GlueCon 2017 Session Descriptions
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
Still loading...
Day 1 - Wednesday, May 24, 2017
7:30a - 5:00pRegistration Open
7:30a - 8:30aDanishes and Coffee
8:30a - 8:45aOpening Remarks - Eric Norlin
8:45a - 9:15aKeynote: Taking Kubernetes Mainstream: What Will it Take to Grow Users by 10x? Joe Beda and Craig McLuckie, Heptio - - Kubernetes has taken the container world by storm and is a strong platform for orchestration and sustainable management of container based applications. During this session we will talk about some opportunities we see to make Kubernetes accessible to more general developer audiences, drive relevance for new classes of workload, and provide even more value to the overall developer community. We will talk about the set of simple abstractions necessary to unlock value for new classes of users experiencing Kubernetes for the first time, delve into the complex topic of application configuration management, and discuss the value of a stable base with robust extensibility points as necessary to the growth of the community. We will also take the time to review the emerging needs of operators building and running 'internally multi-tenant' clusters and cluster hosted services in larger organizations.
9:15a -9:45aKeynote:
9:45a -10:15aKeynote: Catherine Hoke, Defy Ventures
10:15a -10:30aMorning Break
10:45a - 11:00aKeynote: Your Content Strategy is Not About Marketing - Lorinda Brandon, Capital One DevExchange - - Happily, we're emerging from the crazy days of content farms but that doesn't mean content marketing is dead. In fact, it has taken a healthy pivot that is much more knowledge-focused and community-oriented. Let's talk about what developers want to read about and, more importantly, what they want to write about.... and how to make that all happen.
Breakout 1Breakout 2Breakout 3Breakout 4 (Spruce)Breakout 5 (Fir)Breakout 6 (Birch)
13 A Node.js Application Framework for Building Command Line Programs, Microservices, and REST APIs -- Will Shulman, mLabUsing Concurrency Kit to Develop Performant Concurrent Software: A Tour of the Tools and Techniques Samy Bahra, BacktraceThe Ansible Container Project: Lessons for Doing Containers as Part of the SDLC Joshua Ginsburg, Chief Architect, Redhat Ansible Containers offer unparalleled potential for more scalable, reliable, and secure services, however adoption has been slow, in no small part because the majority of the tools and techniques we’ve developed over the last 30 years simply aren’t useful in a containerized ecosystem. Ansible has taken the automation landscape by storm precisely because it’s so universally adaptable, and the Ansible Container project has brought the power of Ansible tools and experience to the container world. In this talk, we introduce Ansible Container, and how it uniquely offers building and running containers using the simple, powerful, and agentless software development lifecycle Ansible Core delivered to the rest of IT.Kubernetes in the Wild: Building a Content Delivery Network on Kubernetes -- Daniel Bartholomew,
12:00p -1:00pLunch
1:00p -1:30pNetworking with Exhibitors
Afternoon Tracks and Workshops
Track 1: APIsTrack 2: From Bare Metal to Containers to ServerlessTrack 3: Testing, Monitoring and AnalyticsBreakout 4Breakout 5Breakout 6
1:30p -1:45pHacking on Internet Connected Hardware: A Workshop for Building Several Internet Connected Projects Taron Foxworth, Losant - - In this workshop you’ll learn about circuits, sensors, and internet-connected hardware. This workshop provides all of the hardware, software, and instructions needed to build several simple connected IoT apps. All attendees get to keep the hardware, which includes a WiFi microcontroller and other hardware components.
1:45p -2:15pAnnouncing A New Resource for Extending & Leveraging the Power & Flexibility of Cloud-init Aaron Welch, Packet - - Cloud-init is one of the most ubiquitous tools for getting your cloud infrastructure from "here" to "there", but there are a number of powerful and flexible features that are underutilized which can dramatically improve the usefulness of cloud-init. There are also some limitations to it, for example, where do you store your user-data, much less revision or run tests against it? Currently there is no great solution. Enter - a community resource that provides a repository for all your custom user-data as well as a resource for community projects and platforms to publish "official" user-data to bootstrap their software via cloud-init. Making everything easier, from a simple bootstrapping of your chef client to deploying a full-blown Mesosphere / DCOS cluster, come see what the missing piece of the cloud-int puzzle can do, and do for you.
