Category Archives: LCA2016

Open Cloud Symposium to be held in Geelong at linux.conf.au 2016.

Schedule for the Cloud Symposium (LCA2016)

We are pleased to announce the linux.conf.au 2016 Open Cloud Symposium programme.

09:00 – 10:00 Conference Opening
10:00 – 10:40 …morning tea…
10:40 – 11:25 Continuous Delivery using blue-green deployments and immutable infrastructure by Ruben Rubio Rey

Immutable Infrastructure is a topic drawing large amount of attention, namely as a reliable, safe, and effective system architecture pattern to manage server infrastructure generally in cloud ecosystems. Using this concept along with blue-green deployments, a powerful and versatile paradigm opens paving the way for rapid and low-risk deployments with minimal human and infrastructure over-head.

About the speaker:

Ruben Rubio Rey is the founder of Manageacloud.com. Prior he has helped several start-ups to become multi-million dollar companies and leaders in their respective markets. He is member of the advisory board of CreateIT at the University of Sydney and prior he is presented at Ansible, Puppet, Port80, Docker (Sydney and Melbourne), AWS and PuppetCamp 2015.

11:35 – 12:20 The Twelve-Factor Container by Casey West

This talk will use the seminal twelve-factor app essay as a guide to discuss the do’s and dont’s of building and running containers. Each factor gives us an opportunity to consider avoidable anti-patterns if you’re using containers to deploy and manage repeatable, reliable, and portable services.

Containers rose in popularity on an oft used metaphor: lightweight virtual machines. We have a robust understanding of the benefits of virtualized hardware as a method of efficient resource utilization. The idea of _even more efficient_ resource utilization makes sense. Unfortunately it’s a problematic metaphor.

Containers represent a constrained set of capabilities compared to virtual machines in order to make fine-grained guarantees about resource constraints and process isolation. This is a good thing. There is overlap in ideal capabilities between VMs and containers but it isn’t complete. Newcomers to the container ecosystem begin with a “lightweight VM” understanding and fall victim to specific anti-patterns.

After this talk you’ll understand common pitfalls in containerization and how you can avoid them. This discussion is useful for developers who wish to gain greater understanding of the environment their applications are deployed to, as well as operators interested in the benefits of containers for their architecture.

About the speaker:

Working in Internet infrastructure, web app security, and design taught Casey to be a paranoid, UX-oriented, problem solving Internet plumber; his earliest contributions to Perl live to this day on your Mac. Casey’s speaking and writing ranges from open source communities and culture to technical architecture and automation tips and tricks. Casey West wears the mantle of Principal Technologist focused on Pivotal’s Cloud Foundry Platform and lives in Pittsburgh raising three sarcastic children.

12:20 – 13:20 …lunch…
13:20 – 14:05 Assorted Security Topics in Open Cloud: Overview of Advanced Threats, 2015’s Significant Vulnerabilities and Lessons, and Advancements in OpenStack Trusted Computing and Hadoop Encryption by Dr. Jason Cohen

This talk will present an assortment of security topics related to Open Source Cloud Computing technologies. Topics will include an overview of the most significant security flaws discovered over the last year in popular cloud platforms, the generic foundations of advance persistent threats, and some of the recent countermeasures of encryption, key management, and platform validation being introduced into OpenStack and Hadoop. A demo of Trusted Compute Pools will also be given and an explanation of what types of advanced threats it protects against will be provided.

It would seem that, despite the exponential growth in security products, security services, security companies, security certifications, and general interest in the security topic; we are still bombarded with a constant parade of security vulnerability disclosures on a seemingly daily basis. Knowing that complete protection from threats and vulnerabilities at the front end of the infrastructure is impossible and that advanced threats will find their way past our defenses, efforts to protect the data and the ‘keys to the castle’ being the last line of defense are even more critical.

