GlueCon 2016 Agenda with Session Descriptions
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
Day 1 - Wednesday, May 25, 2016
7:30-5:00pmRegistration Open
7:30-8:30amDanishes and Coffee
8:30-8:45amOpening Remarks - Eric Norlin
8:45-9:15Keynote: The Future of Cloud Technology -- Melody Meckfessel, Google - - - We are at the beginning of cloud technology and the migration away from self-managed data centers. Understand the challenges with the current infrastructure, and be part of defining the next phase of cloud and what it will bring to developer productivity.
9:15-9:45Keynote: Deploying and Managing Blockchain Applications -- Duncan Johnston-Watt, Cloudsoft - - - Blockchain technology has exploded on the business scene in the last few months notably with the establishment of the Hyperledger Project hosted by the Linux Foundation. We look at some of the challenges to its mainstream adoption then wrap up with a demo deploying and managing a Hyperledger Fabric cluster using Apache Brooklyn.
9:45-10:15Keynote: Conversational Commerce - Stewart Nickolas, IBM - - - Imagine not having to learn how to use an application, simply ask and receive. The face of applications are changing, is you're architecture ready for the change? We are evolving to a continuous information experience where the interaction model is immersive, experiential and multi-modal. Our environment is becoming aware of what we do, how we feel, how we sound and learning what we're interested in. We see the emergence of a conversational style of user interface (zero UI), which when coupled with ubiquitous instant messaging platforms are creating opportunities for companies to interact with their customers in new ways. Companies can now interact with their customers through conversational or natural language processing directly within context of their customers' digital lives.
10:15-10:30Morning Break
10:30-11:00Keynote: Inclusion is the Glue - Mary Scotton, Salesforce - - The lack of diversity in tech is one of the biggest challenges in our community. Inclusion is the key to solving it, but what does that really mean? How can each of us make a workplace, event, or community more inclusive? This talk is the start of an important conversation that will continue in the halls as we create a safe space for all genders, races, orientations, and abilities to share experiences and ask questions as we work together to create a stronger tech ecosystem.
Breakout 1Breakout 2Breakout 3Breakout 4 (Spruce)Breakout 5 (Fir)Breakout 6 (Birch)
11:05-12:00IoT Prototyping with Node.js and Firebase -- Jen Tong, Google - - - Everyone seems to be talking about the Internet of Things. From houseplants to ice machines, from fitness bracelets to fish tanks: It's all fair game. IoT hacking is a lot of fun, but it also brings new challenges for us web developers. Early validation of your idea is critical. In this talk Jen her favorite NodeBots for making one of something. This talk will include live electronics hacking, and live coding. Hacking Fitness with the MEAN Stack -- Daniel Egan and Jeremy Foster, Microsoft - - The MEAN stack is hyper-modern and hyper-awesome, and we're going to use it to implement one harmonious solution to hack your fitness!
We're calling this project WaterBug. It uses the MEAN stack along with a Raspberry Pi 2 and the awesome WaterRower machine to help you visualize and gamify your calorie burning efforts. It's kind of a blast actually. Watch two volunteers race head to head and see calories burn, paddles fly, and records fall.
It would not be at difficult for you to go home, download this project, and tweak it to apply to your own exercise machine of choice.
Continuous Delivery Made Easy with Spinnaker -
Dave Stenglein, Kenzan - - - Continuous delivery is challenging enough when you have a single environment
with a single cloud provider. Spinnaker is a platform for continuous delivery that uses a flexible, event-driven pipeline architecture combined with support for multiple cloud providers. The system was open-sourced by Netflix in 2015 and was built with contributions
from partners including Google, Microsoft, Pivotal and Kenzan. With its focus on pipelines, Spinnaker allows the entire software delivery process to be configured and run repeatably. The pipelines are event-driven and broken into user-configurable stages.
All of the functionality that Spinnaker offers -- a wide selection of stages that enable integration with source control, continuous integration, notification and image baking -- is driven through a modern front-end Angularjs application that uses a well-defined
REST api.