2:15p -2:45pExactly the Same but Completely Different: Rebuilding a Public API - Erin McKean - - How do you update an existing API and add new features without (too much) trauma? In this talk you'll learn how Wordnik updated its public API (which has more than 20000 registered developers) with a completely new architecture, new data and new endpoints, while trying to open-source as much of the code as possible along the way. Come learn from our mistakes!Architecting Modern, Data-driven Applications with Containers and Microservices Jon Gray, Cask - - Building and running production applications on Hadoop is often a difficult process filled with slow development cycles and painful production operations. In this talk, we will discuss how to design and deploy container-based, microservices-oriented architectures for big data, apply these architectural blueprints to common big data use cases such as data lakes and IoT, and reduce the time to production for modern data-driven applications. A Broader look at Architecting Fault-tolerance into Apps Adil Aijaz, Split - - In software architecture, failure is the rule, not the exception. The role of an architect is neither to manage the team, nor to write code on a day-to-day basis, rather it is to be the voice of risk mitigation in the organization. A successful architect will help his or her team build systems that will gracefully handle failures. Most folks think of mitigating risk at an infrastructure layer: redundancy, failovers, active/active databases etc. I want to encourage architects to think of risk mitigation from the application perspective as well: how can we write our applications to be more graceful when failure happens? In this talk, I'll share two application level strategies for mitigating risk I learned from my time at LinkedIn. These are: Circuit Breaker: allows you to isolate failures in a microservices world. Controlled Rollout: allows you to manage failure by gradually ramping features from 0% to 100% of your customers.Hacking Alexa: Building and Deploying Alexa Skills
2:45p -3:15pCilium + BPF: Least Privilege Security on API Call Level for Microservices -- Thomas Graf, Covalent - - Security used to involve placing firewall appliances in the right place to protect the good from the evil. While software defined infrastructure has moved security functionality to every server, its principles haven’t changed much. Security is still based on IP addresses and port numbers. This effectiveness of this model has become questionable if the majority, if not all, of the network traffic is being sent over port 80 or 443. If a service makes an API call to another service, then all of the API surface has to be exposed to the calling service. This is against the security best practice of "principle of least privilege" and allows compromised services to make arbitrary API calls to other services. In this talk, we will walk through how the Cilium open source project leverages the kernel technology BPF to provide visibility into the API calls between services and how it can enforce security policies on application protocol level in a completely transparent manner.Scale Your Node Application, Skip the Infrastructure Matt Williams, Datadog - You don’t have to look far to find yet another article on scaling your NodeJS app to handle large numbers of users. But the techniques covered usually involve becoming an expert in deploying hardware or a guaranteed minimum outlay of cash to handle your expected load. But what if there were a way to scale almost infinitely without having to worry about the infrastructure to run any of it. Using platforms like AWS Lambda, Azure Functions, and IBM OpenWhisk, you can focus on providing scalable functionality in your NodeJS application without having to think about any of infrastructure details. In this session, Matt Williams will show you how to get started building a complex Node application on AWS Lambda from scratch. Starting with the standard CLI, we move to other frameworks like Node Lambda and Serverless to add more functionality to serve your users. We will consider some key architectural decisions that affect how the application is designed. And all the way along we look at ways to monitor the application to help find the bottlenecks. By the end of the session, you will be eager to start working on your next application on AWS LambdaDelivering Quality Code, Frequently Neil Manvar, Sauce Labs - - As web and mobile application software development increases in complexity, the frequency of testing is growing exponentially. This trend is leading to a competition between companies and their dev teams to see who can deliver the most quality product faster in today’s competitive business environment. Join Neil Manvar, Solutions Architect at Sauce Labs, as he outlines best practices for leveraging modern technologies to develop and test maintainable, quality code. Through his experiences, you will learn how to avoid change-related outages of your apps but adopting automated testing, continuous integration and open source tools.