The hardware enabling ‘trusted computing’ is referred to as a Trusted Platform Module (TPM), and is designed as a commodity chip that is integrated into motherboards, as well as appliances such as network switches, firewalls, and embedded devices. The TPM provides features that are useful in providing assurances about the state of a platform and protecting sensitive information. Essentially, the chip can be used to generate, store, and protect encryption keys. It also provides a mechanism to store information about the state of a platform through a traceable, cryptographic mechanism, which can be securely attested to a remote verifier. TPMs have been around for a while but have had a slow uptake in actual use until recently due to initial privacy concerns that have been mostly overcome. Many cloud deployments include hardware with a TPM, but it is rarely used. Championed by Intel and others, support for using the TPM and related Intel TXT to provide remote attestation has been included in OpenStack in the form of Trusted Compute Pools. This feature can detect systems within the cloud that have booted untrusted code and block guests from executing on them. This will be demo’ed on a live system. Of course, this boot time detection of untrusted code is beneficial, there are other ways a TPM could be utilized to better protect user or application data via strong and cheap protection of keys. Work being done in OpenStack to utilize the TPM for key protection will also be discussed. In addition, when configuring bare metal systems, there are many other ways to use the TPM such as with the IMA/EVM subsystem or by using the TPM to protect keys used in disk encryption, applications, or user data. Some of the common tools for using TPMs on bare metal systems will be enumerated. Lastly, although not necessarily a ‘cloud’ platform, Hadoop is a mainstay in the related field of big data. Until recently, the lack of block level encryption has been an issue for organizations looking to protect Hadoop data. We will discuss the architecture of the Hadoop encryption framework and considerations for key protection.

About the speaker:

Dr. Jason Cohen is a senior technology consultant at Hewlett Packard Enterprise, with over 14 years of industry experience in the area of enterprise information technology for the US public sector with a focus on complex systems integration and security solutions. He has extensive expertise in IT architecture, security, secure application design, distributed systems, trusted computing, and secure cross-domain solutions. Jason has several published research articles related to the application of Trusted Computing technology in distributed systems to combat advanced threats. Jason holds a Doctor of Science in Information Technology from Towson University, a Master’s degree from Towson University in Applied Information Technology, and a Bachelor’s degree in Computer Science from Goucher College.

14:15 – 15:00 Managing Infrastructure as Code by Allan Shone

Infrastructure can be difficult to manage, but expressing it as code can drastically simplify this. Covering some key concepts and methodologies, we take a look at ways to manage Infrastructure, from the specification of a server or instance to the environment as a group of inter-connected entities.

About the speaker:

Allan is a Co-Founder with Manageacloud and Senior Engineer at RedMarker. Previously, he was a Jack of all Tech Trades at Yahoo7 for over 7 years, primarily focused on Architecture, DevOps, and Security.

15:00 – 15:40 …afternoon tea…
15:40 – 16:00 Cloud Anti-Patterns by Casey West

The value of embracing microservices, containers, and continuous delivery is powerful only when brought together in logical, scalable, and portable ways. When used incorrectly it’s increasingly easy to make things much worse for you and your team, and do it at scale.

For example, while microservices can be used to effectively isolate functionality, increase the speed of delivery, and help scale your team it can also be a way to inefficiently duplicate functionality and create single points of failure.

I’ll share anti-patterns and corresponding best practices based on my experience building application infrastructure and platforms, as well as the applications which are deployed to them.

About the speaker:
Working in Internet infrastructure, web app security, and design taught Casey to be a paranoid, UX-oriented, problem solving Internet plumber; his earliest contributions to Perl live to this day on your Mac. Casey’s speaking and writing ranges from open source communities and culture to technical architecture and automation tips and tricks. Casey West wears the mantle of Principal Technologist focused on Pivotal’s Cloud Foundry Platform and lives in Pittsburgh raising three sarcastic children.
16:05 – 16:25 Cloud Crafting – Public / Private / Hybrid by Steven Ellis

Do you need to utilise many different public cloud technologies, or perhaps you’d like to put a cloud friendly shine on that rust old legacy VMware infrastructure. Perhaps the learning curve for OpenStack is too steep or it is missing critical feature you require? Take a look at ManageIQ, an Open Source project that can broker across on-premise IaaS as well as Public/Private cloud environments to provide a one stop shop for your DevOps needs.
This session will cover the key features of ManageIQ and demo connectivity to a range of Cloud and IaaS technologies.

About the speaker:

Steven is a long term advocate of Open Source and has been involved with Linux and Open Source for over 20 years either as a developer, system administrator or architect. He currently works for Red Hat as their Platform Senior Solution Architect in NZ focusing on Infrastructure and Cloud technologies.

Steven gives regular talks on FOSS to the Auckland Linux User Group, local Meetups and Auckland BarCamp, and has been an invited speaker at a number of regional and international conferences including OSDC, linux.conf.au, Linux World and OSCON. In 2015 he formed the core of the team that brought linux.conf.au to Auckland NZ.

