google

Brian is a Developer Advocate on the Google Cloud Developer Relations team, focusing on the open source Kubernetes cluster manager and the Cloud Platform, especially Compute Engine and Cloud Storage. Brian has taught Python at the University of Washington & spoken at both PyCon US... Read More →

Wednesday August 19, 2015 10:25am - 11:15am PDT
Jefferson

CloudOpen Experience Level - Intermediate Operations

10:25am PDT

User - Transparent ServiceMigration to the Cloud - Tim Mackey, Citrix

Seamlessly adopt cloud practices without users knowing the infrastructure changed. This could easily be a marketing tagline for the latest cloud technology, but for users it is an imperative. Users expect uninterrupted service, but admins need to adopt new provisioning paradigms. In this session you'll see how user impact can be minimized during a migration to cloud orchestration.

Discussion will include:
- Service uptime expectations
- Template management in cloud solutions
- Availability management techniques
- Storage management to minimize recovery time

The session will also include a live demo where virtual infrastructure hosted within a XenServer environment is migrated to an OpenStack or CloudStack environment. The tooling extends Packer to create a base representation of the virtual machine, and then migrates the resultant artifact into the desired cloud solution.

Speakers

Tim Mackey

Senior Technical Evangelist, Black Duck by Synopsys

Tim Mackey is a technology evangelist for Black Duck Software specializing in the secure deployment of applications using virtualization, cloud and container technologies. Prior to joining Black Duck, Tim was most recently the community manager for XenServer and was part of the Citrix... Read More →

Wednesday August 19, 2015 10:25am - 11:15am PDT
Issaquah

CloudOpen Operations Experience Level - Intermediate

10:25am PDT

Putting the D in LXD: Migration of Linux Containers - Tycho Anderson, Canonical

lxc move c1 host2. In 17 characters, you can live migrate containers
between hosts. LXD makes using this powerful and complex technology very simple,
and very fast. In this talk, I'll give a short history of the underlying
migration technology CRIU, describe a few optimizations that LXD is doing in the
space to make things fast, and discuss future areas of work both in CRIU and in
LXD to support a larger class of applications and make things even faster.

Speakers

Tycho Andersen

Canonical, Canonical

Tycho is a software engineer at Canonical actively working on several cloud-related projects, most recently as one of the core developers of LXD, an open source Linux Container based hypervisor. He holds degrees from the University of Wisconsin--Madison and Iowa State University... Read More →

Wednesday August 19, 2015 10:25am - 11:15am PDT
Grand Ballroom B

ContainerCon Developer Experience Level - Intermediate

10:25am PDT

Rooting out Root: User Namespaces in Docker - Phil Estes, IBM

While Docker as a container runtime has been available for two years now, and uses various Linux kernel features for namespacing to isolate the container processes, user namespace support in the Go language and libcontainer was only made available earlier this year. Now that support exists in these underlying technologies, Phil will discuss the details of exposing user namespace support to Docker operators and users, and some of the complexities of offering full user namespace mappings to containers.

Most importantly, the key benefit to user namespace support being available in Docker is that the host system's root user will no longer be exposed as the container's "root". Phil will detail the improved security posture provided and discuss future enhancements to container user and group isolation based on this Linux kernel feature.

Speakers

Phil Estes

Principal Engineer, AWS

Phil is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS.Phil is currently an active contributor and maintainer for the CNCF containerd runtime project, and participates in the... Read More →

Wednesday August 19, 2015 10:25am - 11:15am PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Developer

10:25am PDT

Container Ops: Using Platform Tooling to Build Your App Management Story - David Soul, Pivotal

An overview of the infrastructure pains around managing containers in real-world production usage. This talk discusses Cloud Foundry platform approach to container lifecycle management issues such as upgrades, security, deployments, logging, failover and scaling. We also share best-practices and general patterns in container management across the Pivotal Cloud Foundry customer base.

Speakers

David Soul

Technical Marketing, Pivotal

David Soul works on technical marketing for Pivotal Cloud Foundry. His background includes software development, technical marketing with Heroku and time as an early employee at Atlassian.

Wednesday August 19, 2015 10:25am - 11:15am PDT
Cirrus

ContainerCon Experience Level - Intermediate Operations

10:25am PDT

The Container Testing Project - Ben Du, Huawei

Containers are one of the most important innovations in the software development today. With the introduction of the Open Container Project ,it will prevent fragmentation and enable application portability among platforms, which are the ingredients developers require in order to build and deploy everything from retail and banking applications to streaming media services. Expecting to join OCI and CNCF, we plan to align more and more with the community.

The talk will introduce a new project that aims to promote the OCI by providing a universal testing framework for all of the container projects. Both testing and validation include the OCI specification, runC function, security and performance, as well as may other aspects which will be covered in the talk.

Speakers

Ben Du

Yujie Du (Ben) is a long-time open source community activist and evangelist in China. He currently works in the Huawei Open Source Software Competence Center, where he is an expert in Huawei’s Open Source Core Team (OSCT). Before he joined Huawei, Ben was a founding board member... Read More →

Wednesday August 19, 2015 10:25am - 11:15am PDT
Willow A

ContainerCon Experience Level - Intermediate Operations

10:25am PDT

Performance Monitoring in the Linux Kernel - Davidlohr Bueso, SUSE

Systems performance is a primary concern for most people involved in technology. This is particularly true and critical for companies investing significant resources in hardware, expecting Linux to scale well on larger machines, naturally beginning with the kernel. While there are several efforts to automate and integrate benchmarking across a wide range of systems, they are not very well known outside the community. In this talk, Davidlohr will present different alternatives to kernel performance monitoring through automation and will discuss how it can serve to actively detect regressions and new issues throughout the kernel, including how developers can easily test their changes on a wide range of workloads and gather important runtime metrics. In addition, different benchmarks for stressing different subsystems will be compared both at a micro level and for real world workloads.