In this session we will describe the fundamentals of Spinnaker and its
approach to continuous delivery, followed by a demonstration of a delivery pipeline that takes one artifact through multiple environments across multiple cloud and container providers.
Understanding Quality of Service in Today’s Apps -- Theo Schlossnagle, Circonus - - Today’s apps have become more complex as they ride atop more distributed systems. Mapping QoS to the end user was never easy, but now the problem is dynamically more difficult. Establishing and measuring service level agreements between micro services, components and the end-user experience is now what’s required. In this talk I will discuss the problem and some approaches to wrestling it into submission.Cloud-Native Application Stacks (from Orchestrators to Monitoring): A Lightly-Opinionated Survey -- Peter Bourgon - - In this session, distributed systems and infrastructure
engineer Peter Bourgon will perform a broad survey of cloud-native
application architectures and stacks, highlighting popular open-source
software used at each level. Special attention paid to: container
operating systems, software defined networks, cluster schedulers,
service discovery systems, lock stores, tracing tools, and popular
application language runtimes and frameworks. Attendees will leave
with an understanding of the buzzwords, how they interact, and how to
make sense of the Hacker News front page for at least another couple
of weeks.
How to Properly Blame Things for Causing Latency: An Introduction to Distributed Tracing and Zipkin -- Adrian Cole - - As architectures decompose into smaller pieces, figuring out the root
cause of latency can become quite tricky. This session will review
distributed tracing tools that can be used in your production systems
to debug performance problems. While the focus is on OpenZipkin tools
in practice, we'll also discuss concepts surrounding it, including
Dapper and Distributed Context Propagation.
1:00-1:30Networking with Exhibitors
Afternoon Tracks and Workshops
Track 1: APIsTrack 2: Containers, Kernals and ServicesTrack 3: Distributed and ServerlessBreakout 4Breakout 5Breakout 6
1:30-1:45Moderator - Jeremy WhitlockModerator - John MinnihanUnite the Connected: Developing for the Trifecta - IoT device, Mobile App and Web App -- Rakia Finley and Marcus Finley - - The start of a developers project usually starts with the question “what are we building it on?”. Unite the Connected will discuss the capabilities and needs of building with all devices in mind to function as one. We’ll investigate how it looks when you build a mobile application, IOT Device and a web application to function under one need for the consumer and founder. We’ll also discuss the workflow changes that take place when building for a trifecta platform, the proper languages to utilize and the does and don’t around its project management. Threading in JavaScript - Jonathan Baker, SAP - - The talk is about the problems with JavaScript’s “single thread” architecture and asynchronous systems (like HTTP calls) that can result in race conditions. Programmers think that because JavaScript is “single threaded” they avoid all the threading problems. But, asynchronous calls to outside services break that model, and leave the programmer exposed. For example, making 2 or more calls to get JSON data from a server – when that data is related – can result in an web application that has partial data and is in an unbalanced state.

The solution? Using some of the tools that threading programmers utilize. Semaphore flags to highlight incomplete conditions, and Javascript methods that can “come back later” and check on data again when the state of data changes.

In the short time available, II will briefly highlight the problem, an offer a few possible solutions to put in the “toolbox”.
Deploying Multi-Tier Apps on Kubernetes: A Workshop - Jason Hanson, Deis - - You will learn how to deploy multi-tier applications (web app and the database) onto Kubernetes cluster with the help of Helm (Kubernetes Deployment Manager). Course will cover approaches to building apps in the context of Kubernetes, including labels and label selectors, service discovery, downward APIs, canary deploys, and rolling updates. Some familiarity with Kubernetes is recommended as this course will be hands-on, working with Google Container Engine.
1:45-2:15Applying Domain Driven Design to APIs and Microservices - James Higginbotham, LaunchAny - - How do I design a reusable API that meets developer and customer needs? How do I know that I have the right-sized microservices with the proper boundaries? Teams are excited about the prospects of building solutions with APIs and microservices. However, without a proper architectural view and design process the result is often a release of less-than-ideal API and microservice design that meets immediate needs but requires a complete redesign. This talk will demonstrate how systems design and domain-driven design can be used to create clear, well-designed, long-lasting APIs and microservices. Applying these principles will result in a cleaner API design, help identify API product and microservice boundaries, and identify new API product opportunities. The Once and Future Layer 5: Twitter-style Microservices at Scale with Finagle and linkerd -- Oliver Gould, Buoyant - - What is required to operate microservices at scale? Beyond containers, beyond schedulers, beyond Go libraries and RPC formats--what is actually required to turn hundreds of services, tens of thousands of machines, and millions of requests per second into a unified, performant, functional, and operable application? In this talk, we walk through the evolution of Twitter’s evolution from Ruby on rails monolith to JVM-based microservice, and we describe the surprising glue [see what I did there?] that held it all together: layer 5, the oft-overlooked “session layer”. We describe Finagle, the high-scale RPC library developed at Twitter and adopted by Pinterest, Soundcloud, ING Bank, and other companies, which allowed Twitter control over the session layer and unified its separate services into a consistent operational model. We introduce linkerd, an open-source proxy form of Finagle, which extends Finagle's operational model to non-JVM or polyglot microservices. Finally, we show how linkerd can be used to "wrap" applications running on schedulers like Kubernetes and Mesos to provide higher-level, service-based semantics around scalability, reliability, and fault-tolerance for microservices---even in the presence of unpredictable traffic volumes and unreliable hardware.Eliminating Glue With Magnetic Code - Eric Windisch, IOpipe - - - Event-driven computing ("serverless") and functional/lambda-based programming is enabling the development of a new class of applications. Importantly, this model allows developers to compose applications by automatically connecting highly-reusable code. Could this be the end of glue, or just the beginning? We'll cover how to build such apps and the open source tools and services that are enabling this future.
2:15-2:45How Definition Formats Are Enabling API Workflow -- Tony Tam, SwaggerHybrid DevOps Delivers Container Infrastructure -- Rob Hirschfeld, RackN - - Container infrastructure means not being tied to a single operating system, cloud or physical infrastructure. Using open source tooling, we can create automation that spans hybrid infrastructure. This portability puts the user back in control of their IT choice.
Why is this important? Today's Enterprise IT infrastructure is truly hybrid. Successful data centers are a mix of cloud, container and physical infrastructure both on-premises and off. Companies are adding not reducing variation so it's become essential to find a common, portable way to manage and all these platforms.
What are we discussing? We'll show reference hybrid deployments of container platforms (Kubernetes w/ Ansible and Docker Swarm w/ Chef) using the open Digital Rebar project and other open source automation tools. We'll talk about the principles (service oriented, composable and abstracted) that take current DevOps practices and make them multi-platform ready.

