Loading…
This event has ended. Visit the official site or create your own event on Sched.
Customize your schedule by session topic and skill level:  Session Topic - Refer to the "Type" filter list to the right to find a session based on topic. Talk Difficulty - Sessions are categorized as [B]eginner, [I]ntermediate or [A]dvanced at the end of each talk title.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Intermediate [clear filter]
Tuesday, March 28
 

19:40 CEST

Lightning Talk: Using Cloud-Native in Telco-Environments - Marcus Brunner, Swisscom
The Telecom Industry so far has embraced the virtualization technology and has benefited from that transformation to a certain degree. For the full benefit however more cloud-native telecom applications are required in the various places of the stack with a quite large breads of requirements.

In this talk, the issues and requirements around the usage of cloud-native paradigms in Telecom are addressed and presented.

Speakers
avatar for Marcus Brunner

Marcus Brunner

Head of Standardization, Chief Researcher, and Eco-System Development, Swisscom
Involved in Software-based Telco-Networks since years.


Tuesday March 28, 2017 19:40 - 19:45 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

19:50 CEST

Lightning Talk: Flexible Logging Pipelines with Fluentd and Kubernetes - Jakob Karalus, codecentric
Log forwarding from containers in kubernetes with fluentd works like a charm. But most applications require more than just forwarding, various applications require different parsing patterns, outputs, formats etc. Managing these in a large multi tenant cluster can be challenging and usually require an additional shared forwarding/parsing infrastructure. Otherwise manual configuration changes by a cluster operator are needed. Both ways can be problematic when many different teams share the same cluster.

In this Lighting Talk attendees will learn how to leverage the tools to automatically load specifications/grok patterns from kubernetes at runtime. This leads developers to define those on their own in their pod definition without the existence of a cluster operator or an extra infrastructure. Because of this new possibility the developer gains more flexibility in his application without the necessity to coordinate with cluster operators or other teams.

Speakers
avatar for Jakob Karalus

Jakob Karalus

IT-Consultant, Codecentric
Jakob is a IT-Consultant at codecentric focussing on DevOps. His main interest is to play with exciting and evolving technologies around orchestration and automation. Currently he helps a large Enterprise as a cluster operator at running a multi tenant kubernetes cluster with supporting... Read More →



Tuesday March 28, 2017 19:50 - 19:55 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany
 
Wednesday, March 29
 

11:15 CEST

Kubernetes Scheduling Features or How Can I Make the System Do What I Want? [I] - Marek Grabowski & Wojciech Tyczynski, Google
Each user has her own set of requirements and constraints on where their Pods should be placed in a cluster. Some want to increase utilization, thus they want to pack Pods as densely as possible. Other want to maximize reliability, so they spread the Pods as thinly as they can.

Another one may have Pods that interfere with each other, e.g. by writing a lot to a local disk and don't want to put those on a single Node.

During this talk I'll tell what features are present in the default Kubernetes scheduler that can help you to accomplish all those things and more.

Speakers
avatar for Marek Grabowski

Marek Grabowski

Site Reliability Engineer, Google
Marek is a Software Engineer turned Site Reliability Engineer late 2017. Currently he focuses on reliability of Kubernetes clusters. Since 2013 he has been working on Google’s Technical Infrastructure, where early 2015 he joined Kubernetes engineering team. In Kubernetes his main... Read More →
avatar for Wociech Tyczynski

Wociech Tyczynski

Staff Software Engineer, Google
Wojciech is working on Google Technical Infrastructure & Cloud since 2012. Since February 2015 he works on Kubernetes and Google Kubernetes Engine. With the main focus on scalability, performance and availability, he gained experience and contributed to many Kubernetes features and... Read More →



Wednesday March 29, 2017 11:15 - 11:50 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

11:15 CEST

KubeVirt - Kubernetes, Virtualization and Your Future Data Center [I] - Itamar Heim & Fabian Deutsch, Red Hat
Kubernetes is a great orchestration tool for containers, but why stop there? Containers and virtual machines are going to co-exist in the data center. Let’s re-envision our virtualization and cloud solutions with Kubernetes as a single underlying platform.

We’ll introduce KubeVirt - a project to converge the future data center using Kubernetes as its infrastructure. We will cover how we are implementing a caring and stateful environment to run pet VMs in containers on top of Kubernetes - without contradicting its core assumptions. We will also be discussing gaps and how we plan to tackle those, drawing on our experience with KVM and and caring for pet VMs (and cats) for many years. The session will also include a demo of how we are doing this today and where we want to go next.

Speakers
avatar for Fabian Deutsch

Fabian Deutsch

Engineering Manager, Red Hat
Fabian Deutsch is working for Red Hat and has been working in the virtualization space for the last couple of years. Initially covering some node level aspects in oVirt and now building a robust virtual machine add-on for Kubernetes with KubeVirt. Throughout the years he spoke at... Read More →
IH

Itamar Heim

Senior Director, Software Engineering, Red Hat
Itamar Heim is a Senior Director of engineering for Container, Virtualization and System Management. Itamar leads the community and product engineering teams comprising Satellite, Red Hat Enterprise Virtualization and Container Management groups. Prior to this Role Itamar worked on... Read More →


Wednesday March 29, 2017 11:15 - 11:50 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

11:15 CEST

50 Shades of System Calls [I] - Jorge Salamero Sanz, Sysdig
Transaction tracing is typically thought of something that only developers do when they need to troubleshoot a piece of their software. And lately, it’s also been used for tracing microservice-based transactions too.

These are really useful capabilities, but what if you could profile everything? Yes everything - software functions, microservice calls, file access, network requests, even bash scripts. How would this change your view on your systems? How would this enable you to better understand what your software is actually doing?

In this talk I’ll show you how to trace everything using Sysdig, an open source system visibility tool. We’ll cover:
  • How to trace everything from a method in your software, a service call, a network request, a shell command execution, a script, and more
  • What effective tracing in containerized environments requires
  • How to report on your traces to make the most sense of the data
  • Use real-world examples of tracing that show its benefits
When you leave this talk, it’s very likely that you’ll skip the next one so that you can go trace something!

Speakers
avatar for Jorge Salamero Sanz

Jorge Salamero Sanz

DevOps Evangelist, Sysdig
Jorge enjoys monitoring all the things, from his Kubernetes clusters to writing sensors plugins and DIY projects with Raspberry PI and ESP8266. Currently he is part of the Sysdig team, and in the past was one of the promoters of HumanOps. When he is away from computers, you will find... Read More →



Wednesday March 29, 2017 11:15 - 11:50 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:00 CEST

Scaling Organizations Using Kubernetes [I] - Richard Fliam, Comcast VIPER
Kubernetes enables us to build software that spans hundreds or thousands of machines in a simple manner. Often overlooked, but just as critical, is that Kubernetes can enable us to build software that scales across hundreds of developers. Kubernetes can enable us to scale organizations.

If you have gone from 5 to 250 people in 5 years like Comcast VIPER serious challenges will arise in deploying, monitoring, debugging, and preventing outages. The default solution for these challenges is process. However, with appropriate tooling and leveraging the underlying API’s of Kubernetes it is possible to automate much of this process. We can lighten the burden of developing large, multi component features and services. We will explore the steps VIPER is taking to leverage Kubernetes to effectively scale our organization.

Speakers
avatar for Richard Fliam

Richard Fliam

Richard Fliam, Comcast VIPER
Richard Fliam is a software engineer with years of industry experience in developing large-scale distributed systems. His work ranges from CDNs, to video packagers, to multi-terabyte per second cloud video recorders. He now leads VIPER’s Engineering Efficiency group. He has previously... Read More →



Wednesday March 29, 2017 12:00 - 12:35 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:00 CEST

Managing Lifecycle of Microservices at Scale [I] - Micheal Benedict, Pinterest
(This is an extended presentation of my lightning talk on "Managing micro-services at scale" from KubeCon/CloudNativeCon 2016 - https://youtu.be/Q1CEgPw7CG8)

As more organizations transition from a monolith to a more micro-services architecture, organizations are finding significant challenges around governance and lifecycle management of micro-services.
For example, how often have you (developer, ops, leadership) have asked one or more of the following questions?

1. What does it take to create and manage a new micro service? (Metadata Management, governance)
2. How do we identify a micro services canonically across infrastructure/platform services? (Identity)
3. How do we allocate resources for a micro service? (Resource provisioning)
4. What does it take to operate a micro service? (Deploy pipelines, orchestration, monitoring)
5. How do we measure resource utilization and cost of operating a micro service? (Metering and Chargeback)

These questions persist independent of an organization's container strategy or public/private cloud strategy.

Through this talk, I will deep dive further into the above challenges, the impact and share details on the need for a governance system that manages the lifecycle of micro-services. The talk will focus on the following areas:

1.Metadata Management (project info, team ownership info, operational info such as dashboards, alerts)
2. Identity Management (canonical service identifiers, secrets provisioning, distribution and management)
3. Resource Management (provisioning of primitive resources such as CPU, MEM or abstract resources such as RPS)
4. Metering and Chargeback

At the end of the talk, I'll share case studies from Twitter and Pinterest on how they implemented portions of these systems and its impact.