3:15p -3:30p
3:30p - 3:45pAfternoon Break
Afternoon Tracks and Workshops, Continued
Track 1: APIsTrack 2: From Bare Metal to ServerlessTrack 3: Testing, Monitoring and AnalyticsBreakout 4Breakout 5Breakout 6
3:45p -4:15pSurviving Day 2 Ops: Real SREs Don't Run Quick Start Guides -- Rob Hirschfeld, RackNMy Evil Plan To Save The World... From a Suboptimal Programming Language Created in 1972 Andrew Kelley - - It's been 45 years since the C programming language first appeared, and we still depend on it today - even in high level code such as Node.js, Ruby, Python, and Java. But this language is fraught with peril. We see security vulnerabilities on a regular basis. And we haven't quite figured out how to replace it with languages such as C++, Go, and Rust. This session introduces a new challenger, Zig, and dives deep into what really happens on a system when you don't depend on C in order to do things like printing to stdout, multi-threading, and networking.Hacking Alexa: Building and Deploying Alexa Skills
4:15p -4:45pEmbracing Docker and Serverless in Enterprises -- Sathiya Shunmugasundaram and Gnani Daththreya, Capital One - - Docker is already in production in enterprises. Efforts are sincerely underway to containerize applications and vacate Data centers and move into cloud. With the sudden emergence and increased momentum of Serverless architectures, FUD (Fear/Uncertainty/Doubt) is inevitable. There is a rush and pressure to evaluate Serverless and start migrating. We strongly believe while Serverless is going to be in limelight, containers have their legacy set and will stay through. With practical use-cases, we will discuss why Serverless and Containers have to co-exist for enterprises and how they can complement each other to achieve the most important thing of solving business problems
4:45p - 5:00p
5:05p -5:35pKeynote: How to Build a Better Engineer -- Charity Majors, Honeycomb
6:00-7:30GlueCon Evening Reception and Networking with Exhibitors
7:30-10:30pHacking Alexa: Grab a beverage and come build (and deploy) Alexa Skills
Day 2 - Thursday, May 25, 2017
8:30a - 12:00pRegistration Open
8:30a -9:15aDanishes and Coffee
9:15:00Day 2 Begins - Eric Norlin
9:45-10:15amKeynote: Tim Wagner, AWS Lambda
10:30a - 10:45a Morning Break
10:45a - 11:00aKeynote:
11:00aPassport Prize Announcement
Breakout 1Breakout 2Breakout 3Breakout 4Breakout 5Breakout 6
11:20a - 11:50aBots: The Unspoken Challenge of Conversations - Rakia and Marcus FinleyWhen Feature Flags Go Bad:How Not to Have Feature Flags Be Used Incorrectly for Disastrous Results -- Edith Harbaugh, LaunchDarkly - - Feature flags are a valuable DevOps technique to deliver better, more reliable software faster. Feature flags can be used for both release management (dark launches, canary rollouts, betas) as well as long term control (entitlement management, user segmentation personalization). However, if not managed properly, feature flags can be very destructive technical debt. Feature flags need to be managed properly with visibility and control to both engineering and business users.Security for Cloud Native Applications ("Toto, we are not in Kansas anymore") -- Dimitri Stiliadis, Aporeto - "Cloud native" implies a more flexible and dynamic architecture for developing and delivering applications. While application development frameworks have advanced, new application security models have not kept pace. The result has been the extension of legacy security models into cloud-native environments, where the physical world is mapped one-to-one to the cloud world These approached do not scale and maintain the silos between development and security teams. Who hasn’t heard the story: “It works in dev, but it failed in production because of security rules.” In this talk, we will discuss three fundamental problems: First, how cloud deployments can become the catalyst for better security and simpler infrastructure. Second, how the right tools can provide the much-needed communication interface between developers and security for a shared-responsibility security model. Last but not least, we describe how some our open source efforts and specifically the Trireme project provide the first steps in this journey.
11:50a - 12:50p Lunch with Gluecon Exhibitors
12:50p - 1:15pNetworking with Gluecon Exhibitors
Breakout 1Breakout 2Breakout 3Breakout 4Breakout 5Breakout 6
1:15p - 1:45pThe Serverless Database - Chris Anderson, Fauna - - You’ve written a serverless app, and it feels great not to worry about irrelevant parts of your stack. But when it comes to your data, your’re either still provisioning databases the old-fashioned way, or you’ve moved to a cloud database that you still have to provision up front. You don’t have to accept these tradeoffs. In this talk, Chris Andrerson, Director of Developer Experience at Fauna and previously co-founder of Couchbase, will go into detail about a new generation of database that fits the pay-as-you-go serverless provisioning model and offers strong consistency with relational queries. We'll look at code using the Serverless framework and AWS Lambda, and how the database can provide fine grained access control.