Even better, we'll show how the Digital Rebar architecture is itself containerized and microservice enabled. We're truly using containers all the way down!
How to Win the AWS Lambda Deployment War -- Cesar Nataren, MindTouch - - -As the server-less architecture, embodied in AWS Lambda, has demonstrated its value and effectiveness for creating message driven systems that scale horizontally without the server management overhead, its adoption has soared but not without pains. The configuration, deployment, and security in the context of AWS Lambda is still a challenge and on this talk I will be talking about the design and implementation in Python of a solution to those problems that we at MindTouch have developed and that we call lambda-ops. lambda-ops is a command line tool for deployment of AWS Lambda functions that allows you to express your dependencies to other AWS services, keep secret data secure albeit available to your functions, and enable sharing configuration for a function regardless of the deployment type.Cloud Native Java with Spring Boot and Spring Cloud -- Josh Long, Pivota - - - “It is not necessary to change. Survival is not mandatory.” -W. Edwards Deming

Work takes time to flow through an organization and ultimately be deployed to production where it captures value. It’s critical to reduce time-to-production. Software - for many organizations and industries - is a competitive advantage.

Organizations break their larger software ambitions into smaller, independently deployable, feature -centric batches of work - microservices. In order to reduce the round-trip between stations of work, organizations collapse or consolidate as much of them as possible and automate the rest; developers and operations beget “devops,” cloud-based services and platforms (like Cloud Foundry) automate operations work and break down the need for ITIL tickets and change management boards.

But velocity, for velocity’s sake, is dangerous. Microservices invite architectural complexity that few are prepared to address. In this talk, we’ll look at how high performance organizations like Ticketmaster, Alibaba, and Netflix make short work of that complexity with Spring Boot and Spring Cloud.

Open Source Big Data Ingestion - Without the Heartburn! -- Pat Patterson, Salesforce - - Big Data tools such as Hadoop and Spark allow you to process data at unprecedented scale, but keeping your processing engine fed can be a challenge. Upstream data sources can 'drift' due to infrastructure, OS and application changes, causing ETL tools and hand-coded solutions to fail, inducing heartburn in even the most resilient data scientist. This session will survey the big data ingestion landscape, focusing on how open source tools such as Sqoop, Flume and StreamSets can keep the data pipeline flowing.
2:45-3:15Scaling your API Development workflow: 5 Simple Things You Can Do Today -- Emmanuel Paraskakis, Apiary - - - t was all fun and games when you had a single API. Now you’re drowning in tens (hundreds?) of services. How do you keep them consistent, usable and error-free?
Hint: Adding more people to the process does not make things better (besides the worry of finding and hiring good people in the first place)

I’ll talk about 5 simple things you can do today to retain your sanity and ship great product, as well as making your team 10x more productive.

In this presentation I’ll be distilling lessons learned building hundreds of APIs the past 8 years and how tooling can help you scale.
Orchestrating Containers in Production at Scale with Docker Swarm -- Dongluo Chen, Docker - - How do we go from single-node setup to scalable, highly-available deployments? You have installed Docker, you know how to run containers, you have written Dockerfiles to build container images for your applications (or parts of your applications), and you are using Compose to describe your application stack. Your app is running beautifully on your local Docker Engine, but how do you take it to production?This presentation will start by an introduction of the latest features in Docker Swarm and Docker Engine.Then we will demo how to, using some tools (docker cli, docker-compose, kitematic), start a few applications on the cluster. Then we are going to see how to scale those applications and how they react to node(s) failure.Distributed Systems at Twitter: A Deep Dive on the Powertrack Streaming API Architecture -- Lisa White, Twitter - - - eliably delivering a customizable subset of 500 million daily Tweets to hundreds of customers with thousands of end-users is no small feat, especially when that has to be done in realtime without missing a Tweet. Twitter’s PowerTrack is a product that provides Enterprise customers the ability to filter a full firehose of data in realtime to receive only the data that they are interested in. Customers can define rules for the Tweets they receive based on a wide variety of dimensions, such as user attributes, geo-location, and language.

Come learn about the PowerTrack architecture that solves technical challenges such as:
* Filtering data at scale in realtime
* Application and system layer redundancy to deal with failures
* Applying configuration changes to open streaming connections
* Backfilling data to ensure 100% fidelity
* Managing state of customer streams across data centers
And more!
Continuous Rollbacks – Is That Really the Best We Can Do? -- Paul Bruce, Perfecto Mobile - - - Fast deployment is great, except when you're a user and something just broke. Using production subscribers as test subjects is a thing of the past, especially in a future driven by consumer experience, financial technology, biotech and other mission-critical services.
The plain and simple fact is that DevOps and continuous deployment are really hard and many organizations looking to make a digital transformation must approach both technical and cultural challenges with practical solutions for both. The most effective teams are those aligned to mutual goals, connected through success of their consumer’s experience.
A critical technical component of continuous integration and DevOps is automation. Automated testing is vital to shipping high quality experiences. Combine the two and you get high quality, high speed delivery of apps and APIs.
In this session, Perfecto Mobile’s Paul Bruce talks about a few solutions to key cultural challenges in DevOps teams as well as how quality factors in to each stage of your continuous delivery process.
3:15-3:30Q and AQ and A
3:30-3:45Afternoon Break
Afternoon Tracks and Workshops, Continued
Track 1: APIsTrack 2: Containers, Kernals and ServicesTrack 3: Distributed and ServerlessBreakout 4Breakout 5Breakout 6
3:45-4:15Using LoopBack and StrongLoop to Rapidly Prototype APIs -- Ray Camden, StrongLoop - - - When building a mobile app (or a service in general), the API your client works with is an integral part of the process. But if it isn’t ready yet, or you aren’t even sure what it is going to look like, then you’ve got a problem. Raymond Camden explains how you can rapidly prototype your API using Node.js, the LoopBack framework, and StrongLoop.