Speakers
avatar for Micheal Benedict

Micheal Benedict

Head of Engineering Productivity, Pinterest
Micheal Benedict heads the Engineering Productivity organization at Pinterest that is responsible for languages strategy, source code management, build systems & CI/CD platform. Previously, Micheal led products for the Compute Platform at Twitter. Micheal holds a master's degree in... Read More →


Wednesday March 29, 2017 12:00 - 12:35 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:00 CEST

360° Monitoring of Your Services [I] - Philipp Krenn, Elastic
"With microservices every outage is like a murder mystery" is a common banter. But it doesn't have to be! This talk gives an overview on how to monitor Spring Boot applications, since they are increasingly popular for building microservices. We dive into:
  • System metrics: Keep track of network traffic and system load.
  • Application logs: Collect and parse your logs.
  • Application metrics: Get the information from Boot's metric and health endpoints and store it.
  • Request tracing: Use Sleuth to trace requests through a distributed system.
  • Uptime monitoring: Use Heartbeat to ping services and actively monitor their availability.
All the data will be aggregated and visualized in Kibana, giving you an all around view of your system.

Speakers
avatar for Philipp Krenn

Philipp Krenn

Developer, Elastic
Philipp lives to demo interesting technology. Having worked as a web, infrastructure, and database engineer for over ten years, Philipp is now a developer advocate and community team lead in EMEA at Elastic — the company behind the Elastic Stack consisting of Elasticsearch, Kibana... Read More →



Wednesday March 29, 2017 12:00 - 12:35 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:00 CEST

Counting with Prometheus [I] - Brian Brazil, Robust Perception
Counters are one of the two core metric types in Prometheus, allowing for tracking of request rates, error ratios and other key measurements. Learn why are they designed the way they are, how client libraries implement them and how rate() works.

Speakers
avatar for Brian Brazil

Brian Brazil

Developer, Robust Perception
Brian Brazil is a core developer of Prometheus, and the founder of Robust Perception. He has developed and maintains components and features across the Prometheus ecosystem including the Python and Java clients, and many exporters. He wrote many of the best practices and guidelines... Read More →



Wednesday March 29, 2017 12:00 - 12:35 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

13:55 CEST

Panel: Leveraging the Open Service Broker API in Cloud Native Platforms [I] - Moderated by Chip Childers, Cloud Foundry Foundation
In a digital world, widely adopted and easy to use APIs are the cornerstone of collaboration and interoperability. As Cloud technologies mature and become commonplace, the absence of standards surfaces challenges in the implementation of solutions by Cloud vendors, service providers and end users. Building on top of the experience of Cloud Foundry's Service Broker API, the Open Service Broker working group brings together players from all areas. The Open Service Broker API is an industry-driven, collaborative effort to demolish barriers in the adoption of Cloud Native services, with a user-centric approach focused on delivering features based exclusively in real world use cases.

In this panel discussion you hear from representatives from IBM, Pivotal, Fujitsu, RedHat and Orange explaining where they want the project to go and why the initiative is important to them. Expect to learn more about the Open Service Broker API working group, the future of the project and insights into how leading technology companies are applying this specification to real world use cases.

Moderators
avatar for Chip Childers

Chip Childers

CTO, Cloud Foundry Foundation
A proven DevOps visionary and leader. Before coming to the Foundation, Chip was vice president of Product Strategy at CumuLogic. He spent more than 15 years in engineering leadership positions within the service provider industry including work with SunGard Availability Services and... Read More →

Speakers
avatar for Guillaume Berche

Guillaume Berche

Software architect, Orange
Guillaume Berche is an active bosh and cloudfoundry user since 2012. He is working at Orange, one of the leading global telco operator, where he is contributing to private Paas efforts since late 2010. His activities range from product-management, software development to operations... Read More →
avatar for Doug Davis

Doug Davis

PM Knative, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →
avatar for Andres Garcia Garcia

Andres Garcia Garcia

Solutions Architect, Fujitsu EST
Andres has covered a wide range of roles including research in Cloud Computing, Software Engineering and Scrum Master. Currently he develops prototypes and PoC in Fujitsu EST, although his latest passion is DevOps and open standards.
avatar for Alex Ley

Alex Ley

Staff Product Manager, Pivotal
Alex is a Product Manager for the Pivotal Cloud Foundry platform and is focused on enabling multi-cloud services using Cloud Foundry and BOSH. Previously, Alex was a committer to the container engine Garden Linux, used by Cloud Foundry, and worked in London's FinTech startup scene... Read More →
avatar for Paul Morie

Paul Morie

Sr. Principal Software Engineer, Red Hat
Paul is a Principal Engineer at Red Hat and a Kubernetes maintainer. He's been working on Kubernetes since 2014, concentrating at different points on application development primitives, service catalog, container security, and multicluster problems. Before Kubernetes, he worked on... Read More →
avatar for Diane Mueller

Diane Mueller

Director, Community Development, Red Hat
Director, Community Development @Red Hat


Wednesday March 29, 2017 13:55 - 14:30 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

13:55 CEST

Go + Microservices = Go Kit [I] - Peter Bourgon, Go Kit
Go is emerging as the default programming language for cloud-native tooling and infrastructure. But it's also a perfect language for implementing your business logic—with a little bit of help! This talk introduces and deep-dives into Go kit, an independent open-source toolkit for writing microservices in Go. We first identify the defining characteristics and challenges of working in a cloud-native architecture, and then build a production-grade, highly idiomatic Go kit microservice to address all of the concerns. Special attention is paid to instrumenting with Prometheus, log storage with Fluentd, distributed tracing with OpenTracing, and deploying via Kubernetes — all of which work out-of-the-box.

Speakers
avatar for Peter Bourgon

Peter Bourgon

Engineer, Fastly
Peter Bourgon is a distributed systems engineer who has seen things. He is the author of Go kit, a toolkit for writing business microservices in Go.


Wednesday March 29, 2017 13:55 - 14:30 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

13:55 CEST

Binary Protocols - The Current State of Affairs [I] - Jason Smith, Container Solutions
With gRPC becoming increasingly popular, Protobuf is also drawing attention. Binary protocols are making a comeback in popularity. We will looks at the advantages and disadvantages of binary as well as how some of the protocols such as Flatbuffers, Capn'n Proto, Protobuf, etc differ.

Speakers
avatar for Jason Smith

Jason Smith

Engineer, Container Solutions
Jason is a backend engineer who has 10 years of experience in building integrations, and yet he still doesn't hate SOAP. He is a devout student of the K.I.S.S. philosophy. He has become focused on microservices, and the best practices for developing in a distributed environment.


Wednesday March 29, 2017 13:55 - 14:30 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany
  gRPC, Developer

13:55 CEST

Autoscaling in Kubernetes [I] - Marcin Wielgus, Google
One of the nicest features of Kubernetes is its ability to automatically adjust the cluster size and the number of pod replicas to the current traffic and load. During this talk I will explain what is the current state of pod and node autoscaling in Kubernetes, how it exactly works, what metrics can be used to drive autoscaling, and what are the best practices to apply it in production.

Speakers
avatar for Marcin Wielgus

Marcin Wielgus

Staff Software Engineer, Google
Marcin Wielgus is a Staff Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes before the 1.0 release... Read More →



Wednesday March 29, 2017 13:55 - 14:30 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

13:55 CEST

When Failure is Not an Option: Processing Real Money at Monzo with Kubernetes and Linkerd [I] - Oliver Gould, Buoyant & Oliver Beattie, Monzo
In this talk, we describe how Monzo processes financial transactions involving real money and real people in way that's safe, secure, and resilient. We show how combining Kubernetes with Linkerd creates a highly adaptive system, where Kubernetes provides a baseline level of protection against hardware and software failures and Linkerd layers on request-level resilience, including including latency-aware load-balancing, intelligent retries, and service-level measures of success rates and latency. We show how the resulting system is resilient to a wide variety of failures and protects the financial transactions that flow through it from failure, yet still allows for a rapid pace of feature development and iteration.

Speakers
avatar for Oliver Beattie

Oliver Beattie

Head of Engineering, Monzo
Oliver Beattie is Head of Engineering at Monzo, leading the development of the distributed systems to power a new kind of bank. He previously worked on Hailo's global micro-services platform.
avatar for Oliver Gould

Oliver Gould

CTO, Buoyant
Oliver Gould is a core maintainer of Linkerd, and is the co-founder and CTO of Buoyant, where he leads open source development efforts. Prior to Buoyant, he was a staff infrastructure engineer at Twitter, where he was the tech lead of Observability, Traffic, and Configuration & Coordination... Read More →


Wednesday March 29, 2017 13:55 - 14:30 CEST
B 07 - B 08 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

13:55 CEST

How Google Cloud Hosts and Manages Kubernetes at Scale [I] - David Aronchick, Google
A breakdown of what we do on Google Cloud to make running Kubernetes great, both managing large amounts of Kubernetes clusters, and what we do on behalf of users to ensure everything is running in the optimal configuration. Folks will be able to take away our best practices and apply them to their own installations.

Speakers
avatar for David Aronchick

David Aronchick

Head of OSS Machine Learning, Microsoft
David leads Open Source Machine Learning Strategy at Azure. This means he spends most of his time helping humans to convince machines to be smarter. He is only moderately successful at this. Previously, he led product management for Kubernetes, launched Google Kubernetes Engine and... Read More →


Wednesday March 29, 2017 13:55 - 14:30 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:40 CEST

Building a Cloud-Native SQL Database [I] - Alex Robinson, Cockroach Labs
While compute management solutions like Docker and Kubernetes have rapidly advanced in recent years due to the proliferation of cloud infrastructure, storage options have been left behind in comparison. Conventional SQL databases have tacked on clustering options that help a little bit, but what would it take to build a strongly-consistent database specifically for cloud-native deployments.