Speakers

Davidlohr Bueso

Software Engineer, SUSE Labs

Davidlohr Bueso is a Linux kernel developer at SUSE Labs, focusing on performance and scalability. He works on various core kernel subsystems and has authored hundreds of fixes and enhancements towards making Linux better and faster. Prior to SUSE, Davidlohr worked at HP, tackling... Read More →

Wednesday August 19, 2015 10:25am - 11:15am PDT
Grand Ballroom C

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

10:25am PDT

Powershell Desired State Configuration for Linux - Kolby Allen

DSC is yet another means for administrators to manage configuration in a heterogeneous environment. Not only does it provide a healthy bridge for Linux and Windows administrators to blend knowledge and experience across both closed and open source foundations, it also helps improve the reliability of repetitive tasks required by today's workloads. Cloud services already offer rich powershell integration (Azure, AWS) - allowing combination of server setup and cloud deployment to help scale on any IaaS platform a business relies upon. Microsoft's push to open .Net Core and many of the tools are an opportunity to learn new ways of integration when integration is your only option.

Speakers

Kolby Allen

Kolby Allen is a Solutions Architect and has spent most of his career in Academia most recently teaching Chemistry at SPU in Seattle. He holds several AWS certifications and focuses his energy around IaaS uses for small and medium sized enterprises.

Wednesday August 19, 2015 10:25am - 11:15am PDT
Redwood

DevOps Experience Level - Intermediate LinuxCon

11:25am PDT

License Compliance Best Practices For Engineering and Legal - Dave Mckenzie, SanDisk & Lisa LaForge, San Disk

Compliance Best Practices for Engineering and Legal (McKenzie & LaForge). In this presentation, Lisa LaForge and David McKenzie will discuss the barriers to successful project collaboration between Engineering and Legal, and provide practical advice on overcoming challenges such as how to improve communication and make compliance easier for engineering. McKenzie, a licensed patent attorney, will also explain recent developments in software patentability arising out of Supreme Court decisions such as Alice Corp. which may have an impact on software development and FOSS.

Speakers

Lisa LaForge

Director, Legal and Chair, OSSC, SanDisk Corp

Lisa LaForge chairs SanDisk’s Open Source Steering Committee and practices in the area of commercial law. She has a JD from Santa Clara University and holds two privacy certifications from IAPP. She regularly speaks on FOSS, gender diversity and technology.

Dave Mckenzie

Dave McKenzie, director at SanDisk, is an active member of its Open Source Working Group. An experienced software engineer, he joined SanDisk’s IP Law Group in 2014 as a patent attorney. Dave is admitted to practice before the state and federal courts of Utah and the US PTO, and... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Cedar

Business Experience Level - Intermediate LinuxCon

11:25am PDT

Solving Global Scalability Needs with NoSQL - Heather McKelvey, Basho Technologies

Companies today struggle to manage the types and volume of data their customers and employees generate and use every day. To stay competitive, businesses must ensure their customers have a seamless experience and are able to access data anytime, anywhere. With billions of requests daily and data spread across geographies, complications can arise due to fluctuations in traffic and operational consistency can be elusive.

NoSQL solutions are able to offer high availability at massive scale and with a variety of data types that traditional databases cannot handle. In this session, Heather McKelvey, VP of Engineering at Basho Technologies, will explore how distributed NoSQL solutions can provide organizations with the consistency and availability necessary to succeed in today’s world of on-demand data, while also bringing operational simplicity to these complex data sets.

Speakers

Heather McKelvey

Vice President of Engineering, Basho Technologies

Heather McKelvey is Basho Technologies Vice President of Engineering and has more than 20 years of experience leading and managing enterprise software teams. Most recently, she was the CTO and SVP of engineering at GoGrid, where she led architecture and development of cloud services... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

11:25am PDT

Extending CI/CD in Operations using LXC and Chef - Ranjib Dey, PagerDuty

Chef is a popular configuration management system used for system automation, that promotes the idea of infrastructure as code. In this presentation I'll walk through how we are using LXC to perform integration testing of our entire infrastructure automation code base, and then re-using the build/test artifacts to compose developer workstation. I'll be covering a) current state of chef-lxc integration and how we are using it, b) how our build-ci infrastructure was extended to build and test our chef/automation code base using LXC, and c) how the test artifacts are served via traditional debain repos to build developer workstations (i.e. the LXC rootfs packaging gears)

Speakers

Ranjib Dey

I work as an operations engineer at PagerDuty, a hosted alert dispatch service.Along with rest of the operations team, I to design, deploy and maintain systems that can withstand major outages. In past, I have worked at Google, ThoughtWorks etc and built container based private build/CI... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Aspen

CloudOpen Experience Level - Intermediate Operations

11:25am PDT

Be a Microservices Hero - Dragos Dascalita Haut, Adobe

Understanding how to run Microservices at scale is becoming a key success factor for organisations. Mesos makes it easy to deploy robust architectures in the Cloud. Today's technologies offer simple solutions to create RESTfull services, containerize them and deploy them in Mesos but is this the best way to expose Microservices ?