Raymond demonstrates how to create the backend application and design models for your API, as well as how to work with the REST API to create, read, update, and delete data from your application. He will also demonstrate the APIs in use through a hybrid mobile application built with Apache Cordova and the Ionic framework.
This One Weird Container Trick: From Swarm to Compose to Consul to Carina to DockerHub to Slack -- Joshua Primson, FICO - - This goal of this session is to explore some of the weird of the container world. Containers are being embraced for their ability to radically simplify the software development pipeline and delivery pipeline, but getting lost in translation are huge advantages that the container as packaging construct allows. How to write a container once, and deploy everywhere - and how to construct self-configuring Docker images. We explore why docker commit doesn’t get nearly the credit or controversy it deserves. Micro services and stateless are sexy, but how do you deal with “big Fscking containers of doom” How to make this work if you have a real IT department modeled after the byzantine empire.etcd3: An efficient, reliable, multi-versioned transactional distributed key-value store — Anthony Romano, CoreOS - - The ability to run resilient, hyperscale infrastructure today means running
distributed systems. However, building distributed systems is difficult
because there can be no single point of failure. At CoreOS we designed high
availability into etcd, our open source distributed consistent key-value
store. With etcd as a reliable substrate for distributed systems,
infrastructure stays available even when individual servers fail. Since its
initial release in 2013, etcd has become a popular cornerstone of distributed
services for networking, service discovery, configuration management, and
load balancing. This talk will describe the scalability, performance, and
semantic challenges for supporting these applications with etcd and how they
influenced the design and implementation of the new etcd3 API.
Getting to 10x Performance Improvement on our Data Routing Layer -- Rajiv Kurian, SignalFx - - At SignalFx, we ingest, process, and run in-stream analytics against high-volume high-resolution data from users. A critical part of the system is the publish/subscribe mechanism for routing data. We have adopted some of the best practices from fields such as High Performance Computing to make our routing layer fast and scalable. This presentation provides examples of how to implement those practices, as well as SignalFx’s before/after results.
Separation of the data plane from the control plane
Optimal data structures for publish/subscribe implementations
Zero-copy, zero-allocation serialization formats
Living on the Edge (Service): Bundling Microservices to Optimize Consumption for Devices with Spring Cloud & Netflix OSS -- Mark Heckler - - - Devices (phones, tablets, etc.) already consume most services/data, but they have to get those services somewhere! In this session, learn how to use proven patterns & open source software to quickly and effectively build edge services that marshal & streamline communication between your key services and end-users with devices in hand. The presenter will demonstrate how to develop & manage microservices & expose them via an edge service, securely, using OSS tools employed by Netflix to keep movies streaming globally 24x7.The New Stack for Content Management: Supercharging the Content Repository with Elasticsearch and MongoDB -- Mariana Cedica, Nuxeo - - - We strongly think SQL and NoSQL technologies should be used side by side to deliver a storage solution that can scale to the sky while preserving data security and guaranteeing transactional write operations. Nuxeo is an open source platform centered around a content repository. Over the years, our use of the technologies has evolved. Among other changes, our content repository migrated from an Object Database to SQL. For a couple of years, we started leveraging NoSQL technologies, enabling us to provide a full range of solutions, including a new hybrid SQL + NoSQL architecture, depending on the challenges and the requirements of each project. This presentation explains the technical and design choices we had to make to keep the content repository up-to-date and provide an incredible performance to our users. It will cover:
Brief introduction on content repository, unique goals and challenges, main use cases on the field
Limitations faced with traditional SQL databases (problematic use cases, limit cases)
Integration of Elasticsearch and MongoDB as part of the storage infrastructure
Motivations for choosing Elasticsearch and MongoDB
Integration challenges and architecture
Hybrid storage architecture
Benchmark results & real life feedback
4:15-4:45"A five-sided prism polarizing Web API development -- Guillaume Laforge, Restlet - - How do you tackle your API development? Are you diving head-first in the code to get something quickly out the door? Do you start by defining the API contract, that you'll share between your teams and the consumers? Perhaps you prefer to describe your acceptance tests, explaining the behavior you expect from your API. But if you're a storyteller, you'll probably write some use cases, scenarios, to have a better feel for what your API is all about, and how your users will take advantage of it. Or simply, you already have data lying around that wants to set free, and be exposed restfully to the world.
In this session, Guillaume Laforge, Restlet's Product Ninja & Advocate, will highlight different approaches to Web API development, along with their pros & cons. Whether you're starting with code, a contract, tests, documentation, or data, you'll get a glimpse of light into the tasty book of API development recipes."
Unikernels and the Benefits of Modularity - Amir Choudhry, Docker - - - Word of unikernels is beginning to spread, especially the benefits around their lean size and portability. This portability comes from using only the necessary libraries that an application needs, along with the ability to swap out those libraries depending on the deployment target — without changing the application code.