This talk takes a deep-dive into the design of one such database, CockroachDB, which is being built from the ground up via open source. We will look specifically at how to achieve the easy deployment and management of a scalable, self-healing, strongly-consistent database with techniques such as dynamic sharding and rebalancing, consensus protocols, lock-free transactions, and more. We will then explore how you can both contribute to it and use it to build scalable, resilient applications that can be deployed to any cloud infrastructure.

Speakers
avatar for Alex Robinson

Alex Robinson

Member of the Technical Staff, Cockroach Labs
Alex Robinson is a software engineer at Cockroach Labs, the startup leading the development of the fully open source (Apache-licensed) CockroachDB project. Previously, he was a senior software engineer at Google, where he spent his last two years as a core developer of both Kubernetes... Read More →



Wednesday March 29, 2017 14:40 - 15:15 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:40 CEST

Dance Madly on the Lip of a Volcano with Security Release Processes [I] - Jess Frazelle, Google & Brandon Philips, CoreOS
This talk will cover how we designed an awesome security release process for Kubernetes and all it’s sub-projects.

Open source projects strive to be transparent in everything they do, but when it comes to fixing security patches they need to find the right balance of “open” and “responsible.” This means vulnerabilities should be reported in a safe way as well as patches tested and reviewed with a limited audience. The companies that rely on Kubernetes should have time to patch their systems before a public announcement.

Various sets of infrastructure and collaboration are needed to make this a reality. The design we used could also be applied to other projects and even internally in your company.

Join us to learn about the Kubernetes Security Release process and how we went from no infrastructure in 2016 to great infrastructure backed by an awesome team in 2017.

Speakers
avatar for Jessie Frazelle

Jessie Frazelle

Software Engineer, Mcrosoft
Jess Frazelle works at Microsoft on open source, containers, and Linux. She has been a maintainer of Docker, contributor to RunC, Kubernetes and Golang as well as other projects. She loves all things involving Linux namespaces and cgroups and is probably most well known for running... Read More →
avatar for Brandon Philips

Brandon Philips

CTO, CoreOS, Inc.
Brandon Philips is helping to build modern Linux server infrastructure at CoreOS as CTO. Prior to CoreOS, he worked at Rackspace hacking on cloud monitoring and was a Linux kernel developer at SUSE. As a graduate of Oregon State's Open Source Lab he is passionate about open source... Read More →


Wednesday March 29, 2017 14:40 - 15:15 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:40 CEST

Loki: An OpenSource Zipkin / Prometheus Mashup, Written in Go [I] - Tom Wilkie, Weaveworks
In this talk I'll present a prototype OpenTracing implementation dubbed "Loki". Loki is a Zipkin-compatible distributed tracer written in Go. Unlike Zipkin, Loki pulls traces from the application under examination by reusing Prometheus' service discovery and scraping code. This presents some unique advantages over traditional distributed tracers as the tracer knows the identify of the services under examination, and helps present a consistent naming topology when used with Prometheus.

Speakers
avatar for Tom Wilkie

Tom Wilkie

VP Product, Grafana Labs
Tom is VP Product at Grafana Labs, but really he is a software engineer. Tom is a maintainer on the Prometheus project and a maintainer and the original author of Cortex, both CNCF projects. Previously Tom founded Kausal, a company working on Prometheus, and worked at companies such... Read More →


Wednesday March 29, 2017 14:40 - 15:15 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:40 CEST

Alerting in Cloud Native Environments [I] - Fabian Reinartz, CoreOS
In a Cloud Native infrastructure, component failure is normal and expected. The loss of a single node or a dozen hard drives is automatically handled by the systems running a datacenter, removing the need to page someone at 4am.

This calls for an alerting system that understands service availability at a global scope, yet is still able to give detailed reports if and when there is a service-impacting incident. Prometheus achieves this by defining alerting conditions directly on time series data. The resulting alerts are grouped and aggregated into comprehensive and meaningful notifications.

Fabian will walk through the philosophy of time series based alerting, the Prometheus architecture behind it, and how practical anomaly detection can be implemented.

Speakers
avatar for Fabian Reinartz

Fabian Reinartz

Software Engineer, Google
Fabian Reinartz is a software engineer at Google and one of the core developers of Prometheus, a monitoring system and time series database. Previously, he was a production engineer at SoundCloud and worked on information retrieval during his time at Saarland University.


Wednesday March 29, 2017 14:40 - 15:15 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:35 CEST

Panel: The Open Container Initiative (OCI) and the Future of Container Standardization [I] - Moderated by Chris Aniszczyk, Linux Foundation
With the proliferation and rapid growth of container-based solutions over the past few years-- including container-based solutions from almost all major IT vendors and cloud providers as well as emerging start-ups-- the industry needed a standard on which to support container formats and runtime. Enter the Open Container Initiative (OCI), established to help promote a set of common, minimal open standards and specifications around container formats and runtime. Setting a baseline de facto standard, OCI will soon release version 1.0 of its runtime and image format specifications, now ready to look at what’s next for the future of container standardization and distribution. Hear from OCI members who are experts in container technology as they discuss the project’s progress at large with special focus on what’s coming next after the v1.0 release and certification program launch. Additional discussion topics will include:

How the runtime and image format specs are driving broader innovation
The impact the v1.0 release will have on the container landscape
Implementations and use cases
Value and benefits of the certification program and what that means for container standards
Future plans for the OCI

Moderators
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO, Linux Foundation (CNCF)
Chris Aniszczyk is an engineer by trade with a passion for open source and building communities. At Twitter, he created their open source program and led their open source efforts. For many years he served on the Eclipse Foundation's Board of Directors representing the committer community... Read More →

Speakers
avatar for Vincent Batts

Vincent Batts

programmer, Kinvolk
Vincent Batts has spent half his life in Linux and open source communities. Works with emerging technology such as knative and tekton. An Open Containers Initiative maintainer and technical board member. An ongoing member on Slackware Linux's Core Team, past maintainer on the docker... Read More →
avatar for Jeff Borek

Jeff Borek

WW Program Dir, Open Tech & Partnerships, IBM
Jeffrey Borek, WW Program Director, IBM - is a senior technology and communications executive with over twenty years of leadership and technical experience in the Software, Telecommunications, and Information Technology/Consulting industries. He is currently the ecosystem development... Read More →
avatar for Brandon Philips

Brandon Philips

CTO, CoreOS, Inc.
Brandon Philips is helping to build modern Linux server infrastructure at CoreOS as CTO. Prior to CoreOS, he worked at Rackspace hacking on cloud monitoring and was a Linux kernel developer at SUSE. As a graduate of Oregon State's Open Source Lab he is passionate about open source... Read More →
S

Saurya

Senior Program Manager, Microsoft


Wednesday March 29, 2017 15:35 - 16:10 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:35 CEST

Building a Storage Cluster with Kubernetes [I] - Bassam Tabbara, Quantum Corp.
Modern software storage systems are inherently complex. They are composed of numerous distributed components, require careful balancing of resources, and have stringent performance requirements. If you're running your applications in a public cloud you're typically shielded from this complexity and can utilize managed storage services like EBS, S3 and EFS. If you're running on-premise, however, your choices are quite limited and typically result in using traditional big-iron storage systems.

In this talk we'll walkthrough how we've built a production-ready storage cluster using Kubernetes. Storage nodes run as pods and enumerate the available storage devices within the cluster. We'll explore how to optimize the network through CNI plugins to separate client and storage cluster traffic. We'll show how some of the features of Kubernetes including controllers/operators, third-party resources, resource management, and rolling upgrades can lead to more powerful and resilient storage clusters. We'll also walk through use cases where the storage cluster is dedicated (hyperscaled) or shared with other applications (hyperconverged).

Speakers
avatar for Bassam Tabbara

Bassam Tabbara

Chief Technical Officer, Quantum Corporation
Bassam Tabbara is the CTO of Quantum Corporation, a world-class leader in storage. He is spearheading several storage projects including Rook (http://rook.io). Prior to Quantum, Bassam was the CTO and co-founder of Symform, a P2P storage startup acquired by Quantum. Prior to that... Read More →



Wednesday March 29, 2017 15:35 - 16:10 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:35 CEST

Operational and Business Insights from Tracing Distributed Microservices [I] - Juraci Paixão Kröhling, Red Hat
In this talk we will present Hawkular APM, an OpenTracing-compliant community project. We will demonstrate how the project can be used to monitor microservices in a cloud environment, capturing trace and business metric information, which can then be presented in both aggregated and individual trace views to provide useful insight for many roles within an organisation.

Speakers
avatar for Juraci Paixão Kröhling

Juraci Paixão Kröhling

Software Engineer, Red Hat
Juraci is a software engineer at Red Hat working with the Distributed Tracing team on the Kiali project. He is a core contributor to Jaeger and is also active in the OpenTracing community. He talked about Jaeger, OpenTracing and Distributed Tracing at local meetups in Munich, Germany... Read More →



Wednesday March 29, 2017 15:35 - 16:10 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:35 CEST

Understanding and Extending Prometheus AlertManager [I] - Lee Calcote, SolarWinds
The AlertManager component handles alerts sent by client applications such as the Prometheus server, carefully de-duplicating, correlating, and routing their notifications to their appropriate receiver (e.g. email, webhook, etc.). Current behavior of this component is only to display actively firing alerts.

Contributing to Prometheus is no different than most other open source endeavors, which, like many projects, welcomes community contributions. Let’s gain better familiarity with the process by augmenting Prometheus’ AlertManager with a new “history” view.

