agenda

Room 1

❶ 09:00 – 13:00

Hands-on introduction to Kubernetes

Andrea Giardini (Camunda Services)

Register

❶ 14:00 – 18:00

Securing container delivery with open source tools

Travis Jeppson (Nav Technolgies)

Register

Room 2

❷ 09:00 – 13:00

Istio: Control and Observability for Microservices

Belinda Vennam and Ram Vennam (IBM)

Register

❷ 14:00 – 18:00

Deploying your first Micro-Service application to Kubernetes

Bastian Hofmann (SysEleven)

Register

Room 3

❸ 09:00 – 13:00

The Workaday World of Docker Captain

Lukasz Lach (GOG.com)

Register

❸ 14:00 – 18:00

Kubevirt 101 - learn the new way to operate VMs

Sebastian Scheele (Loodse) and Fabian Deutsch (RedHat)

Register

Room 4

Deploying to production - a CI guide

Everyone is doing continuous integration today. In this workshop we will explore ways how to deploy applications to production kubernetes clusters using build runners on kubernetes and kaniko as well as practices to implement deployments into your pipelines.

❹ 09:00 – 13:00

Deploying to production - a CI guide

Christian Jantz (Fast Lane)

Register

Securing Cloud Native Apps on Managed Kubernetes: Deep Dive

Brand new for 2019, this is the workshop to attend if you want to harden your Kubernetes clusters, configure a service mesh, securely deploy internal and external workloads and implement security metrics and observability to catch malicious behaviour in the act. Each attendee will have a GKE cluster and a microservices-based web app deployed into it. Attackers have compromised your app and are mining cryptocurrency on your public cloud bill. Your job is to identify how they got in, get them out and keep them out. You will install and configure a range of native Kubernetes security features and cloud native tools including Istio, OpenTracing, Elasticsearch, Prometheus, Weave Flux and more as we power through this intensive, hands-on workshop. Delegates will need: * Understanding of Kubernetes basics such as connecting to a cluster and deploying workloads * Understanding of networking, PKI and HTTP * Laptop with kubectl, git and a code editor installed * WiFi Internet access to connect to their training clusters on Google Cloud

❹ 14:00 – 18:00

Securing Cloud Native Apps on Managed Kubernetes: Deep Dive

Marc Wickenden (4Armed)

Register
18:30 Meetup at PlusServer
08:00 – 09:00 REGISTRATION

Stage 1
HAFENMUSEUM
Welcome & Keynote

❶ 09:00 - 09:15

WELCOME
Welcome and Opening Remarks

Sebastian Scheele & Julian Hansert (Loodse)

❷ 09:20 - 09:35

KEYNOTE
5 years of Kubernetes

Ihor Dvoretskyi (CNCF)

❸ 09:40 - 09:55

KEYNOTE
Kubernetes patterns beyond Kubernetes

Craig McLuckie (VMware)

❸ 10:00 - 10:15

KEYNOTE
Virtual Twins - When Visualization Technology meets Mashine Learning

Oliver Rößling (Absolute Software)

Stage 1
HAFENMUSEUM

❶ 10:25 – 11:00

Good Enough for the Finance Industry: Achieving High Security with Containers and Microservices

Austin Adams (HerdX) and Zach Arnold (Ygrene Energy Fund)

#Beginner

11:00 – 11:30 Coffee Break

❶ 11:30 – 12:05

A journey to Kubernetes

Tobias Schöne (HanseMerkur)

#Beginner

❶ 12:15 – 12:50

Talk

Nikhita Raghunat (Loodse)

TBD

12:50 – 14:00 Lunch break

❶ 14:00 – 14:35

Should I build it or buy it?

Travis Jeppson (Nav Technologies)

#Beginner

❶ 14:45 – 15:20

# How To Manage Kubernetes Clusters using Cluster-API

Marko Mudrinić (Loodse)

#Intermediate

15:20 – 15:50 Coffee Break

❶ 15:50 – 16:25

PANEL DISCUSSION
Public Clouds vs on-premise: is data sovereignty really security?