As the number of Microservices increase the inter-communication between them becomes more complicated, and we soon realize we have new questions awaiting our answers: how do Microservices authenticate ? how to monitor who's using their APIs ? how to protect them from attacks ? how to set throttling and rate limiting rules across a cluster ? How to control which service allows public access and which one is private ?

Come and learn a scalable architecture to manage Microservices in Mesos by integrating an API Management layer inside your Mesos clusters.

Speakers

Dragos Dascalita Haut

Project Lead, Adobe I/O, Adobe Systems, Inc.

Dragos Dascalita Haut is working as Project Lead for Adobe I/O, working with his team in Romania, India and his hometown San Jose on scaling Adobe’s APIs using a distributed serverless platform. Dragos prefers dynamic programming languages over static ones, dogs over cats, and like... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Developer

11:25am PDT

Beyond Port Mapping: Real Networking for Containers - Rohan Singh, Spotify

One of the last ways that containers still tend to be inferior to VM's is networking. The usual model of port mapping, iptables and proxies is both more complicated and less useful than having containers be first-class citizens on your network.

Imagine giving your containers real IP addresses that can be reached from anywhere and any host, without caring about port mappings or what host a container is running on.

In this talk, Rohan Singh will show several methods for making this a reality from a developer's perspective — starting with a primer in networking for developers and culminating in the how, why, and why nots of IP over UDP, BGP, VPC's and some other acronyms. Also expect a look into Spotify's network, with containers and uncontainerized services speaking to each other across physical machines in our own data centers, EC2 instances, Google Cloud VM's and developer laptops.

Speakers

Rohan Singh

Lead Infrastructure Engineer, Hustle Inc

Rohan Singh is an infrastructure lead at Hustle, a texting platform used by political campaigns and non-profits to reach voters & volunteers. In the past, he was a core contributor to Spotify's containerization efforts and its open-source container orchestration framework (Helios... Read More →

network md

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Developer

11:25am PDT

Containing RDMA and High-Performance Computing - Liran Liss, Mellanox

Remote Direct Memory Access (RDMA) technology allows applications to conduct GB-size memory transfers across a cluster with negligible CPU utilization, and exchange messages at sub micro-second latencies. Consequently, RDMA is a core enabler for High-Performance Computing (HPC), big data analytics, and storage. To provide this degree of performance, RDMA NICs expose the transport resources directly to user applications; the OS kernel is not involved in the data path. Yet, containing applications that directly access RDMA resources is feasible.

In this session, we describe how RDMA technology is made available for contained applications. Specifically, we describe how RDMA services are bound to network namespaces, and how to control the usage of the bounded HW resources and provide isolation between containers. Various configuration options would be covered, for both Ethernet and Infiniband networks. The introduction of container support for RDMA paves the way for a new class of high-performance applications, that leverage both the scale and agility of containers and the extreme performance of RDMA.

Speakers

Liran Liss

Dr. Liran Liss has served as Mellanox’s senior principal architect since April 2015 and has led the advanced development and research team since 2011. Prior to 2011, Dr. Liss served as a principal architect for multiple diverse projects within Mellanox. Dr. Liss has co-authored... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Grand Ballroom B

ContainerCon Experience Level - Intermediate Operations

11:25am PDT

Pushing the Limits of Kernel Networking - Alexander Duyck, Red Hat

As network speeds continue to increase from 10Gb/s, to 40Gb/s, and very soon to 100Gb/s the rate at which packets can be transported increases putting pressure on the kernel to drive ever faster packet rates. This talk will cover what we currently know about the limits of the Linux kernel in terms of small packet networking performance, ongoing efforts to push those limits further, and a number of tips and tricks to get the most out of the kernel networking stack.

Speakers

Alexander Duyck

Senior Software Engineer, Red Hat

Alexander is a Senior Software Engineer at Red Hat where he works on supporting and enabling new features and improving performance within the Linux kernel network stack. Prior to joining Red Hat he worked at Intel as a Network Software Engineer developing and maintaining the wired... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Grand Ballroom C

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

11:25am PDT

The RT patch - What Needs to Be Done to Get it Into Mainline - Steven Rostedt, Red Hat

The Real Time patch (RT patch or PREEMPT_RT), has been maintained out of the Linux kernel tree since late 2004. It is the longest and largest patch set to be kept out of the tree and still widely used. A lot of the patch has made it into mainline (mutex code, priority inheritance futexes, ftrace, lockdep, hrtimers, generic interrupts, threaded irqs, Real Time scheduler, etc). The RT patch had so much influence on mainline, that new code for Real Time can now be directly added to mainline (for example: NO_HZ_FULL and the DEADLINE scheduler), but there is still a lot more that needs to go into mainline to make it a true RTOS. This talk will explain what those features are and what is holding it up from getting in. Some of it is technical and some of it is political. Both of these types of issues will be discussed.