This talk will present a brief overview of current methods of computing and the basics of unikernels. We'll then work through an example that demonstrates the benefits of using libraries this way, going from local development through to considering deployment. Such approaches will be important for things like IoT software development and distributed systems.

There will be plenty of time for questions!
Managing the Conglomeration of Functions Across a Serverless Production Environment - Jeremy Edberg, CloudNative - - - Granularity has gotten smaller over the years, going from machines to instances to containers, but the smallest unit of granularity is the function. With AWS Lambda, Google Cloud Functions and related projects, the rise of the serverless production environment is upon us. But how will we manage a conglomeration of functions built across the organization? At CloudNative, we run our entire product on AWS Lambda. In this talk I'll tell you about all of the automation we set up to make this the easiest development environment ever, and tell you about Kappa, our open source tool for Lambda managementExploring the DNA of Successful Developer Teams -- Travis Vachon, CircleCI - - - This talk will explore the DNA of what makes successful developer teams - from the basics of trust and control to the more abstract of team organization, tools and productivity. Attendees of this talk will walk away with a better understanding of what makes the best software development teams tick.Tracking Huge Files with Git LFS -- Tim Pettersen, Atlassian - - - Developers love Git for its raw speed, powerful history traversal, distributed nature, and the fact that it was built by uber developer Linus Torvalds. What we don't love is the fact that, out of the box, Git has terrible support for tracking large binary files! Fortunately, developers from Atlassian, GitHub, and Visual Studio Online have teamed up to work on an open source (MIT licensed) project to solve this problem: Git LFS (Large File Support). This means researchers, web designers, game developers, multimedia producers and all other developers who need to work with large data and rich media can move off legacy centralized systems and start using modern version control. In this session I'll cover the computer science behind Git LFS' internals & architecture, CLI usage and how to build an effective Git LFS workflow for a development team. Attendees will take away an understanding of how Git LFS works under the hood, and some practical advice on using Git LFS with their software projects and teams.
5:05-5:35"Keynote: Break Up the Monolith: How Intuit is disrupting a decades-old codebase with scalable services -- Alex Balazs, VP, Intuit - - Many developers are attracted to enterprise companies because of the opportunity to make a difference by engineering products that will impact millions of users. However, one of biggest barriers of innovation at enterprises is that they often come with (technology) baggage. They typically slower to adopt new technology than startups affecting their ability to develop cutting edge solutions and at a fast pace. How can developers help enterprises break out of legacy technologies, be nimble, adapt new technologies, and disrupt themselves? Intuit, the makers of TurboTax, QuickBooks, and Mint has recently faced this kind of challenge head on. Developers for the company's market leading offerings had to deal at times with monolithic codebases, some of which are decades old. The company decided to replatform, breaking up its monolithic enterprise architecture into smaller, simpler service components. By leveraging Node.js as well as other advanced technologies, Intuit TurboTax transformed its enterprise architecture to deliver the full, native version of its tax filing software to more than 30 million customers - regardless of the device they use. Over the past two years Intuit has saved nearly 120 years of developer hours by transitioning from monolithic code bases to modular service-oriented development. Intuit's native mobile development technology has improved developer productivity by 10 times. Alex Balazs, VP Fellow Architect, can share insights on how enterprises can adopt Node.js as well as other technologies to be nimble and better serve customers, with lessons on how to:
· Identify and prepare for the slow moving tasks at your company.
· Divide and conquer– harness the expertise of all the different resources throughout one's company.
· Manage the tradeoff between control and conformity in a platform. How to make conformity pleasant and easy to use with open collaboration modules. People like to adopt easy-to-use things.
5:35p - 6:05pKeynote: Time is Hard: Doing Meaningful Things with Data - Rajesh Raman, SignalFx - Doing meaningful things with constantly flowing data that lets you make decisions when you want to (now)—trending, statistical analysis, dynamic thresholding, ad-hoc exploration, etc—is HARD, because of TIME. When you have a many things spread over a lot of space producing a ton of data, every little bit of irregularity, skew, lag, jitter, and burstiness can throw off everything. Using SignalFx as an example, we’ll look at what happens in the real world and how to engineer for it.
6:05p - 7:35pEvening Reception
Day 2 - Thursday, May 26, 2016
8:00-12:00pmRegistration Open
8:00-8:45aDanishes and Coffee
8:45aDay 2 Begins - Eric Norlin