❶ 16:35 – 17:10

How to build a time machine?* *And not get sucked into a blackhole.

Khash Sajadi (Cloud 66)

#Beginner

❶ 17:20 – 17:55

Atomic Host - Working with a git like operating system

Marcel Lambacher (Zühlke Engineering)

#Beginner

18:00 Afterparty

Stage 2
BIG TENT

❷ 10:25 – 11:00

How AI and Big Data Platform as a Service work together - a showcase

Dennis Haßlöcher and Christopher Blaschke (DATIS IT-Services GmbH)

#Intermediate

11:00 – 11:30 Coffee Break

❷ 11:30 – 12:05

Best Practices for the successful usage of the Container Technology

Stefan Scherer (Docker)

#Intermediate

❷ 12:15 – 12:50

Knative

Roland Huß and Matthias Wessendorf (Red Hat)

#Intermediate

12:50 – 14:00 Lunch break

❷ 14:00 – 14:35

Continuous deployment to Kubernetes with the Google Container Tools

David Gageot (Google)

#Intermediate

❷ 14:45 – 15:20

Service Mesh Magic for Managed Kubernetes

Franz Munz (AWS)

#Intermediate

15:20 – 15:50 Coffee Break

❷ 15:50 – 16:25

Creating a fast Kubernetes Development Workflow

Bastian Hofmann (SysEleven)

#Intermediate

❷ 16:35 – 17:10

Automated Container Security for DevSecOps

Markus Schoenberger and Hannes Steiner (Trend Micro)

#Beginner

❷ 17:20 – 17:55

Diversity, actually

Ronna Steinberg (Women Who Go Berlin)

#Beginner

18:00 Afterparty

Stage 3
MS BLEICHEN

❸ 10:25 – 11:00

Kubernetes Day 3: The State of Kubernetes Development Tooling

Ellen Körbes (Garden)

#Intermediate

11:00 – 11:30 Coffee Break

❸ 11:30 – 12:05

Organizing the YAML mess with Kustomize

Florian Assmus (Prodyna)

#Intermediate

❸ 12:15 – 12:50

Managing large scale networks using Salt and Docker

Micrea Ulinic (Cloudflare)

#Intermediate

12:50 – 14:00 Lunch break

❸ 14:00 – 14:35

Caught in the Hype Cycle? - How to make cloud native transformation a success

Sascha Mühlbach and David Meder-Marouelli (1&1)

#Intermediate

❸ 14:45 – 15:20

Large scale kubernetes on the road

Georg Rabenstein and Marius Svechla (SHARENOW)

#Intermediate

15:20 – 15:50 Coffee Break

❸ 15:50 – 16:25

Automatically TUF about Container Image Security in Kubernetes

Zach Arnold (Ygrenne Energy Fund)

#Intermediate

❸ 16:35 – 17:10

DITTO - Hybrid IAM for microservices architecture

João Oliveira (real.digital) and Joschka Tillmanns (Mooncamp)

#Intermediate

❸ 17:20 – 17:55

The Silence of the Lambs: Promoting and Inspecting Source Code and Binaries in Continuous Delivery

Michael Hüttermann (huettermann.net)

#Intermediate

18:00 Afterparty

STAGE 4
SMALL TENT

Explore Kubernetes Network Plugins Using a Desk-based Bare metal Cluster

Kubernetes is a highly extensible framework, where each of the cluster services can be customized depending on the use case. The extensibility also comes from the standardization of interfaces for various infrastructure components like compute/runtime, network or storage using the CRI, CNI, CSI etc., To get a clear understanding or to make a comparative study of various available options is only possible by trying each. To try these options, we require a multi-node cluster or more than one cluster. The platforms such as Raspberry-Pi, LePotato presents itself a viable option to build such multi-node home grown clusters as Kubernetes can be easily compiled and deployed on ARM architectures. In this talk, Harshvardhan Karn and Sumit Lalwani will present the usage of Raspberry-Pi, LePotato to evaluate the different CNI options like calico, flannel, cilium.