Speakers
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about developer platforms and management software for clouds, containers, functions and applications. Advanced and emerging technologies have been a consistent focus through Calcote’s tenure at SolarWinds, Seagate... Read More →


Wednesday March 29, 2017 15:35 - 16:10 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:20 CEST

Tales from Lastminute.com Machine Room: Our Journey Towards a Full On-Premise Kubernetes Architecture in Production [I] - Michele Orsi & Manuel Carlo Ranieri, lastminute.com
We sell travel services to more than 10 million customers worldwide in 15 languages across 35 countries, through hundreds of micro-services.

What happens if you challenge the way you deliver your products with a new infrastructure based on Kubernetes?
You’ll have to face classical developing, deploying and monitoring paradigms and bring everything to an entirely different level. It will also have to kept in mind that the business expects continuous delivery of new features without impact on the final customers experience.

In this presentation we will explore our one-year-long journey to move a full business flow from a well-known legacy platform to Kubernetes through a seamless migration.
We’ll dive into the full tech stack, from the services we give to our development teams to the way we provision servers, without forgetting the secret sauce we applied to make it happen.

We will not hide the failures, the problems and the wrong assumptions we made along the way, but we will celebrate lessons learnt and the goal we achieved; allowing us to boost time-to-market and reliability of our systems.

Speakers
avatar for Michele Orsi

Michele Orsi

Software architect, lastminute.com
Michele is a software architect at lastminute.com group, where he’s part of the team who develops and builds the new cluster, based on containers and Kubernetes. He had been the founder and CTO of a startup called map2app for 4 years, until the acquisition in 2015. Prior to this... Read More →
avatar for Manuel Carlo Ranieri

Manuel Carlo Ranieri

System Administrator, Lastminute.com
Manuel is a GNU/Linux enthusiast. Born to be a sysadmin, he started working with GNU/Linux two decades ago. His mantra comes from extreme laziness "If you have to repeat it twice you must automatise it". Manuel works for Lastminute.com as a site reliability engineer and Kubernetes... Read More →



Wednesday March 29, 2017 16:20 - 16:55 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:20 CEST

Super Fast Real-time Data Processing on Cloud-Native Architecture [I] - Yaron Haviv, iguazio
While Cloud-Native architecture allows for elastic scaling and much simpler operation, it usually adds opinionated abstractions which may hinder performance or lead to implementation challenges.

This presentation will go over iguazio’s use-case for building an extremely high-performance, real-time data processing platform on the foundations of a cloud-native architecture and its 12 factors.

I will explain how we overcome networking and storage challenges of existing micro-services technologies to process data at the rate of 100Gb/s per node; address data persistency and affinity challenges; implement elastic “server-less” functions; integrate with outbound networking; and use hardware acceleration.

The session will also cover the tradeoffs and challenges we observed in working with Kubernetes, Swarm, and DC/OS, and then explain how they are addresses.

For background you can read my post in: https://thenewstack.io/hackers-guide-kubernetes-networking/ 

Speakers
avatar for Yaron Haviv

Yaron Haviv

CTO, Iguazio
Yaron Haviv is a serial entrepreneur who has deep technological experience in the fields of ML, big data, cloud, storage and networking. Prior to Iguazio, Yaron was the Vice President of Datacenter Solutions at Mellanox, where he led technology innovation, software development and... Read More →



Wednesday March 29, 2017 16:20 - 16:55 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:20 CEST

Kubernetes from Dev to Prod at GoEuro [I] - Subhas Dandapani, GoEuro
The GoEuro team uses Kubernetes across the whole application lifecycle, from Development to CI to QA to Production, using a variety of ways from Minikube to Hyperkube to GKE. Here are some insights from the team's use of kubernetes, maintaining standards, linting, validating and sharing k8s files, integrating with non-kubernetes raw docker and compute resources, and a lot more to transition to a fully kubernetized development to production experience.

Speakers
avatar for Subhas Dandapani

Subhas Dandapani

CI/CD Platform Lead, GoEuro Travel GmbH
Coder, ex-ThoughtWorker, Blogger, Microservices consultant for startups and enterprises, Co-maintainer of devopsbookmarks, Do Node|Java|Ruby|DevOps|µServices, Practice XP|KISS|Lean



Wednesday March 29, 2017 16:20 - 16:55 CEST
B 07 - B 08 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:20 CEST

Kubernetes Operators: Managing Complex Software with Software [I] - Josh Wood, CoreOS & Jesus Carrillo, Ticketmaster
The Kubernetes container orchestrator scales and connects stateless applications quite easily. Stateful applications can require more work. Databases, caching systems, and file stores are harder to dynamically manage with data intact, and sometimes come with their own notion of clustering. Operators automate these tasks. Operators are Kubernetes agents that know how to deploy, scale, manage, and even upgrade complex applications.

In this talk, we'll illustrate the Operator concept, showing how Operators are built atop the Kubernetes third-party resources mechanism, with a close examination of the open source etcd Operator. We'll demonstrate Operators in action, including the extension of the Operator concept to upgrading Kubernetes control plane components themselves. The audience will learn how to deploy Operators, and how to begin developing Operators to manage their own stateful applications.

Speakers
avatar for Jesus Carrillo

Jesus Carrillo

Senior Systems Engineer, Ticketmaster
Jesus Carrillo is a Senior Systems Engineer at Ticketmaster. He previously worked at AWS and Oracle and is passionate about new technologies and the best way to adopt them. When Jesus is not working he likes to relax and enjoy life.
avatar for Joshua Wood

Joshua Wood

DocOps, CoreOS
Josh Wood’s early adoption of the rkt container runtime led him to CoreOS, where he is responsible for documentation. Josh has worked in a variety of roles in innovative startups throughout his career, holding diverse titles from systems admin to product director and CTO. He is... Read More →


Wednesday March 29, 2017 16:20 - 16:55 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:20 CEST

OpenTracing and Containers: Depth, Breadth, and the Future of Tracing [I] - Priyanka Sharma & Ted Young, LightStep
Those building microservices at scale understand the role and importance of distributed tracing: it’s the most direct way to understand how and why a system is misbehaving. But distributed tracing has long harbored a dirty secret: the source code instrumentation can been complex, fragile, expensive, and difficult to maintain.

The OpenTracing project addresses that integration problem through standardization and collaborations with other open-source software systems. In this talk, Ted will begin by describing OpenTracing and explaining why you should care about it. He will then show how OpenTracing will be able to deliver zero-touch, black-box instrumentation of distributed applications via orchestration systems like Kubernetes, and why that could change the way we all reason about distributed computation.

Speakers
PS

Priyanka Sharma

Head of Product Marketing, Partnerships, & Open Source, LightStep
Priyanka Sharma is an entrepreneur with a passion for building developer products and growing them through open source communities. She heads Marketing and Partnerships at LightStep and also works on the OpenTracing project, an instrumentation standard for distributed tracing. In... Read More →
avatar for Ted Young

Ted Young

Director of Developer Education, Lightstep
Ted Young is one of the founders of the OpenTelemetry project, and works as the Director of Developer Education at Lightstep. Ted has spent the last 15 years building distributed systems in a variety of environments: computer animation, national elections, and elastic compute platforms... Read More →


Wednesday March 29, 2017 16:20 - 16:55 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:20 CEST

Grafana is Not Enough: DIY User Interfaces for Prometheus [I] - David Kaltschmidt, Weaveworks
This talk gives a quick overview of the currently available Prometheus UIs and shows ways to build your own interfaces to enable your workflows. Most popular among the UIs is Grafana, which works well with Prometheus and is lovely for dashboarding, but terrible for troubleshooting. What do you do if you want to slightly modify queries based on your dashboards? How can you explore the keys and values of your metric labels quickly? Having trouble remembering PromQL syntax? This talk presents small building UI blocks to get to your results faster and save the day.

Speakers
avatar for David Kaltschmidt

David Kaltschmidt

Director of Engineering, Weaveworks
David has been building UIs for the networking industry for over a decade. He is currently with Weaveworks and heads their Berlin office.



Wednesday March 29, 2017 16:20 - 16:55 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany
 
Thursday, March 30
 

11:30 CEST

Cisco's Devnet Goes Cloud Native: A Case Study on Transforming to Cloud Native [I] - Matt Johnson, Cisco
DevNet is Cisco’s developer program through which external developers and partners interface, experiment and innovate using Cisco technologies, products and APIs. Devnet consists of technology innovations, software platforms, and tools needed to reach the full promise of the Software-Driven Enterprise. Our goal is to build the community of enterprise developers and innovators using DevNet’s key principles: Learn, Code, Inspire, and Connect.

DevNet offers multiple services to developers. Content and API navigation via our developer-friendly portal, tailored learning labs that bring Cisco technologies and knowledge home for the developers, sandboxes that enable developers to interact with Cisco products and services in easy and cost effective ways and communities of interest that bring developers together around their main areas of interests.

Devnet has been very successful and as a result, the architecture of the platform coupled with the software transformation that is occurring resulted in the cloudification of the devnet platform. At the core of the cloudification effort is the need to independently scale up the services to accommodate the growing pool of DevNet developers and to rapidly add more services to keep developers engaged and satisfied. Meeting these requirements in an architecture made of multiple monolithic services is expensive and slow. It was time to embark on our journey to transform our offerings into micro services.