Speakers

Steven Rostedt

Principal Software Engineer, Red Hat Inc

Steven Rostedt works for Red Hat and is the main developer for their Real Time kernel. Steven is the maintainer of the Real-Time stable releases. He works upstream mainly developing and maintaining ftrace (the official tracer of the Linux kernel). He also maintains trace-cmd and kernelshark... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Willow B

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

11:25am PDT

Turtles All The Way: Running Linux on Open Hardware - Rob Landley

Patent expiration makes old technologies, such as the SuperH processor, interesting again. The last patent on sh2 (used in the Sega Saturn) expired in october 2014, and the last sh4 (dreamcast) patent expires in 2016. This lets us leverage existing kernel, toolchain, and userspace support on now royalty-free hardware.

We've implemented a cleanroom sh2-compatible processor design called "j2" with basic peripherals (serial, ethernet, mmc) in an FPGA, booted current Linux on it using existing open source toolchains, and released the VHDL under a BSD license. (For our next trick we're adding SMP support and a dozen DSPs, and manufacturing some ASIC versions.)

Our current website (and this demo) walks you through building/installing it on an s6 microboard (about $90 retail), but we're kickstarting a cheaper and more powerful FPGA in a raspberry PI 2 form factor.

Speakers

Rob Landley

Hobbyist & Geek, Hobbyist

I've been doing Linux for 20 years now. I maintain toybox and mkroot. I used to maintain busybox and the linux kernel Documentation directory and website. I wrote the initramfs documentation. I started the first GPL enforcement lawsuits, and created the 0BSD license to make up for... Read More →

Wednesday August 19, 2015 11:25am - 12:15pm PDT
Diamond

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

2:00pm PDT

A Comparative Analysis of Open Source Development Models - Joe Gordon, Pinterest

Managing an open source project with a small handful of developers is easy. But what happens when your project grows in popularity and you need to scale out your development model and tooling? Many projects have successfully made this leap with very different development models and tooling, so what is right for you? This talk will cover the development models of large projects such as the Linux Kernel, Apache Software Foundation, Debian and OpenStack, what worked, what didn’t and what other projects can learn.

Speakers

Joe Gordon

Joe Gordon is an SRE at Pinterest, where he works on search and performance.. Before that He spent the last 4 years working full time on the open source project, OpenStack. Where he focused on improving quality. He has spoken at, and co-chaired at OpenStack summits. And has given... Read More →

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Cedar

Business Experience Level - Intermediate LinuxCon

2:00pm PDT

Understanding Distributed Databases - Florian Drescher, Crate.IO

Understanding Distributed Databases (Tom Kapanka, Crate.IO) - The single node backend is dead. A single instance of a database is no longer sufficiently available, resilient or elastic to cope with the quantities and changing requirements of data that modern applications demand.

To cope, developers take the 'traditional' database they began with and layer other technologies such as document stores and better search. This solves their requirements but creates brittle and complex series of interconnected parts that are hard to scale, upgrade and keep in sync.

We will look at current best practice techniques for solving the data persistence at scale issue. It will look at emergent technologies that aim to solve the problem in a more graceful and cohesive way. This includes our own open source solution and why we developed it as well as other open source options and how they function.

Speakers

Florian Drescher

Florian is a developer, trainer and DevOps engineer living and working in Los Angeles. He has more than 15 years of experience in consulting for various open-source technologies. Florian is specialised in configuration-management and automating Cloud deployments with Amazon and O... Read More →

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Ravenna

CloudOpen Developer Experience Level - Intermediate

2:00pm PDT

When Bad Things Happen To Good Disks AKA Disks Don't Have File Descriptors - Erik Riedel, EMC

This talk outlines some of the complexity challenges faced by devs (at their desks) and ops personnel (in the data centers, 6 months later) when trying to design for and then diagnose a widely distributed storage system subject to the slings & arrows of outrageous fortune. A modest sized system with 50 disks per node and 500 nodes has 25,000
disk drives; 30,000 file systems (when everything is working fine); 100 billion files; 1 million open file descriptors (when fine); 10 million hourly log messages (when fine, 1 billion when not). The layering in the Linux storage stack (sata, sas, ses, sg, sd, dm, lvm, fs, etc) is great when trying to find a creative solution to a single-node storage setup, but can be a real pain when trying to diagnose what is going wrong at these scales. We'll outline how we've attacked the problem so far, and where we still daily feel the pain.

Speakers

Erik Riedel

Sr Director, Engineering, Dell EMC

Erik Riedel is Senior Director, Technology & Architecture for Dell EMC, responsible for the hardware & platform software scale-out object storage. Erik has been involved in scalable object storage and open source since graduate school. Before Dell EMC (8 yrs), Erik worked at Seagate... Read More →

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Issaquah

CloudOpen Developer Experience Level - Intermediate

2:00pm PDT

Packer: Cloud Image Automation - Lance Albertson, OSUOSL

If you’re managing your own infrastructure, you always want to have a reliable, secure and simple way create and maintain cloud images. Packer is tool for creating virtual machine images in an identical way easily. It can be used to create images for a variety of cloud and virtualization platforms including OpenStack, AWS, Vagrant and Docker just to name a few. This session will cover the basics of how you can make an image using Packer including a live demo.

Speakers

Lance Albertson

Director, OSU Open Source Lab

Lance Albertson is the Director for the Oregon State University Open Source Lab (OSUOSL) and has been involved with the Gentoo Linux project as a developer and package maintainer since 2003. The OSUOSL provides hosting for more than 160 projects, including those of worldwide leaders... Read More →

packer pdf

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Aspen

CloudOpen Experience Level - Intermediate Operations

2:00pm PDT

Container Security - Daniel J. Walsh, Red Hat

This talk will cover all options currently used to Secure Docker Containers, as well as tools we are using to make containers more secure.