❹ 10:25 – 11:00

Explore Kubernetes Network Plugins Using a Desk-based Bare metal Cluster

Harshvardhan Karn and Sumit Lalwani (MayaData Inc)

#Intermediate

11:00 – 11:30 Coffee Break

Fasten your Seatbelts ! Deployment Automation using Docker and Ansible

In this session, we’ll discuss how we combine Docker , Ansible and Jfrog Artifactory to achieve more streamlined continuous integration . We’ll cover: * A quick history of our deployment challenges and what led us to Docker. * The benefits of our new deployment approach — easy to Setup and minimal investment * Our Experience in running Integration tests on docker containers * How we combine Docker and the Jfrog products like Artifactory for more streamlined continuous integration and deployment

❹ 11:30 – 12:05

Fasten your Seatbelts ! Deployment Automation using Docker and Ansible

Ram Mohan Rao Chukka (Appfire)

#Advanced

Switching the Engine (DNS) in Kubernetes: Benchmarks and Possibilities

DNS is one of the core components making Kubernetes run. It’s essential for most services and service discovery. It’s critical, underappreciated and overlooked at the same time. With the recent switch from Kube-DNS to CoreDNS as the main engine for DNS we wanted to take a retrospective look at the improvements and a future look at new possibilities. In this talk I’ll discuss common DNS issues such as UDP packet loss and resulting tail latency issues, compare the performance and reliability of Kube-DNS and CoreDNS, plus spec out and test possible iterative setups with advanced CoreDNS features such as local Daemonset caching, TCP support, prefetching, DNS over GRPC and GRPC based watches.

❹ 12:15 – 12:50

Switching the Engine (DNS) in Kubernetes: Benchmarks and Possibilities

Michael Grosser (Rekkur Solutions)

#Advanced

12:50 – 14:00 Lunch break

What does the kubelet say?

Etcd goes 'store', kube-proxy goes 'route', API server goes '418', what does the kubelet say? Kubelet is one of the central components in the kubernetes cluster. Most of us are taking it for granted that is would just work and start our containers. CNI handles the networking part, kube-proxy the service part, but kubelet does more than just starting containers. In this talk, I cover kubelet on a high level before deep diving in the belly of the beast and its interfacing with CNI, container runtime and ultimately Linux kernel.

❹ 14:00 – 14:35

What does the kubelet say?

Neven Miculinić (Loodse)

#Advanced

Kubernetes and AWS Lambda can play nicely together

Vendor lock-in is a major worry for many engineers . A new innovative approach, will for the first time, allow open-source serverless to run on AWS Lambda or Kubernetes using the same deployment artifact, packaged using the tools we love: containers. Worried about vendor lock-in with serverless computing, but enjoy the scale, price and simplicity of AWS Lambda? OpenFaaS is an open-source function as a service (FaaS) platform on the CNCF serverless landscape. With OpenFaaS you can package anything as a serverless function and deploy to Kubernetes using containers. Due to UNIX-like primitives in the core architecture, it was possible to extend the system to run functions on both Kubernetes and AWS Lambda depending on user preference. The core components of OpenFaaS still run on Kubernetes but the functions are deployed and invoked on AWS Lambda In this talk we explain how the provider model in OpenFaaS separates the control plane from the function execution plane. The live demonstration deploys a function to Kubernetes using kubectl, then invokes the deployed function via Kubernetes on AWS Lambda

❹ 14:45 – 15:20

Kubernetes and AWS Lambda can play nicely together

Edward Wilde (OpenFaaS)

#Intermediate

15:20 – 15:50 Coffee Break

Spark performance tuning for Kubernetes/Serverless workloads

Cloud platforms provide flexibility of creating Spark clusters for short duration either as Function as a server or on Kubernetes. But, it is important to ensure that the spark jobs are written and executed in a way as to get the best mileage from these clusters. Given that the Clusters are billed on the duration of time used, performance of jobs becomes critical not only to improve efficiency but to reduce the Total Cost. This talk covers practical tips and hints on how to tune Spark jobs on popular Resource Managers like Yarn,Kubernetes for best performance. This talk will also address some of the FAQs by users and customers on Spark Clusters on popular Cloud platforms.