Goals of the project:
- Create a high quality developer experience (learn, code, inspire, connect). This is the vision that we needed to set across the Devnet team, Cisco, and our external partners. Setting this vision and getting buy in across all levels of the organization is key.
- Create a flexible and agile platform. With a clear vision and alignment, the next set is to execute on the new architecture and enable the flexibility and scalability requirements.
- Make sure that our investment and resources are building and strengthening the platform. To accomplish this goal, we had to address process issues and invest in the right resources. This is critical to understand at the beginning of the effort and to plan to address and track progress against this important goal.
- BU content onboarding as strategic and technical advantage. Since the hard work was accomplished in the first 3 goals, this fourth one was achieved as a matter of addressing these Bus early and getting not only their buyin but more importantly, co-development alignment.

This presentation will discuss the effort we completed in taking Devnet to production with Kubernetes, Prometheus, and monitoring enhancements required. The lessons learned and sample applications created in the developer.cisco.com learning labs will be presented.

Speakers
avatar for Matt Johnson

Matt Johnson

Technical Leader & Developer Evangalist, Cisco DEVNET


Thursday March 30, 2017 11:30 - 12:05 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

11:30 CEST

Containerd: The Universal Container Runtime [I] - Justin Cormack, Docker
Containerd is a new community project designed to provide a common runtime for every project that uses containers: Kubernetes, Docker, Amazon ECS, Azure Container Engine and many more, with contributors coming from Docker, Google, Red Hat, Microsoft, Amazon, IBM, Alibaba and many more companies in the container space. It extends the collaboration on standards around the Open Container Initiative by implementing these standards, and is run by an independent foundation. This project will be a central point of collaboration between the diverse container community and an integration point for vendors, much like the Linux kernel project is.

Although containerd was designed to be a "boring infrastructure" component that just sits there and works for a huge range of use cases, it is a pretty exciting development for those of us involved in containers. This talk covers the state of the project now, the roadmap, how it fits into broader tools such as Docker and Kubernetes, how it will affect users, and the future roadmap. It is an open project which is seeking a wide range of input, so the talk covers how to get involved and contribute.

Speakers
avatar for Justin Cormack

Justin Cormack

Engineer, Docker
Justin Cormack is Security Lead at Docker. He is a maintainer on the CNCF Notary project and is involved with CNCF SIG Security. He has spoken at Kubecon on a variety of subjects such as containerd, security audits, Notary and container runtimes. He also speaks at other events such... Read More →


Thursday March 30, 2017 11:30 - 12:05 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

11:30 CEST

Programming Kubernetes with the Go SDK [I] - Aaron Schlesinger, Deis
Most people talk to their Kubernetes clusters using the kubectl tool, but we’re seeing more and more cases where engineers are writing their own software to talk to the Kubernetes API itself. The use cases for doing so are many: writing ingress controllers, managing pods and watching logs to name a few.

At Deis, we’re using the Kubernetes Go SDK for quite a few different purposes. We first started by vendoring in the Kubernetes mono-repo to watch pod events. We pushed our code to production and quickly learned all about Kubernetes event stream internals and the server-side event cache. When we got something working reliably, we expanded our usage of this client code to a few other domains. We later migrated to the the client-go package when it was released and now use it in almost all of our projects and infrastructure.

In this talk, we’ll share our use cases and detail what we’ve learned using client-go in production. We’ll also share some best practices and show a demo to illustrate how you can get started with the client yourself.

Speakers
avatar for Aaron Schlesinger

Aaron Schlesinger

Cloud Developer Advocate, Microsoft
Aaron is a developer advocate at Microsoft Azure and a core maintainer of the Athens Project. He is an emeritus core maintainer and chair of the Kubernetes SIG-Service-Catalog and a contributor to various other projects in the Kubernetes community. He enjoys distilling his wide ranging... Read More →


Thursday March 30, 2017 11:30 - 12:05 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

11:30 CEST

Building Distributed TensorFlow Using Both GPU and CPU on Kubernetes [I] - Zeyu Zheng & Huizhi Zhao, Caicloud
Big Data and Machine Learning have become extremely hot topics in recent years. Google has announced its AI-centric strategy and released the deep learning toolkit TensorFlow. TensorFlow soon became the most popular open source toolkit for deep learning applications. However, it may take years to train large deep learning models on a single machine without GPU. In order to accelerate the training process, we build a distributed TensorFlow system on Kubernetes which support both CPUs and GPUs.

In this presentation, I’d like to share our experiences about how to build this distributed TensorFlow system on Kubernetes. First, I'll briefly introduce TensorFlow and how TensorFlow supports training model distributedly. However, the original distribution mechanism lacks lots of components such as scheduling, monitoring, life cycle managing and etc. to make it suitable for production usage.

In the rest of the presentation, I'll focus on how to leverage Kubernetes to solve those problem. The solution involves three components. First, I'll introduce how to schedule TensorFlow jobs in a cluster with both CPUs and GPUs. Then I'll share our experience in managing the life cycle of a distributed TensorFlow job. Finally, I'll state our efforts in lowering the bar for using distributed TensorFlow

Speakers
HZ

Huizhi Zhao

Software Engineer, Caicloud
ZZ

Zeyu Zheng

Chief Data Scientist, Caicloud
Zeyu is chief data scientist and co-founder at Caicloud which provides Cloud and Big Data related services. He leads the efforts to build reliable and scalable data analysis and machine learning platforms like Hadoop, Spark and TensorFlow on Kubernetes. His team has developed Machine... Read More →



Thursday March 30, 2017 11:30 - 12:05 CEST
B 07 - B 08 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

11:30 CEST

Building for Trust: How to Secure Your Kubernetes Cluster [I] - Alexander Mohr & Jess Frazelle, Google
This talk will cover all the ways you can secure your Kubernetes cluster using a Certificate Authority, Authentication, Secrets and more. We will also describe and demo the ways you can use Seccomp, Apparmor, SELinux and cgroups to make your application containers as secure as possible.

Speakers
A

Alexander

Senior Engineering Manager, Google
Alex is currently the Technical Lead and Manager of Google Seattle's Kubernetes and Container Engine teams. Previously, he was Engineering Lead for Google Compute Engine's initial public launch, and also lead the design and launch of its VM instance manager subsystem.
avatar for Jessie Frazelle

Jessie Frazelle

Software Engineer, Mcrosoft
Jess Frazelle works at Microsoft on open source, containers, and Linux. She has been a maintainer of Docker, contributor to RunC, Kubernetes and Golang as well as other projects. She loves all things involving Linux namespaces and cgroups and is probably most well known for running... Read More →


Thursday March 30, 2017 11:30 - 12:05 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:15 CEST

Life of a Packet [I] - Michael Rubin, Google
Tracing the path of network traffic in the kubernetes system. Clarifying which API objects map to implementation and how Google deploys this in GKE today. Attendees will learn about topics from how networking packets are processed when the cluster is working as designed and what are common problems when the cluster is being creative and surprising.

Speakers
avatar for Michael Rubin

Michael Rubin

Senior Staff Eningeer & TLM, Google
Twenty years in the Systems Software Industry, from developing enterprise file servers and systems. The past ten years he has worked at Google where he founded the Linux Storage group for its data centers and worked on world wide WAN and BGP technologies. Today he is co-leading and... Read More →



Thursday March 30, 2017 12:15 - 12:50 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:15 CEST

Kubernetes Day 2: Cluster Operations [I] - Brandon Philips, CoreOS
How do you keep a Kubernetes cluster running long term? Just like any other service, you need a combination of monitoring, alerting, backup, upgrade, and infrastructure management strategies to make it happen. This talk will walk through and demonstrate the best practices for each of these questions and show off the latest tooling that makes it possible. The takeaway will be lessons and considerations that will influence the way you operate your own Kubernetes clusters.

Speakers
avatar for Brandon Philips

Brandon Philips

CTO, CoreOS, Inc.
Brandon Philips is helping to build modern Linux server infrastructure at CoreOS as CTO. Prior to CoreOS, he worked at Rackspace hacking on cloud monitoring and was a Linux kernel developer at SUSE. As a graduate of Oregon State's Open Source Lab he is passionate about open source... Read More →


Thursday March 30, 2017 12:15 - 12:50 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:15 CEST

Network-independent ACLs: Why Security Shouldn't Depend on Your Network [I] - Bernard Van De Walle, Aporeto
The conventional view is that Security and ACLs are implemented in the network, through a set of typical firewall rules that rely on the IP and Port number.

In Kubernetes, everything is a label and pod communications are defined as a set of labels allowed to communicate with each other. (Through the definition of network policies).
This model fully abstracts the pod network information (IP/Port) from the pod's identity (pod's labels).

With the traditional approach, the NetworkPolicies are implemented by the Kubernetes networking backend (Flannel, Calico, ...) that translates the policies into a set of IPs/Ports that need to be constantly updated.

However, another approach is possible by using the labels associated with each pods directly as metadata on the networking stack (transparently from the networking backend). NetworkPolicies then become a simple API-level authentication scheme that is completely independent from the network backend.

This talk will go over the pros and cons of each model, describing specific use-cases where it makes sense to use the one or the other.

It will introduce a new way of implementing those NetworkPolicies that doesn't rely at all on network primitives, but only on the set of labels associated to each pod.

Networking should be used for reachability between cluster nodes.
but security and network policies should not always be tied to your networking.