8:45a - 9:15aKeynote: Information, Insight and Inspiration - IBM Watson & Cognitive APIs - - Elliot Turner, Director of Alchemy Solutions, IBM Watson - - - Cognitive APIs are transforming our relationship with technology, forging new partnerships that enable machines to perform data processing tasks that previously required human intervention. We're seeing automated cognition applied to a huge number of challenges facing humanity today: From helping oncologists with cancer diagnosis and treatment to helping us plan our next meal and wine pairing. This session covers the potential for what can be achieved with cognitive technologies, the democratization trend we're seeing as cognition is exposed to the world in the form of REST APIs, and how you can integrate cognitive APIs into your application or service.
9:15a - 9:45aKeynote: Introspection, Audit and Insight in Cluster Management -- Brendan Burns, Kubernetes - - - Developers may see cluster management systems like Kubernetes as a way to simplify the deployment and management of their applications (and they are) But, container management systems as central points of authentication, authorization, logging and introspection. This talk covers both the subject of auditing, introspection and insight from cluster management in general, as well as the specifics of Kubernetes authentication and authorization mechanisms, as well as namespaces, and other ways of isolating different users. It also covers audit and analysis of the use of a cluster management API to detect anomalies as well as inform users of required changes like patching vulnerable software.
9:45a - 10:15aKeynote: An Interview with Ben Hindman, co-founder of Mesoshpere, by Alex Williams of The New Stack - A conversation with Ben Hindman to discuss the evolution of scaled out architectures, frameworks and the concept of DC/OS. We will discuss the context of networking, storage and security in Mesos andbMesosphere, the role of DC/OS as an open source ecosystem and how Ben envisions its symbiosis with OpenStack, CNCF and other open sourcebefforts The specter of so much choice for the user in this new era will be discussed and will serve as a launch to talk about the metaphors of the cloud as a giant computer and what role the OS plays in that context.
10:15a - 10:30aKeynote: Driving Higher App Revenues Through Committment to Customer Experience -- Marv Storey, Samsung - - - You’ve created the killer app and have launched it only to realize that unforeseen app issues are creating a nasty buzz in the Galaxy Apps and Google Play stores.  This is resulting in poor customer ratings and plummeting new customer downloads.  Don’t let this happen to you! This session will cover key aspects of implementing a sound Customer Experience strategy that will be sure to keep your app customers happy and your revenue flowing.  The speaker will address topics such as, 1) what are customer’s expectations when they encounter an issue within your app, 2) how to implement In-App self help 3) how do app customers want to contact you, 3) recommended design principles and best practices for adding help within your app, 4) effects on Galaxy App and Google Play reviews from good vs poor customer experience, and 5) fostering a community to help drive loyalty and retention.  The speaker has over 12 years’ mobile app ecosystem experience within an independent software vendor, a tier 1 mobile operator and a leading device manufacturer.  He will share data, insights and best practices to not only protect your investment, but to help you use customer experience as a driving force to grow and maintain your happy customer base
10:30-10:45Morning Break
10:45-11:00Keynote: Developing the Next Generation of Robotic Applications - Rosanna Myers, Carbon Robotics - - - Low cost hardware, free SDKs, and web APIs are enabling a new wave of robotic applications. From connected services to AI to VR integration, explore how developers are pushing the boundaries of robotics, building new companies, and bringing code into the material world. Rosanna is the CEO and cofounder of Carbon Robotics, a company that combines machine intelligence with low-cost hardware to make industrial-grade robots iPhone-easy.
11:00 AMPassport Prize Announcement in General Session
Breakout 1Breakout 2Breakout 3Breakout 4Breakout 5Breakout 6
11:20-11:50Continuous Delivery Automation of Cloud Infrastructure and Applications at Choice Hotels
-- Brian Mericle, Choice Hotels - - - The Platform team at Choice Hotels is responsible for building tools and processes that automate the delivery of infrastructure and applications to our cloud environment, while enabling the engineering teams to be hyper-focused on building our next generation distribution platform. Our continuous delivery orchestration is built on top of Jenkins, using its Groovy based DSL for job and pipeline creation. The custom, and purpose-built, software we have created to interact with our cloud platform provider is written with a combination of Java and Python. Together, our orchestration and services can repeatedly, consistently and rapidly deploy infrastructure and applications that are stable, scalable and secure. This session will cover our automation process and how we interact with, and deploy infrastructure and applications to, our cloud platform provider.
Relational vs. NoSQL Databases for API Traffic -- Vineet Joshi, Cloud Elements - - Monitoring API traffic is not a new thing, but how you monitor and watch your traffic has begun evolving. Relational databases have been used for API traffic for a long time because of its wide adoption and ease of use. NoSQL databases have become more popular over the years because of its flexibility and understanding of large amounts of traffic data. With NoSQL you can continue to add attributes you want to monitor and analyze against helping you scale and grow as your API traffic grows.