Talk will cover security differences between Isolated Services, VMs, Containers, services running on the system. It will delve into using Linux Kernel features to secure a container environment, including Linux Capabilities, Read/Only File Systems, SELinux, Device Node Cgroup, Namespaces, User Namespace, SECcomp, and ways to
manipulate these security measures.

Will also delve into tools used for Deep Container Introspection. How can I tell if my containers are up2date with all security fixes.

Speakers

Dan Walsh

Senior Distinguished Engineer, Red Hat

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Operations

2:00pm PDT

Managing Mesos, Docker, and Chronos with Puppet - Roger Ignazio, Puppet Labs & Niklas Nielsen, Mesosphere

A solid configuration management solution is key to any well-run, well-documented environment. Fortunately, Puppet can do more than just host-bound configuration. In this presentation, Roger will demonstrate how to build Docker images, deploy Apache Mesos clusters, and create scheduled jobs in Chronos, all without leaving the Puppet DSL.

This presentation will demonstrate how you can use Puppet for
* Deploying Mesos clusters on-premise and in the cloud
* Building Docker containers declaratively
* Creating Chronos jobs that make use of Docker containers

Speakers

Niklas Nielsen

Niklas Nielsen is an engineer at Mesosphere. He is a C++ hacker and is works on the Mesos core. Before joining Mesosphere he worked at Adobe on the Flash VM and Google V8, as well as a secret next-generation VM. He did his Master's thesis at Lawrence Livermore National Lab, working... Read More →

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Willow A

ContainerCon Experience Level - Intermediate Operations

2:00pm PDT

ACPI 6 and Linux - Rafael J. Wysocki, Intel

ACPI 6, released in April 2015, is the first major revision of the ACPI specification developed under the UEFI Forum umbrella and including contributions from Linux community members. It introduces support for persistent memory, support for hierarchical lower-power idle states of CPUs, CPU clusters and the whole system, an extension allowing C-style expressions to be used in the ACPI Source Language and more. Overall, changes made by it are likely to affect Linux in significant ways.

I will describe the new specification process used to produce ACPI 6 and how the Linux community was involved in it. I will outline the implementation of the ACPI support in the Linux kernel and explain how the new specification revision is going to be addressed by it. I will also discuss a few most important changes with respect to the previous revisions of ACPI and their possible impact on Linux.

Speakers

Rafael J. Wysocki

Software Engineer, Intel OTC

Rafael maintains the Linux kernel's core ACPI and power management code, including the core infrastructure for IO device PM, CPU PM and system suspend/hibernation. He works at Intel Open Source Technology Center as a Software Engineer focusing on the mainline Linux kernel. Rafael... Read More →

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Diamond

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

2:00pm PDT

How Servo renders the Web - Adenilson Cavalcanti, Samsung

Servo is a new prototype web browser layout engine written in Rust that was launched by Mozilla in 2012 with a new architecture to achieve high parallelism on components like layout and painting. The current supported CSS properties allow Servo to be mostly operational on static sites like Wikipedia and GitHub, with a surprisingly small code footprint.

The objective of this talk is to describe its architecture in high level, source code organization and how to get started hacking and contributing to Servo. The implementation of a visual CSS feature will be explained as also considerations about Servo future roadmap.

Wait, there is more: a quick introduction on Rust programming language to be able to understand the hands-on part of the presentation.

Speakers

Adenilson Cavalcanti

Staff Engineer, ARM

Adenilson has a wide variety of experience with different programming languages and operating systems. He has special interests in Web Engines, *nix and embedded and mobile devices, where he is always looking for new ideas and opportunities to use FOSS in new and innovative ways... Read More →

Wednesday August 19, 2015 2:00pm - 2:50pm PDT
Redwood

Developer Experience Level - Intermediate LinuxCon

3:00pm PDT

RDS-over-TCP: More Than Just Cluster IPC - Sowmini Varadhan, Oracle

The Reliable Datagram Socket (RDS) is a an attractive IPC model for Distributed Computing environments such as Clusters and Cloud datacenters because it is designed to be transport-independant (works transparently over both InfiniBand and ethernet), fully scalable (N nodes can be a fully connected mesh with just O(N) connections instead of N * N TCP
connections) and accesible via a simple POSIX based API.

RDS implements layered kernel sockets that tunnels payloads over TCP, and has parallels with other Cloud encaps methods like VXLANand has potential to share common socket abstractions. RDS over TCP is currently available in Linux and we are currently considering extensions such as QoS to this feature.

The objective of this proposal is to give some exposure to what RDS-TCP supports today, and stimulate some discussion getting some common shareable abstractions.