16:35 – 17:20 Live Migration of Linux Containers by Tycho Andersen

lxc move c1 host2:. In 18 characters, you can live migrate containers between hosts. LXD makes using this powerful and complex technology very simple, and very fast. In this talk, I’ll give a short history of the underlying migration technology CRIU, describe a few optimizations that LXD is doing in the space to make things fast like optimizing filesystem transfers using native transfer mechanisms (e.g. `zfs send`) and using p.haul to do iterative migration. Additionally, Ubuntu 16.04 will ship with the ability to migrate all of the kernel security features used by container engines, as well as various other kernel features that have been previously unsupported. This talk will also cover the kernel and userspace work that has gone into making this possible.

About the speaker:

Tycho is a software engineer at Canonical actively working on several
cloud-related projects, most recently as one of the core developers of LXD, an
open source Linux Container based hypervisor. He holds degrees from the
University of Wisconsin–Madison and Iowa State University, and has co-authored
several peer-reviewed papers. In his spare time he rides bikes and does improv
comedy.

About Open Cloud Symposium

The Open Cloud Symposium will be held on Monday 01 February 2016 in
Geelong, Victoria as part of linux.conf.au 2016.

The Open Cloud Symposium is a one day mini-conference dedicated to all
things cloud held as part of the main linux.conf.au conference. A ticket
for linux.conf.au is required to attend the event.

About linux.conf.au

Linux Conference Australia, officially ‘linux.conf.au’ and
affectionately known as ‘LCA’, started life as the the Congress of
Australian Linux Users in 1999. Since 2001, the conference has been held
around different cities and towns in both Australia and New Zealand,
attracting both Linux professionals and passionate hobbyists.

linux.conf.au is an informal, grass-roots event, where the hallway track
is just as valuable as the formal conference schedule. The conference
has spawned a close knit and tightly connected community in Australia
and overseas.

Open Cloud Symposium Call for Proposals – LCA2016

We are pleased to announce that the call for proposals to the Open Cloud Symposium for linux.conf.au 2016 is now open! The symposium – a one day mini-conference dedicated to all things cloud – will be held on Monday 01 February 2016 in Geelong, Victoria as part of linux.conf.au 2016.

Presentation subjects are warmly invited from a wide range of topics related to cloud. This includes practically any layer of the typical *aaS stack, containers, software defined networking/infrastructure and other emerging technology. Talks targeted at any relevant audiences are encouraged, such as:

  • System administration and operation of clouds,
  • Development of clouds and developer talks,
  • Cloud application development and users of cloud components.

The symposium is agnostic of the cloud software presented – so long as it is open source. The organisers are looking to get a wide variety of technologies represented and welcome proposals from as many cloud flavours as possible.

If you have something interesting to talk about, please head on over to http://goo.gl/forms/IH8surT5Zs to lodge your submission.

Dates:

  • CFP open: 02/12/2015
  • CFP close: 29/12/2015
  • Conference starts: 01/02/2016

Help dispersing this CFP to other mailing lists or individuals that you think would be well suited to presenting would be greatly appreciated.

Presenters at the Open Cloud Symposium need to be delegates of linux.conf.au; so make sure you’ve registered at http://linux.conf.au/register/info. Even if you’re not presenting, you should consider attending this fantastic conference (and mini-conferences).

Any questions or queries can be directed to josh@nitrotech.org

Cheers,
The Open Cloud Symposium organisers.
http://sites.rcbops.com/opencloud_symposium/

About Open Cloud Symposium

The Open Cloud Symposium will be held on Monday 01 February 2016 in Geelong, Victoria as part of linux.conf.au 2016.

The Open Cloud Symposium is a one day mini-conference dedicated to all things cloud held as part of the main linux.conf.au conference. A ticket for linux.conf.au is required to attend the event.

About linux.conf.au

Linux Conference Australia, officially ‘linux.conf.au’ and affectionately known as ‘LCA’, started life as the the Congress of Australian Linux Users in 1999. Since 2001, the conference has been held around different cities and towns in both Australia and New Zealand, attracting both Linux professionals and passionate hobbyists.

linux.conf.au is an informal, grass-roots event, where the hallway track is just as valuable as the formal conference schedule. The conference has spawned a close knit and tightly connected community in Australia and overseas.