Key learnings:
Strategies to use for managing / analyzing API traffic
Scalability of your system to increase API traffic & keep up with growth
Hardships moving from relational databases to NoSQL
How to support relational & NoSQL databases
Continuous Delivery with Jenkins and Kebernetes Containers
Cody Hill, Platform9 - - Join Platform9 for a live demo on: - Standing up a Kubernetes cluster - Deploying an application through Jenkins to Kubernetes - Perform a blue-green application upgrade through a Jenkins continuous delivery pipeline
Swagger to OpenAPI: Road to 3.0 -- Ron Ratovsky - - - The popular Swagger specification has recently moved to the Open API Initiative and renamed the OpenAPI Specification.
We’ll cover the meaning of this move, a brief history of the spec, and what’s on the roadmap for the next version - 3.0.
Using Core Image Filters with Video -- Kyle Balogh, Gorilla Logic - - - The focus of the session will be around using Core Image filters on videos in iOS. Kyle will review the approach Apple outlines in the What’s New in Core Image session from WWDC 2015 and introduce another way of filtering video using AVSampleBufferDisplayLayer. The talk will be accompanied by a demo that implements each of these approaches.Faster Feedback with Feature Flags - Edith Harbaugh, LaunchDarkly - - - Feature flags are a continuous delivery best practice to get feedback faster, with less risk. With feature flags, engineering changes are pushed live to production “off”, and then turned on to different users, separating deployment from release. Learn how Behalf and CircleCI to use feature flags for opt-in early access, private beta, canary releases and dark launches.
11:50-12:50Lunch with Gluecon Exhibitors
12:50-1:15Networking with Gluecon Exhibitors
1:15-1:45Keynote: Who’s Calling? Production Identity in a Microservices World -- Joe Beda, EIR, Accel - - The new "Cloud Native" stack is awesome. You can deploy more things faster and work in smaller teams with microservices. But it isn't all sunshine and unicorns. Dynamic self service systems built out of micro-services stress and break existing security systems. In this talk, based on his experiences at Google and beyond, Joe looks at how to adapt to this world and makes the case for breaking down walls between security teams an application developers. How can they work together to not only meet the existing security bar but to actually surpass it. Hopefully (if he can finish it in time) this will include a demonstration of systems running real code.
Breakout 1Breakout 2Breakout 3Breakout 4 Breakout 5Breakout 6
1:50-2:20What's Coming in Elasticsearch - Lee Hinman, ElasticA Pattern Language for Microservices - Chris Richardson - - When architecting an enterprise Java application, you need to choose between the traditional monolithic architecture consisting of a single large WAR file, or the more fashionable microservices architecture consisting of many smaller services. But rather than blindly picking the familiar or the fashionable, it’s important to remember what Fred Books said almost 30 years ago: there are no silver bullets in software. Every architectural decision has both benefits and drawbacks. Whether the benefits of one approach outweigh the drawbacks greatly depends upon the context of your particular project. Moreover, even if you adopt the microservices architecture, you must still make numerous other design decisions, each with their own trade-offs.
A software pattern is an ideal way of describing a solution to a problem in a given context along with its tradeoffs. In this presentation, we describe a pattern language for microservices. You will learn about patterns that will help you decide when and how to use microservices vs. a monolithic architecture. We will also describe patterns that solve various problems in a microservice architecture including inter-service communication, service registration and service discovery.
APIs for Microservices - Mike Stowe, Mulesoft - - - The concept of Microservices is changing the way we build and architect our systems, but are we really setting ourselves up for success? How can we ensure that our APIs act as a contractual, yet flexible representation of our service – and how do we address the “glue” issue to prevent ourselves from service lock-in? In this session we’ll jump back into history to see what’s worked and what hasn’t, look at how to build truly decoupled services, and explore tools and technologies that make the entire process easier.
Don't Touch Me That Way: Using Mobile Hardware Fingerprint Readers via APIs - David Lindner, nVisium - - With over 3.1 million applications in the Apple AppStore and Google Play Store, and more than 7.5 billion mobile subscribers in the world, mobile application security has been shoved into the forefront of many organizations. One of the newly added features on mobile devices is that of a fingerprint reader. Both iOS and Android provide access to the hardware fingerprint reader through APIs. The fingerprint APIs can be used correctly and incorrectly. Join David as he shows how the APIs work, how you can use them correctly and incorrectly, and how a malicious actor may attack the fingerprint APIs.Context Convergence: An API Driven Approach to Cybersecurity Policy Enforcement -- Chris Ceppi, Situational - - Session decription: The success of malicious hackers is forcing a convergence of security technologies for identity, mobility and information protection. Integration through APIs has emerged as a core competence for security. ISVs and developers are leveraging APIs to better secure all layers of the IT stack. I'll cover the high runner APIs, what's driving integration requirements, and the road ahead.Get in the Flow! The API Developer Workflow - Guillaume Laforge, Restlet - - The API ecosystem provides powerful tools, online services and definition formats for designing, testing, running, or managing APIs. All share common purposes: improve our productivity when developing an API, allow us to collaborate more effectively, or share our creations with the world!
But developers have already invented efficient tactics to streamline their development, gathered experience with and sharpened their tools of trade. The result is that the services or formats mentioned before can actually also get in their way, and interrupt their development flow, as they have to resort to get out of their routine and processes, to use them.
What can API tooling vendors do to reconcile the habits of developers with their tools?
In this session, Guillaume Laforge, Restlet's Product Ninja & Advocate, will talk about building, versioning & dependency management of API artifacts, scenario & conformance testing, API documentation, continuous integration, multi-environment continuous deployment, and team collaboration! Let’s get back into the development flow!
2:25-3:00Enterprise Apps Go (Cloud) Native -- Ben Schumacher, Cisco - - - Many teams are adopting containerized API-based solutions for their new projects, but what happens to their existing applications? Can we apply new tools and technologies to accelerate conversion to new architectures? This session presents a review how an ad-hoc team at Cisco came together to re-imagine an internal application over a 5 day period. The team's process will be covered in detail, including personal backgrounds, technology choices made, outcomes (we did it!), and lessons learned.