Speakers

Sowmini Varadhan

Consulting Software Engineer, Oracle Corp

Sowmini Varadhan is a Consulting Software Engineer in thenMainline Linux Kernel Group at Oracle Corp. where she worksnon projects spanning Kernel Networking, Distributed Computing, and Performance.nSowmini's background includes core contributions to multiplennetwork-stacks ranging... Read More →

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Aspen

CloudOpen Developer Experience Level - Intermediate

3:00pm PDT

The Chicken or the Egg? Cloud, Open Source and the Theory of Evolution - Jeff Borek, IBM & Andrew Hately, IBM

The power of open source communities has enabled rapid innovation, and developers are creating a new generation of Cloud Native applications built on open source platforms – using a mix of Cloud Foundry, OpenStack, Docker, and Linux as base technologies. We'll cover the evolution of the open source communities that are enabling the industry to build an Open Cloud and pursue Software-Defined everything. This includes an overview of the recently launched Open Container Initiative and Cloud Native Computing Foundation.
We will also include the lessons our customers have learned as we work with them on building next-generation cloud-based applications on top of a continuously integrated, continuously delivered DevOps pipeline. Through real-world examples we will showcase the value of building on an open source, open technology foundation. Time permitting, this session will include a moderated debate on which came first? The chicken, the egg, open source or the Cloud.

Speakers

Jeff Borek

WW Program Dir, Open Tech & Partnerships, IBM

Jeffrey Borek, WW Program Director, IBM - is a senior technology and communications executive with over twenty years of leadership and technical experience in the Software, Telecommunications, and Information Technology/Consulting industries. He is currently the ecosystem development... Read More →

Andrew Hately

CTO Cloud Architecture, IBM

Andrew Hately is an IBM Distinguished Engineer and CTO of IBM Cloud Architecture. He’s currently working to define IBM’s Open Cloud architecture strategy using Docker, OpenStack, and CloudFoundry. Andrew also leads a team of open source developers, encouraging them to build... Read More →

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Jefferson

CloudOpen DevOps Experience Level - Intermediate

3:00pm PDT

OpenStack vs. Ganeti - Lance Albertson, OSUOSL

OpenStack has gained a lot of prominence in the cloud ecosystem, but it can be a difficult platform to setup and maintain. Ganeti is software developed at Google which can be used to manage physical hardware in order to host virtualization workloads.

This presentation will cover the primary differences between the two platforms including a summary of how each are implemented and their history. This session will also discuss many of the pros and cons of each platform and best practices for both platforms.

At the OSU Open Source Lab, we have been long time users and promoters of Ganeti since 2009. It’s enabled the lab to better serve its FOSS hosting activities in a stable yet easy to use manner. Over the past year we have been also building and using OpenStack clusters to fill other computing needs that Ganeti doesn't fill very well such as elastic computing needs.

Speakers

Lance Albertson

Director, OSU Open Source Lab

openstack vs ganeti pdf

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Issaquah

CloudOpen Experience Level - Intermediate Operations

3:00pm PDT

Docker: Develop and Deploy - Ryan Jarvinen, Red Hat

Learn how to use Docker to develop, build, and deploy complex web services with ease. We'll start off with a general introduction to Docker, reviewing project changes and advancements over the last year. Then, we'll cover best-practices for hosting and deploying docker using open source tools like kubernetes and OpenShift.

We’ll cover “Dockerizing your Applications”, “Replication and Healing with Kubernetes” and, “Building & Shipping w/ OpenShiftV3

Speakers

Ryan Jarvinen

Developer Advocate, Red Hat

Docker Develop and Deploy Linuxcon2015 pdf

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Willow A

ContainerCon Developer Experience Level - Intermediate

3:00pm PDT

Container Security - Past, Present & Future - Serge Hallyn, Canonical

BSD jails, Solaris zones, linux-vserver, and Virtuozzo each define a
jail, zone, or container as a distinct thing which the kernel
uses to isolate a OS level virtualization server. In contrast, modern
Linux containers are based on a number of supporting kernel features,
none of which actually know what a container is. It is up to userspace
to coordinate the use of these features to present container
functionality to the user. Consequently, it is also up to userspace
to do provide the proper "isolation" - in other words, container security.

Linux container security has gone through a few stages. Originally, the
only features available were the first few namespaces themselves and Linux Security Modules (LSMs). Today, user namespaces provide terrific container
isolation. Looking ahead, we expect to use new features in hardware
to protect the kernel from kernel 0-days exp

Speakers

Serge Hallyn

Canonical

Serge Hallyn works for Canonical as a member of the Ubuntu Server team, with a particular focus on the virtualization stack. He has been involved with containers since the first upstream kernel patches for uts and pid namespaces. He was involved with LSM from the start, is listed... Read More →

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Grand Ballroom D

ContainerCon Experience Level - Intermediate Developer

3:00pm PDT

What Does Kubernetes Get Me - Eric Paris, Red Hat

Kubernetes is a new docker container orchestration project being led by Google and Red Hat. For many years Google has run their datacenter, clustering, and orchestration capabilitie with the equivalent of what we all now call containers. As the docker container ecosystem grew Google realized that they could bring their knowledge managing containers at the largest scales, Red Hat could bring their knowledge of datacenter operations across many organizations, and working together in the open source community we could create a better container management solution than anyone alone.

This talk will cover what Kubernetes is, what it hopes to one day accomplish, and what choices it forces on application authors. It will cover the patterns which Kubernetes simplifies and cover some concepts that are just not possible when using Kubernetes.

https://github.com/GoogleCloudPlatform/kubernetes

Speakers

Eric Paris

Software Engineer, Red Hat

Eric is a hacker recently returned to the fold. He is still the Linux kernel maintainer for SELinux, audit, filesystem notification and other minor areas. He worked for a time as a manager at Red Hat but has been released to once again accomplish useful work leading the effort developing... Read More →

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Developer

3:00pm PDT

Topics of Interest from the MM summit - Sasha Levin

The MM summit, held as part of the larger LSF/MM summit gathers the leading memory management developers to get down to the bits and bytes of burning issues and solve them by having a discussion in a forum of other memory management hackers. As Jon Corbet puts it: "The LSF/MM Summit is arguably the most severely technical event on many kernel developers' schedules."