1:50p - 2:20pDoes Your Opinion Matter? Spring Boot Doesn’t Think So Brian Mericle, Choice Hotels Over the last five to ten years, we have seen companies increase their obsession with DevOps and moving towards Continuous Integration, Delivery and Deployment. The business goals typically involve delivering products faster to market, realizing competitive advantage and reducing the cost of delivering software to production. The goals of IT usually involve increasing deployment quality, consistency and reliability while reducing error prone manual processes. One thing that developers can do to help facilitate this journey is to streamline their own processes. Spring Boot takes a very opinionated approach to software development. It takes the idea of “convention over configuration” to a new level. This talk dives into why this approach can be good and how it can increase your productivity while enabling your organization to be successful in their journey towards continuous deployment.Using Sagas to Maintain Data Consistency in a Microservice Architecture -- Chris Richardson - - The microservice architecture structures an application as a set of loosely coupled, collaborating services. Maintaining data consistency is challenging since each service has its own database to ensure loose coupling. To make matters worse, for a variety of reasons distributed transactions are not an option for modern applications. In this talk we describe an alternative transaction model known as a saga. You will learn about the benefits and drawbacks of using sagas. We describe how sagas are eventually consistent rather than ACID and what this means for developers. You will learn how to design and implement sagas in a Java application. Creating Docker-based Container Clusters with Clusterdock Pat Patterson, Streamsets - - clusterdock is a simple, Python-based framework for creating Docker-based container clusters. Unlike regular Docker containers, which tend to run single processes and then exit once the process terminates, these container clusters are characterized by the execution of an init process in daemon mode. As such, the containers act more like "fat containers" or "light VMs": entities with accessible IP addresses which emulate standalone hosts. In this session we’ll dissect clusterdock; you’ll learn how we use it to spin up a Hadoop cluster on a single VM in a few minutes, how it bootstraps itself from a shell script, and how it can be extended to support other distributed systems.
2:25p - 3:00pSteward, the Kubernetes-native Service Broker -- Gabe Monroy, Deis No application is an island. Most applications interact with a diverse set of services, not all of which run on a Kubernetes cluster. How do you manage access to both on and off cluster resources? Join Gabe Monroy, CTO of Deis, for a discussion about service catalogs, explicit service bindings, and how they can help you rationalize heterogeneous computing environments. We will end with a demo of Steward, the Kubernetes-native Service Broker.How Engineering Teams Can Get the Most from their Internal Power Users Jenny Farver, Civis AnalyticsSteam Punk: IoT and Containers are Hot Jayson DeLancey, GE Digital For over 2000 years, we’ve used boiling water to produce mechanical motion. A recent demo project demonstrates the process of taking a small miniature replica steam engine and using sensors to model, understand, and optimize how it works. A combination of sensors for heat, pressure, vibration, and motion allow us to create a digital representation of a physical machine and system. Adding edge computing we can run analytics and computation workloads where it makes the most sense.
3:00p - 3:15pAfternoon Break
Breakout 1Breakout 2Breakout 3
3:15p - 3:45pThe IoT Attack Surface: A Threat Model and Real-World Assessment -- David Lindner, nVisium - The Internet of Things (IoT) is not new terminology. However, the sheer amount of connected devices we have at home and at our businesses is growing exponentially and increasing the attack surface. Attacking and assessing IoT can easily lead us down a rabbit hole only to hit a wall on the other side. However we need to be extremely comprehensive in our methodology and not end up down that rabbit hole for too long. We're here to discuss the attack footprint of a typical IoT infrastructure, whether at home or at the office. We will discuss a threat model and verification of a real-world IoT assessment including every component from hardware, protocols, mobile applications and devices, web APIs, etc. We will discuss attack vectors, attack motivation, typical attack vectors, and common shortfalls in IoT systems. Join David as he walks through an assessment of an IoT system including a high level threat model and attack chain discussion.Services Assemble! Apply MVP Principles to Create Cutting-Edge Microservices Without Chaos with Spring Cloud/Netflix OSS -- Mark Heckler In this session, learn how to use proven patterns & open source software to rapidly build a robust portfolio of microservices that provide a solid foundation for your dynamic and growing microservice architecture. This session addresses vital points such as: * Configuration services * Microservice registration and discovery * Circuit breakers for graceful degradation * Load balancing and intelligent routing * Asynchronous messaging Additional topics discussed include logging & tracing, testing approaches, and migration patterns. The presenter will demonstrate how to develop & effectively manage microservices using OSS tools employed by Netflix to keep movies streaming globally 24x7.
3:50p - 4:20p
4:25p - 4:55pKeynote: Flying Dreams: Real-Time Communication from the Edge of Space -- Jonathan Barton, goMake
4:55p - 5:00pClosing Comments - GlueCon 2017 Ends