Speakers
avatar for Bernard Van De Walle

Bernard Van De Walle

Engineer/Product, Aporeto
Working initially on massive production core/edge network routers, I saw the evolution of networking and security from fully physical to the new models emerging today: SDN, virtual networks and massive scaling for micro-services. After spending 4 years implementing a well-recognized... Read More →



Thursday March 30, 2017 12:15 - 12:50 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

12:15 CEST

Prometheus: The Unsung Heroes [I] - Alejandro Ramirez, Swisscom Directories AG
Prometheus is a fantastic tool, Prometheus/Kubernetes integration is amazing, PromQL is expressive…. We have all heard the superlatives and the articles, but this talk explores those tools of the Prometheus ecosystem that are not under the spotlight, but should not be discarded as mere footnotes to the saga.

We will discuss how mtail and the snmp_exporter allowed us to instrument our load balancer appliance and give us more insights into our performance in such a critical component of our system.

Speakers
AR

Alejandro Ramírez

Head of DevOps, Swisscom Directories AG
Alejandro Ramirez Local.ch (Swisscom Directories AG) Senior System Engineer Zürich, Switzerland Alejandro works at local.ch, one of the country’s highest traffic websites, ensuring that the platform runs smoothly while at the same empowering other engineers in the team to accelerate... Read More →



Thursday March 30, 2017 12:15 - 12:50 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:00 CEST

BoF: What Should be PID 1 in a Container? [I] - Ranjith Rajaram, Red Hat
When a container is started, the main application will have process ID as 1. In a traditional unix systems, PID 1 is usually the init/systemd process. So the question that arises is "Does it really matter which process becomes PID 1 inside a container?".

This talk "What should be PID 1 in a container?" will talk about the problem related to process reaping and what you should care about when deploying the containerized application. This session would be beneficial for developers who are planning to containerize the application. Process reaping will be explained with simple example.

Speakers
avatar for Ranjith Rajaram

Ranjith Rajaram

Sr.Principal Technical Support Engineer, Red Hat
Ranjith Rajaram works for Red Hat as a Sr. Principal Tech. Support Engineer. He has 13 years of experience in implementing Linux servers for complex workloads. Active member of Fudcon and was involved in the planning of container track for Fudcon 2015. Has presented technical talks... Read More →



Thursday March 30, 2017 14:00 - 14:35 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany
  BoF, Developer

14:00 CEST

How We Built a Chargeback System for Twitter’s Compute Platform (Mesos/Aurora) That Incentives Higher Resource Utilization [I] - Jeyappragash Jeyakeerthi, Twitter Inc.
Twitter is powered by a collection of diverse, multi-tenant infrastructure and platform services. We run Mesos/Aurora for general compute, Manhattan for storage, Hadoop for batch compute and many more. We also run many platform services and one such example is our custom observability (monitoring) service.

Given Twitter scale, these services should always be available, reliable, scalable, well utilized, cost effective and flexible. The multi tenant nature of these services brings increased management complexity and a host of challenges, for both the service owner and end-users. Here are a few, that we will be covering (along with uses cases) during the first half part of the talk:
- resource discovery
- capacity planning
- resource ownership
- resource provisioning through self-service
- resource utilization and cost tracking

In the next half, we will talk about our solution i.e the Cloud Platform Management System: A simple way to catalogue, identify, plan, provision, meter usage and chargeback resources of multi-tenant infrastructure services. We will also share a case study on how we improved the overall utilization of the general compute platform (Mesos/Aurora) after being on-boarded into the Cloud Platform Management System. Finally, we will share our vision for the next generation cloud platform for multi-tenant services.

Speakers
avatar for JJ Jeyappragash

JJ Jeyappragash

tetrate.io
Jeyappragash previously built the team and lead the technical roadmap for Twitter's Cloud Infrastructure Management Platform. This platform helps developers manage their services and provides detailed visibility to the infrastructure and the services that use the infrastructures... Read More →


Thursday March 30, 2017 14:00 - 14:35 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:00 CEST

Autoscaling a Multi-Platform Kubernetes Cluster Built with kubeadm [I] - Lucas Käldström, Upper Secondary School Student - Individual Maintainer
Does Kubernetes run on any architecture other than Intel/AMD64? Yes it does, since v1.3.0.
Lucas Käldström (@luxas), a general upper secondary school student, added support for ARM and ARM 64-bit to the core codebase earlier this year. Kubernetes is all about letting you choose the container runtime, the operating system, the environment (cloud vs bare metal) etc., so why wouldn’t you like to choose CPU architecture as well?

The talk demonstrates Kubernetes’ multi-architecture features in a very practical manner: by having a 10-node cluster of credit-card-sized devices with three architectures (amd64, arm and arm64) in front of the audience. The cluster is deployed with kubeadm. For the demo, a cross-platform nginx workload will be created from the dashboard, deployed to all nodes regardless of architecture, monitored via an auto-updating grafana dashboard and autoscaled by a Horizontal Pod Autoscaler while traffic is generated against the cluster’s Ingress controller. And just to make things more exciting, a node’s power cable may be unplugged by a volunteer from the audience, at any time during the heavy traffic to demonstrate Kubernetes’ auto-healing functions.

Speakers
avatar for Lucas Käldström

Lucas Käldström

Student, Contracting
Lucas is a cloud native enthusiast that just graduated from High School. Lucas is serving the Kubernetes community in various lead positions, e.g. as a co-lead for SIG Cluster Lifecycle shepherding kubeadm from inception to GA, porting Kubernetes to multiple platforms and by being... Read More →


Thursday March 30, 2017 14:00 - 14:35 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:00 CEST

How We Run Kubernetes in Kubernetes, aka Kubeception [I] - Timo Derstappen, Giant Swarm
At Giant Swarm our users want fully-managed Kubernetes clusters without any limitations (incl. privileged access to the nodes). We deploy and manage these clusters either in our data center, in the preferred cloud of the customer, or even on-premise. Both for ourselves as well as for enterprise customers we need full isolation between clusters and a easy way to manage and update clusters without downtime.

In this talk we explain how we use a “mother” Kubernetes to deploy and manage fully-isolated and encrypted Kubernetes clusters for different customers or teams - aka Kubeception. Our model treats (inner) Kubernetes clusters as a third party resource and manages them with a custom controller. This way we have an automated way of provisioning and managing clusters without additional tooling or complex monitoring setups. Further, through our API, we are to be able to spin clusters up and down on demand, scale them, update them, keep track of which clusters are available, and be able to assign them to organizations and teams flexibly.

Speakers
avatar for Timo Derstappen

Timo Derstappen

CTO, Giant Swarm
Timo Derstappen is CTO and co-founder of Giant Swarm. He has many years of experience in building scalable and automated cloud architectures.


Thursday March 30, 2017 14:00 - 14:35 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:00 CEST

Distributed Tracing Salon: Kubernetes, OpenTracing, Group Therapy, & Brainstorming
The distributed tracing "salon" is an unconference oasis in the midst of KubeCon. Think of it as a “donut salon” (yes, there will be donuts).

The session will be a 100% interactive discussion around distributed tracing. We’ll have tables for tracing beginners, tracing experts, and everything in between. This being KubeCon, several of the proposed topics relate specifically to containers and k8s. We have “group therapy” tables to compare notes about integration and deployment, “brainstorming” tables to talk about tracing across the user/kernel boundary, and “learning” tables to get started with tracing specifically. And of course there will be self-guided donut+coffee pairing.

You will be able to suggest topics of discussion.

The session will be facilitated by Priyanka Sharma, Ted Young and senior engineers from companies using OpenTracing in production to help create a free-flow conversation.

This is a first-come-first-served session and it is capped at 50 attendees (we want everyone to actually have a conversation!) so please sign up here in advance if you can.

Speakers
PS

Priyanka Sharma

Head of Product Marketing, Partnerships, & Open Source, LightStep
Priyanka Sharma is an entrepreneur with a passion for building developer products and growing them through open source communities. She heads Marketing and Partnerships at LightStep and also works on the OpenTracing project, an instrumentation standard for distributed tracing. In... Read More →
avatar for Ted Young

Ted Young

Director of Developer Education, Lightstep
Ted Young is one of the founders of the OpenTelemetry project, and works as the Director of Developer Education at Lightstep. Ted has spent the last 15 years building distributed systems in a variety of environments: computer animation, national elections, and elastic compute platforms... Read More →


Thursday March 30, 2017 14:00 - 15:20 CEST
A 08 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:45 CEST

BoFs: Data-Aware Scheduling in Kubernetes [I] - Johannes M. Scheuermann, inovex & Felix Hupfeld, Quobyte
In order to provide prompt results and efficiently deal with data-intensive workloads, Big Data applications execute their jobs on compute slots across large clusters. Also, for optimal performance, these applications should be as close as possible to the data they use. Data-aware scheduling is the way to achieve that optimization and can conveniently be set up using Kubernetes. We’ll present two different use cases: First, we’ll make use of how Big Data applications like Hadoop and Spark can use their native HDFS protocol for data-aware scheduling. Second, we’ll demonstrate an efficient way to write a data-aware scheduler for Kubernetes that satisfies not just your application’s requirements, but also keeps your admins happy. As a bonus, it’ll also allows us to run data-aware scheduling on applications other than Big Data.

Speakers
FH

Felix Hupfeld

Founder, Quobyte
Felix manages Quobyte’s technology and pushes development forward. Before that, he worked as a tech lead and capacity planner in Google’s infrastructure team (2009–2013). He was the architect and project manager for XtreemFS (2006–2009). Felix’s PhD was on distributed s... Read More →
avatar for Johannes M. Scheuermann

Johannes M. Scheuermann

Cloud Platform Engineer, inovex
Johannes is an operations guy with a software development background. He's been working with Containers and Kubernetes for over years. He has a strong interest in modern infrastructures and building infrastructure software.