This presentation will cover the highlights of the discussions in the summit, and will summarize their aftermath both on the mailing list and upstream. It will also provide insight into various topics by expanding on various "extended hallway track" sessions that happened during the summit.

Speakers

Sasha Levin

Kernel Engineer, NVIDIA

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Grand Ballroom C

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

3:00pm PDT

Using seccomp to Limit the Kernel Attack Surface - Michael Kerrisk

The seccomp (secure computing) facility is a means to limit the set of system calls a program may make. Starting from humble beginnings in Linux 2.6.12, seccomp has evolved to the point where it can be used to select exactly which system calls are permitted and to restrict the arguments that may be passed to those system calls. System call filtering is achieved by writing BPF programs--programs written for a small in-kernel virtual machine that is able to examine system call numbers and arguments. Seccomp applications include sandboxing and failure-mode testing, and seccomp is by now used in a number of web browsers, container systems such as Docker, and elsewhere. In this session, we'll look briefly at the history of seccomp before going on to examine the BPF virtual machine and some practical examples of filtering programs that restrict the set of permitted system calls.

Speakers

Michael Kerrisk

Trainer/consultant, man7.org Training and Consulting

limiting kernel attack surface with seccomp LPC 2015 Kerrisk pdf

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Willow B

Developer Experience Level - Intermediate Linux Plumbers Conference LinuxCon

3:00pm PDT

The Internet of Things Runs on Linux - Steve Burr, wot.io

As the Linux operations stack continues to mature, IoT applications are pushing massive amounts of data, with more devices coming online every day. wotio uses Linux tools to build and extend our IoT data exchange to manage this wave of data. This talk will describe how technologies like docker, docker-machine, and openstack combine to allow us to deploy and scale a large number of data services on-demand for IoT applications.

Speakers

Steve Burr

Steve Burr, is Engineering Manager at wot.io. He is a senior technologist with nearly 20 years of experience in designing, developing, and positioning scalable technical solutions across a range of industries.Steve is widely respected as a hands-on leader and creative solution provider... Read More →

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Cedar

Experience Level - Intermediate LinuxCon Operations

3:00pm PDT

SCST, a SCSI Target Framework - Bart Van Assche, SanDisk

SCST is an advanced SCSI target software stack for Linux systems. The SCST software allows to transform a commodity server into a high-end Storage Area Network (SAN). SCST supports multiple SCSI protocols (iSCSI, FC, FCoE, SRP, iSER, ...), multiple local storage interfaces (SCSI pass-through, block I/O and file I/O) and also storage drivers implemented in user-space via the scst_user driver. It is the basis of several other open source projects, e.g. Openfiler and Enterprise Storage OS. During this talk it will be explained why this project is useful, how to use it and which new features have been added recently. Additionally, more information will be provided about support in SCST for scsi-mq and also about the initiative to evolve towards a single Linux SCSI target stack.

Speakers

Bart Van Assche

Technologist, Western Digital

Bart Van Assche obtained a Ph.D. in distributed computing. He works for Western Digital on improving support for their products in the Linux kernel. Bart is the maintainer of the SRP initiator driver in the Linux kernel and is an active contributor to the Linux block layer, the Linux... Read More →

Wednesday August 19, 2015 3:00pm - 3:50pm PDT
Ballard

Wildcard LinuxCon Experience Level - Intermediate

4:00pm PDT

A Financial Services Use Case: Production-Grade Open Source Cloud and Everything Else - Jason Nerothin, Gigaspaces

These days with the incredible diversity and quality of open source tooling it IS possible to leverage this technology to achieve multi-cloud orchestration from the infrastructure through the application level. This presentation will demo a real life use case of a major bank that has combined diverse open source technology – from the cloud of choice - OpenStack, through its CM with SaltStack, orchestration with Cloudify, Git & Nexus as repos, with Jenkins CI– to build enterprise-grade cloud deployments with full automation and management. These tools combined have enabled a complete CI/CD process, all the way through post-deployment. This presentation will demo how this model has been used to improve agility and time to market through the entire application lifecycle – all the way through event and monitoring driven auto-scaling and auto-healing based on TOSCA.

Speakers

Uri Cohen

GigaSpaces, Cloudify

Uri leads the Cloudify product and marketing team at GigaSpaces, and is interested in everything cloud, scalability and devops. He’s a spare time coder and proud father of 4. During the weekend, Uri masquerades as an all-mountain and occasionally downhill bicycle rider, trying his... Read More →

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Jefferson

CloudOpen Developer Experience Level - Intermediate

4:00pm PDT

Dude, Where's My Data? Persistence with Docker - Kendrick Coleman, EMC Code

While most microservices discussions have centered around stateless apps, this trend fragments the data world and container world. Hear about the projects that EMC Code is bringing to the Docker ecosystem to enable persistent data use-cases in a container-centric world.