A breath of technical topics will be covered including solution architecture, IaaS, container stack, programming languages, CI/CD pipeline, etc.
Connect and Control IOT Devices in Minutes -- Mark VanderWiele and David Boloker, IBM - - As the world of IOT is exploding with respect to sensors, speech and analytics are providing a powerful new user experience. We are finding sensors everywherefrom buildings (temperature, humidity, movement ) to cities (sound, air, security). Join David & Mark as they simplify putting everything together both architecturally as well as physically using the power of the cloud, micro-services and real-time analytics. Framework-FUD and the reality of secure dependency management -- Chris Schmidt, Codiscope - - Modern software development is less about writing software and more about tying together a seemingly endless supply of open-source components to create the foundation of an application, and then adding some paint and a few photographs and calling it a day. In this day and age, it is more important than ever to fully understand the frameworks in use so that you can understand how they should be used securely. A flaw in a framework you may not even realize that you are using could prove to be catastrophic. However, simply having a vulnerable framework in your libs directory doesn't necessarily spell out disaster.

In this talk we'll explore:
The roles that frameworks really play in developing secure software
How to evaluate the security maturity of frameworks your business relies on
How these popular frameworks are suceptible to attacks
What do to when the next big framework vulnerability inevitably comes to light
2D Sphere Geospatial Queries in MongoDB - Rob Camp, RefactorU - - Location based data is becoming more and more important. MongoDB has tools designed to help you store your location data ( points and polygons ), as well as ways to query for it. Whether you want to know what points are closest to your users or what polygons your users are inside of, MongoDB can make your life a lot easier.REST API Design 101 -- Mark Stafford, Microsoft - - - It used to be that you had to live in an ivory tower to design a high-quality Web API, but no longer. Join us for a hands-on walk into the future of API design, where we take an average developer and enable her/him to design and implement a high-quality, consistent, intuitive REST API. We will step through the process of designing a great REST API from scratch, using skills most developers already have.The DevOps Evolution & Revolution In 2016 - Brian Carpio, Trace3 - - In 2009 John Allspaw spoke at Velocity about how 10 deployments a day would become the norm. Since then the industry has evolved from config management and Cloud all the way to Data Center Operating Systems like Mesosphere and Kubernetes. How did we get here? And where are we headed? In this discussion we’ll look at recent advancements in technologies that are reshaping Development and Operations as we know it. We’ll also take a look at how the future of “DEV/ops” is not as much an evolution as it is a revolution, where the infrastructure teams of tomorrow provide microservices to engineering teams as part of an overall microservices ecosystem.
3:00-3:15Afternoon Break
Breakout 1Breakout 2Breakout 3
3:15-3:45Practical Service Discovery with Consul -- Chris Stevens, Traxo - - Dive into the practical application of service discovery in real-world applications using Consul. We will discuss the recent popularity of service discovery systems, look back at historical practices, and demonstrate how teams can evaluate these solutions today. Attendees will learn how to register services and health checks, use the DNS and API interfaces, and build app configurations that automatically react to changes. A live demonstration will include cluster bootstrapping, leader election and HA, feature flagging, key/value storage, and distributed locks.Enabling Polyglot Persistence for Neo4j and MongoDB Using Python - William Lyon - - Polyglot persistence is all about using multiple database technologies to enhance your application, taking advantage of the strengths of different databases. However, the benefits come at the expense of complexity: managing multiple databases and keeping the data in sync at the application layer. In this talk, I will outline some use cases where it makes sense to use a document database (MongoDB) and graph database (Neo4j) together to add functionality to a web application. We will examine a product catalog application that uses MongoDB to power search and browsing while using Neo4j to add personalized product recommendations. Finally, I will discuss how we implemented a MongoDB-Neo4j connector in Python and some of the Python packages that made it possible.
Re-architecting the government with Lua and Hadoop -- Nick Muerdter, National Renewable Energy Lab - - Hear the tale of how we revamped an open source API management platform (API Umbrella) to meet the growing needs of the U.S. federal government. Over the past year, we've transitioned from a stack running on Node.js and Elasticsearch to a more efficient stack utilizing Lua/OpenResty and Hadoop/Apache Kylin. We'll dive into why we underwent this migration, and why you may or may not want to consider these technologies in other cases. We'll detail how we rolled out these significant architecture changes without anybody noticing, and also touch on the US government's increasing adoption of open source.
3:50-4:20Your API Design Matter Less Than You Think - Brandon West, SendGrid - - - Designing a good API is hard. Building a valuable API is harder. Drawing on 5 years experience helping an API-first company scale to sending 1 billion emails a day billions of API calls a month, I'll share stories from the field and lessons learned. We'll talk about why companies building APIs should adopt a holistic API strategy early on and what that means for the entire organization. I'll also provide some insight into how we now manage and scale our API as a product. Managing Cloud Apps with Apache Brooklyn: a Spark Case Study -- Brad DesAulniers and Alex Heneveld - - - Apache Brooklyn provides a simple way to manage your cloud. Using the Clocker feature, it allows simple deployment of Docker containers as well as easy deploy of Compose and Brooklyn blueprints into Mesos, AWS, BlueBox, or practically any cloud. We will talk about using Brooklyn to deploy, scale, and monitor a Spark or Mesos cluster while managing the containers running on it. We will also demo the ability to create servers and deploy containers on them.Why to Use (and Hot to Build) Dynamic Server Access Control -- Aren Sanderson - - Server access control is traditionally static and oftentimes either an engineer has access to everything or nothing. Dynamic access control provides flexibility to grant and monitor logins easily, including temporary access, automatically expiring access, and integration-driven access through an API. Imagine if you could limit sudo access only to those engineers who are on-call. Or require that a Jira case be opened and approval granted before allowing access to the payment server. This talk explores the benefits of dynamic access control, and provides guidance on how to build it in your Linux infrastructure with configuration and code examples.
4:25-4:55Keynote: Why API Ops is the New DevOps Frontier -- John Musser, Basho
4:55-5:00Closing Comments - GlueCon 2016 Ends