Thursday March 30, 2017 14:45 - 15:20 CEST
A 03 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany
  BoF, Storage

14:45 CEST

Getting To, and Through, Our First Black Friday with Critical Apps on Kubernetes [I] - Arnaldo Pereira, Luiza Labs
I'll talk about how we adopted kubernetes in Luiza Labs, where we develop and operate the sales channels of Magazine Luiza, a Brazilian retail company of > 4 USD billion in anual revenue.

How we deploy the apps, and ended up writing an open source deployment tool; how we scale our clusters; contingency plans; cultural impact on application development; ultimately how kubernetes helped us going through a black friday smoothly

Speakers
avatar for Arnaldo Pereira

Arnaldo Pereira

SRE Manager, Luiza Labs
18 years in technology, half in startups and the others in mid-big companies - most of them managing development and SRE teams



Thursday March 30, 2017 14:45 - 15:20 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:45 CEST

Delve into Helm: Advanced DevOps [I] - Lachlan Evenson & Adam Reese, Deis
Helm is not just for simple applications running in simple environments. In this talk, we delve into the depths of Helm, focusing on lifecycle management and continuous delivery (CI/CD) of Kubernetes-native applications in different environments. We show how to extend Helm’s capabilities with plugins and add-ons. We'll also see how sophisticated charts like OpenStack and Deis Workflow use these capabilities to model more complex deployments.

Speakers
avatar for Lachlan Evenson

Lachlan Evenson

Professional Services, Deis
Cloud evangelist and tire kicker. Pushing cloud to it's limits in a public/private environments. Passionate about infrastructure automation, architecture and cloud deployment strategy. Believer in open source and an active member of the community contributing to several projects... Read More →
AR

Adam Reese

Software Engineer, Deis
Adam Reese is a core maintainer for the Kubernetes Helm project. As a Senior Engineer at Deis, he has contributed to many open source projects. Over his 15 years building software, Adam has built everything from distributed pipeline processors to embedded systems.



Thursday March 30, 2017 14:45 - 15:20 CEST
B 07 - B 08 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:45 CEST

Elephants on Automatic: HA Clustered PostgreSQL with Helm [I] - Josh Berkus, Red Hat & Oleksii Kliukin, Zalando
Kuberntes and Helm are not only the best way to automate high-availability PostgreSQL clusters, they're also the easiest! Join us to find out how you can deploy several different PostgreSQL cluster types using Helm in 30 minutes or less.

Helm is a package manager of choice for the Kubernetes community. PostgreSQL is the most advanced open-source database and is quickly becoming the relational database of choice for numerous developers running their applications in the cloud. In this talk, we are going to show two different types of fully automated PostgreSQL clusters with Helm: Spilo and CitusDB. Spilo provides automated failover and support services for single-master database clusters, and CitusDB provides sharded, big-data PostgreSQL.

We will demonstrate both of these types of clusters (and possibly others), explain how the Helm charts which set them up work, and how you can modify them to support your production environment.

Speakers
avatar for Josh Berkus

Josh Berkus

Kubernetes Community Manager, Red Hat
Josh Berkus contributes to Kubernetes for Red Hat, working on contributor experience, multicluster, releases, and all of Red Hat's many Kubernetes-related projects. He lives in Portland, OR, USA.
OK

Oleksii Kliukin

Database Engineer, Zalando SE
Oleksii Kliukin is an engineer for Zalando, where he helps improve and maintain Spilo and Patroni, providing the fashion giant with full-automated, self-deploying database clusters.


Thursday March 30, 2017 14:45 - 15:20 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:45 CEST

Kubernetes-Defined Monitoring [I] - Gianluca Borello, Sysdig
Over the past few years we’ve all learned how Kubernetes can dramatically change the process of deploying an application, improve reliability, and accelerate operations. As Kubernetes matures, I believe it will have ripple effects on other elements of DevOps, including monitoring.

In this talk, we’ll explore the question, “What if Kubernetes also defined and automated monitoring?” We’ll explore some of the available tooling to answer questions like:

*What are the right ways to instrument Kubernetes minons & pods?
*How do you effectively get visibility into aggregate microservices vs just containers?
*How can Kubernetes automate the act of setting up monitoring dashboards and alerts?
*How can teams use Kubernetes to allow them to isolate monitoring data more effectively, so that the right data is exposed only to the right people?

This will be a demo-driven session, based on a real Kubernetes environment, using a variety of tools at our disposal. Attendees should have a basic understanding of Kubernetes deployments as well as monitoring requirements.

Speakers
GB

Gianluca Borello

Gianluca is an engineering manager at Sysdig, where he wears many hats. He's a core developer of sysdig, an open source troubleshooting tool for Linux and containers, and spends his days dealing with backend development, performance analysis and cloud infrastructure management.Prior... Read More →



Thursday March 30, 2017 14:45 - 15:20 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

14:45 CEST

Ops for Developers - Monitor Your Java Application with Prometheus [I] - Alexander Schwartz, msg systems ag
Prometheus is ready-to-go to monitor your infrastructure and your containers. Capturing simple metrics from a Java application can be done automatically. But Developers need to go one step further to provide useful application and business metrics.
This talk shows how to collect meaningful metrics in Vert.x and Spring based Java applications. It applies Dropwizard Metrics to gather internal application statistics, and Hystrix to provide metrics of the external interfaces the application consumes. It also shows how to fill gaps by writing your own collector.
By providing end-to-end examples this talk enables developers to make their application ready for production.

Speakers
avatar for Alexander Schwartz

Alexander Schwartz

Principal IT Consultant, msg systems ag
Alexander Schwartz is Principal IT Consultant at msg systems. He’s been in Web development for more than 15 years and enjoys productive working environments, agile projects and automated tests. At conferences and user group meetings he talks about the things he is passionate ab... Read More →



Thursday March 30, 2017 14:45 - 15:20 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:40 CEST

What Cloud Computing Can Learn from Neuroscience: How the Brain Architects 'Cloud Applications' [I] - David Flanders, University of Melbourne, Australia
"The wisest and noblest teacher is nature... one who loves practice without theory is like the sailor who boards the ship without a rudder and compass and never knows where one may cast." (Leonardo da Vinci).

All great science begins in nature, and it is often this simple metaphor we forget about when attempting to explain the code we want to spend months (if not years) building for our users.

This presentation asks a simple question: what can cloud computing learn from the architecture of the brain (neuroscience). An overview of recent neuroscience will be provided as a metaphor for how we build cloud applications. Like any good scientific theory it will ask more questions than provide answers.

Speakers
DF

David Flanders

Scientist Hacker, University of Melbourne, Australia
Computer scientist and neuroscience, exploring what we can learn from millennia of lessons the brains' evolutionary architecture has for building cloud applications.


Thursday March 30, 2017 15:40 - 16:15 CEST
B 09 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:40 CEST

Writing a Custom Controller: Extending the Functionality of Your Cluster [I] - Aaron Levy, CoreOS
Much of the functionality in a Kubernetes cluster is managed by a reconciliation pattern within "controllers". The node, service, or deployment controllers (just to name a few) watch for changes to objects, then act on those changes to drive your cluster to a desired state. This same pattern can be used to implement custom logic, which can be used to extend the functionality of your cluster without ever needing to modify Kubernetes itself.

This talk will cover how to implement your own custom controller, from contacting the Kubernetes API to using existing libraries to easily watch, react, and update components in your cluster. By building on existing functionality and following a few best practices, you can quickly and easily implement your own custom controller.

Speakers
AL

Aaron Levy

Head of Kubernetes Cluster Lifecycle, CoreOS
Aaron Levy is a software engineer at CoreOS, working on all things Kubernetes. He is also the lead maintainer of bootkube, a kubernetes-incubator project that enables launching self-hosted kubernetes clusters.


Thursday March 30, 2017 15:40 - 16:15 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:40 CEST

IPVS for Scaled Private Cloud Load Balancing [I] - Kimberly Messimer, Comcast VIPER
In this talk, we discuss how Comcast VIPER addresses network-scaling bottlenecks using IPVS as a load balancer. We discuss the benefits including enabling us to achieve over 500Gbit/s egress from a modest Kubernetes cluster as well as dynamic VIP allocation.

Using a tool we’ve written in-house called Kube2IPVS, which utilize Kubernetes config maps, we can assign an ingress IP address and port to a Kubernetes service, and our load balancer will automatically reconfigure, with no downtime, to load balance traffic into a service.

We go into technical detail in this presentation, starting with a brief overview of IPVS and why it’s useful. We will then descend into the requirements surrounding L2 adjacency and why ARP is your frenemy. We’ll discuss how we addressed the challenges of running IPVS internal to Kubernetes, including IPVS master and backend co-location.

Finally, we'll highlight how port forwarding is not possible using IPVS in direct-reply mode, and then discuss how Kube2IPVS manages iptables rules to route packets directly into Kubernetes service chains, effectively bypassing this restriction.

We expect to have Kube2IPVS open-sourced in 2017.