Speakers

Kendrick Coleman

Kendrick Coleman is a reformed sysadmin/virtualization/cloud junkie turned coder and awaits to tackle ideas with Ruby or Javascript. In his daily role a developer advocate for EMC {code,} he works with a team to focus and publish all things open source.

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Grand Ballroom B

ContainerCon Developer Experience Level - Intermediate

4:00pm PDT

Goplane: Open Source BUM-less Networking for Large Scale Docker Deployment - Soramichi Akiyama, NTT

Docker is widely used to isolate tenants in DCs, and VxLAN enables large scale docker deployment. However, VxLAN suffers from BUM packets resulting in heavy CPU load for packet replication and NW congestion. Replication is avoidable by IP multicasting or Nicira service node, but the former has no help on network congestion and the latter broadcasts ARP packets. Cisco's floodless mode suppresses ARP broadcasting, but it relies on a vendor-specific ToR. We propose our OSS, Goplane (osrg/goplane in Github), that uses software BGP (GoBGP) and OVS. Containers' IP, Mac, and VNI are exchanged by BGP when they boot, and the OVS in each host is configured to send packets to the best VxLAN tunnel chosen by BGP path selection. ARPs are never sent out because the OVSes know all IP/Mac mappings. Complex overlay topologies can be built on any IP network as the only thing we require is IP reachability.

Speakers

Soramichi Akiyama

Researcher, NTT Software Innovation Center

Soramichi Akiyama is a researcher at Nippon Telegraph and Telephone (NTT), Japan since 2015. Before joining NTT, he had been working on data center energy efficiency by means of accelerating virtual machine live migration and received a Ph.D. from The University of Tokyo, Japan. While... Read More →

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Grand Ballroom D

ContainerCon Developer Experience Level - Intermediate

4:00pm PDT

From Network Namespace to Fabric Overlays - Eugene Yakubovich, CoreOS

Application containers greatly simplify application deployment but the networking provides a unique set of challenges. Many container networking approaches are either slow or difficult to configure.
This talk will explore how container runtimes like rkt can set up a private network stack for an application to isolate it from its neighbors. We will then look at how a plugin based architecture can provide a flexible path to interop with existing network virtualization techniques. Finally, we will cover one such virtualization solution -- flannel -- to demonstrate how overlays over existing IP networks can create a container network fabric.

Speakers

Eugene Yakubovich

CoreOS

Eugene Yakubovich is a software engineer at CoreOS. Eugene is working on making app containers stay more connected. As a maintainer of flannel, a overlay network for containers, he strives to bring order to the chaos of virtual networking. Prior to joining CoreOS, Eugene worked in... Read More →

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Cirrus

ContainerCon Experience Level - Intermediate Developer

4:00pm PDT

Towards a Standard Model of Open Computing - Adam Jollans, IBM

Open Computing has accelerated rapidly recently, growing beyond its initial successes of open standards and open source with many new entrants, from open clouds to open hardware.

Taking as its inspiration the Standard Model of Particle Physics, this presentation aims to provide a unified view of the fundamental building blocks of open computing, from top to bottom of the stack.

It will discuss which open source projects have mass, which have charm, and which have spin - and where the exclusion principle applies to similar projects. It will also review the strong and weak forces bringing projects together - and where the uncertainty principle is important.

Finally, the presentation will suggest gaps where open source opportunities are waiting to be discovered, and the unknown areas at the boundaries which don't currently fit into a standard model of open computing.

Speakers

Adam Jollans

Linux Strategy Manager, IBM

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Redwood

DevOps LinuxCon Experience Level - Intermediate

4:00pm PDT

Architectural Choice in NFV Infrastructure - Maximum Flexibility with Optimal Performance and Cost - Joe Kidder, Enea

This talk will discuss the advantages of a rich, mixed architecture for delivering a compelling NFV virtualization infrastructure. It will discuss the challenges of bringing support for ARM architectures, both CPU and system level, up to a similar level as that enjoyed by the x86 community. The talk will address software approaches that maximize application portability across both CPU-rich and accelerator-rich system architectures, in order to improve network function application accessibility across a wider variety of underlying hardware. Lastly, the talk will address the ability to match workloads with both capable and appropriate infrastructure to provide maximum deployment flexibility while delivering optimal performance characteristics.

Speakers

Joe Kidder

Director Middleware, Enea

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Cedar

Experience Level - Intermediate LinuxCon Operations

4:00pm PDT

MySQL Security in a Cloudy World - Dave Stokes, Oracle

MySQL is the most popular database on the web and part of the LAMP stack. But security can be a hit or miss affair with passwords kept in dot files or Bash variables, and other passwords in configuration files. Plus the default MySQL authentication system is, to be nice, a little too promiscuous. This session will cover the five major vulnerability points of a MySQL installation, how to buttress them against attack or stupidity, and how recent changes in the server product line provide 'secure by default' installation. In this era of containerized or virtualized database instances, it is too easy to leave holes open for attackers. So come learn how to secure your MySQL instances is this fast paced, funny session.

Speakers

Dave Stokes

MySQL Community Manager, Oracle

Dave Stokes is a MySQL Community Manager for Oracle Corporation and travels extensively to promote MySQL, speaking over thirty times each year for the past several years. He is also the author of MySQL & JSON - A Practical Programming Guide which is a guide for those wishing to take... Read More →

Wednesday August 19, 2015 4:00pm - 4:50pm PDT
Ballard

Wildcard LinuxCon Experience Level - Intermediate