Speakers
KM

Kimberly Messimer

Principal Systems Engineer, Comcast VIPER


Thursday March 30, 2017 15:40 - 16:15 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:40 CEST

Success of CRI: Bringing Hypervisor Based Container to Kubernetes [I] - Lei Zhang, HyperHQ
CRI, aka Container Runtime Interface, is the new mechanism designed to plug any container runtime in Kubernetes. In this presentation, I will introduce how we introduce the hypervisor based container into Kubernetes as native container runtime by using CRI. And enables users to serve their customers directly with virtualized containers, instead of wrapping them inside of full blown VMs. CRI design principles and implementation details will be explained. As well as the essential differences between Kubernetes and other projects like SwarmKit and how hyper.sh made the choice. Today, many developers are not comfortable with Linux containers as an effective boundary, and requires for a stronger degree of isolation, particularly for those running in a multi-tenant environment. We believe HyperContainer with Kubernetes is one of the best answers.

Speakers
avatar for Lei Zhang

Lei Zhang

Core Dev Member, HyperHQ
Phd candidate, and also a feature maintainer of Kubernetes project. I once worked for Cloud Foundry team in VMware and Baidu. Now as HyperCrew, the author team of world's leading open-source hypervisor based container. I mainly focus on Kubernetes upstream about scheduler and CRI... Read More →



Thursday March 30, 2017 15:40 - 16:15 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

15:40 CEST

Monitor My Socks: Using Prometheus in a Polyglot Open Source Microservices Reference Architecture [I] - Phil Winder, Winder Research/Container Solution
This presentation describes how Prometheus was integrated into a polyglot microservices application. We will use the "Sock Shop", a cloud-native reference microservices architecture to demonstrate some of the best practices and pitfalls of attempting to unify monitoring in real life. Attendees will be able to use this application as a reference point, or as a real life starting point for their own applications.

Specifically, we will cover:
- Integrating Prometheus in Java/Go/Node.js/Haskell
- Best practices: what to monitor and how to structure the monitoring code
- Pitfalls: what goes wrong and why
- Demonstrations and descriptions how attendees can try it for themselves

Speakers
avatar for Phil Winder

Phil Winder

Engineer, Winder Research / Container Solutions
Phil Winder is a multi-disciplinary freelance architect working towards the research and development of cutting-edge technology. Most recently he has been developing cloud-based full-stack microservice systems for a range of clients but has a significant past in machine learning and... Read More →



Thursday March 30, 2017 15:40 - 16:15 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:25 CEST

The Patterns of Distributed Logging and Containers [I] - Satoshi Tagomori, Treasure Data, Inc.
In recent days, logging becomes important more and more. Microservices produce much more various logs than past, and also require to see many logs to trace what users do. Containers are very useful for microservice architecture, but containers cannot have persistent storage in many cases. It makes "tracable" logging hard.
This talk will explain some patterns of logging architecture on container based computing, show an example using Fluentd and discuss about best practice to scale it from startup size to huge platform. These discussions include how to ship logs from applications in containers, how to ship logs from middleware (e.g., web servers) in containers, how to gather these logs from many servers which runs containers and how to store whole logs into many/various storages.

Speakers
avatar for Satoshi Tagomori

Satoshi Tagomori

Software Engineer, Treasure Data, Inc.
A open source software engineer, mainly working about web services, devops, distributed processing and data collection. Committer of Fluentd, maintainer of MessgePack-Ruby, author of Norikra, Woothee and many other projects. Day job is at Treasure Data, SaaS company to provide data... Read More →



Thursday March 30, 2017 16:25 - 17:00 CEST
A 04 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:25 CEST

Scale Kubernetes to Support 50,000 Services [I] - Haibin Xie & Quinton Hoole, Huawei Technologies
Kubernetes currently has two load balancing modes: userspace and IPTables. They both have limitation on scalability and performance. We introduced IPVS as third kube-proxy mode which scales kubernetes load balancer to support 50,000 services. Beyond that, control plane needs to be optimized in order to deploy 50,000 services. We will introduce alternative solutions and our prototypes with detailed performance data.

Speakers
avatar for Quinton Hoole

Quinton Hoole

Technical Vice President, Futurewei
https://www.linkedin.com/in/quintonhoole/YouTube me for previous presentations.CNCF TOC Member
avatar for Haibin Michael Xie

Haibin Michael Xie

Principal Architect, Huawei Technologies
Michael Xie is Principal Architect at Huawei PaaS team, working on container networking, container orchestration framework, PaaS platform and middleware services. Prior to joining Huawei he was a pricipal software engineer at AOL ads and senior software engineer at Microsoft working... Read More →



Thursday March 30, 2017 16:25 - 17:00 CEST
C 01 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:25 CEST

Load Testing Kubernetes: How to Optimize Your Cluster Resource Allocation in Production [I] - Harrison Harnisch, Buffer
So you've carefully crafted your first Kubernetes service, and you're ready to deploy it to production. Well, not quite: there are still some important unknowns to understand before your service will be ready for production traffic. It's still unclear how the new service behaves when it's being pushed, and it's possible that Kubernetes will kill the service before serving a single request. At Buffer, we've developed a technique to optimize Kubernetes deployment limits by using load testing to identify optimal values for resource limits. When the service is under heavy load there are a few key metrics to watch to identify bottlenecks. These key metrics can be used to adjust resource limits. This real world approach allowed us to safely and efficiently switch over more than half our production traffic to our Kubernetes cluster and can be applied to any application.

This talk will include a live demo of how to tune Hashicorp's Consul application using methods we do at Buffer.

Speakers
avatar for Harrison Harnisch

Harrison Harnisch

Staff Software Engineer, ZEIT
Harrison is a Staff Software Engineer at Buffer, implementing the transition to microservices with Kubernetes and Docker. He's given talks at KubeconEU and KubeconUS about setting resource limits.



Thursday March 30, 2017 16:25 - 17:00 CEST
B 07 - B 08 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:25 CEST

Sched.net: A Network-Aware Kubernetes Scheduler [I] - Akash Gangil & Salvatore Orlando, VMware
Different workloads have different optimal scheduling requirements. For instance, a video streaming microservice would need higher network bandwidth than a microservice running the codec. Kubernetes exposes an interface to build a custom scheduler. In this talk, we will show how better scheduling decisions can be made with information about the network topology. The scheduler would make pod scheduling decisions as a function of network health, in addition to other resources like cpu and memory predicates used by the default scheduler.


The talk would highlight:
* How kubernetes empowers the users to build their own custom scheduler and challenges that come along with it.
* Why we needed sched.net over the current default scheduler?
* Demonstrate how better scheduling decisions can be made, if the scheduler is also aware of the current network state with a simple demo described below.


Demo setup would consist of kubernetes with OVN as a networking backend using the ovn-kubernetes plugin. It provides a well defined translation between Kubernetes and OVN logical network abstractions. Ex: namespace → logical switch, pod → logical switch port. Sched.net would be implemented by adding a predicate function which would determine “network health” from information gathered from OVN controller.

Speakers
avatar for Akash Gangil

Akash Gangil

Software Engineer, Uhana
Akash is currently a Sr. Software Engineer at Uhana. Previously, he was a software engineer at Networking and Security Business Unit at VMware. He worked at enabling VMware NSX as a networking fabric for Kubernetes. He recently graduated from Georgia Tech with a focus on Computer... Read More →
avatar for Salvatore Orlando

Salvatore Orlando

Staff Engineer, VMware
Salvatore used to be very involved with Openstack Networking. He actually implemented the first version of the Neutron API, then called Quantum. It was so good it had to be re-done from scratch. At some point he decided he made enough damage and left. After spending some time picking... Read More →



Thursday March 30, 2017 16:25 - 17:00 CEST
B 05 - B 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:25 CEST

Switching From External Load Balancing to consul & ingress [I] - Dan Wilson, Concur
At Concur we integrated our kubernetes clusters to our own internal F5 ecosystem which worked well for internal data center deployments but turned out to be cumbersome when trying to maintain a consistent setup for our cloud environments. We'll discuss what the issues are that we faced and the new architecture that we're using which combines consul for dns service discovery with kubernetes ingress in a multi kubernetes cluster design.

Speakers
avatar for Dan Wilson

Dan Wilson

Principal Architect IV, Concur
I have a passion for collaborating across the business and using data to drive decision making. My primary areas of focus include container orchestration, developer pipeline, cloud service architecture, scale out technologies, design for failure and open source technologies.



Thursday March 30, 2017 16:25 - 17:00 CEST
A 05 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany

16:25 CEST

Behind the Iron Curtain: Getting Metrics From the Browser into Prometheus [I] - Tom Wilkie, Weaveworks
Prometheus has so far been pigeon holed as a monitoring technology for the backend; well, no more! With the rise of single-page apps, gathering metrics from within the browser has never been more important - latency as experienced by the user is much more important than any measurements taken from individual backend services. And if you can’t track Javascript errors that could potentially lead to blank screens, you should feel bad.

This talk presents a method for tracking UI metrics and errors with Prometheus. By getting this data into Prometheus, you can reuse the dashboarding and alerting options that you've grown to love. And by using a common monitoring stack across frontend and backend, you can finally claim the throne of the king of fullstack!

Speakers
avatar for Tom Wilkie

Tom Wilkie

VP Product, Grafana Labs
Tom is VP Product at Grafana Labs, but really he is a software engineer. Tom is a maintainer on the Prometheus project and a maintainer and the original author of Cortex, both CNCF projects. Previously Tom founded Kausal, a company working on Prometheus, and worked at companies such... Read More →


Thursday March 30, 2017 16:25 - 17:00 CEST
A 06 Berlin Congress Center, Alexanderstraße 11, 10178 Berlin, Germany
  Prometheus