❹ 15:50 – 16:25

Spark performance tuning for Kubernetes/Serverless workloads

Rachit Arora and Vaibhav Kulkarni (IBM)

#Advanced

Distributed Load Testing using Containers

In DellEMC Enterprise Servers Validation Organization, we perform Load testing using different workloads (Web, FTP, Database, Mail, etc.) on Servers to identify the performance of the servers under heavy load. Knowing how DellEMC Enterprise Servers perform under heavy load (% CPU, % Memory, % Network, % Disk) is extremely valuable and critical. This is achieved with the help of a Load Testing Tools. Load testing tools available in market comes with its own challenges like Cost, Learning Curve and Workloads Support. Here in this talk we are going to demonstrate how we have built JAAS (JMeter As A Service) using Containers and opensource tools and how this solution playing a crucial role in Delivering Servers Validation efforts.

❹ 16:35 – 17:10

Distributed Load Testing using Containers

Vishnu Murty (DellEMC)

#Intermediate

GitOps by courtesy of Jenkins-X

The talk will introduce Jenkins-X basics from an operations point of view. Then it will cover the GitOps methodology and how it is realized by JX. Besides, it will show what other benefits JX brings to a development team by simplifying the setup of new, or importing existing microservice applications to k8s.

❹ 17:20 – 17:55

GitOps by courtesy of Jenkins-X

Gerd Aschemann (Freelancer)

#Advanced

18:00 Afterparty
08:00 – 09:00 REGISTRATION

Stage 1
HAFENMUSEUM

❶ 09:00 – 09:15

LIGHTNING TALK
Why Kubernetes as a container orchestrator is a right choice for running spark clusters on cloud?

Rachit Arora (IBM)

#Intermediate

❶ 09:20 – 09:35

LIGHTNING TALK
Cloud Native: the Business Side

Bill Mulligan (Loodse)

#Beginner

❶ 09:45 – 10:20

How to run a JupyterHub on Kubernetes

Maren Übelhör (Zoi TechCon)

#Intermediate

10:20 – 10:50 Coffee Break

❶ 10:50 – 11:25

Using ServiceMesh technology in Kubernetes and the integration with legacy services

Stephan Fudeus (1&1 IONOS)

#Intermediate

❶ 11:35 – 12:10

Battle of the Circuit Breakers: Hystrix vs. Istio

Nicolas Frankel (Exoscale)

#Intermediate

12:10 – 13:30 Lunch break

❶ 13:30 – 14:05

Trust is good, control is better - A (short) story about Network Policies

Maximalian Bischoff and Johannes Scheuermann (inovex)

#Intermediate

❶ 14:15 – 14:50

DevOps stories on adopting the mindset

Busra Koken (Trivago)

#Intermediate

14:50 – 15:20 Coffee Break

❶ 15:20 – 15:55

The Open Service Broker API - Introduction and Lessons Learned

Nico Schieder (Loodse) ,Tobias Placht (QAware) and Nicolai Rybnikar (DG-i)

#Beginner

❶ 16:05 – 16:40

Akka and Kubernetes, the beginning of a beautiful relationship

Hugh McKee (Lighbend)

#Intermediate

Stage 2
BIG TENT

❷ 09:00 – 09:15

LIGHTNING TALK
Let's try Fedora Silverblue — an immutable desktop OS!

Adam Šamalik (Red Hat)

#Beginner

❷ 09:20 – 09:35

LIGHTNING TALK
Importance of IPv6 in a cloudy World

Alexander Trost (Cloudibility)

#Beginner

❷ 09:45 – 10:20

Two years in production with Kubernetes - an experience report

Kasper Nissen (Lunar Way)

#Beginner

10:20 – 10:50 Coffee Break

❷ 10:50 - 11:25

A Hitchhiker's Guide to Cloud Native API Gateways

Mario-Leander Reimer (QAware)

#Intermediate

❷ 11:35 – 12:10

Write maintainable integration test with Docker

Gianluca Arbezzano (InfluxData)

#Beginner

12:10 – 13:30 Lunch break

❷ 13:30 – 14:05

Kubernetes on edge computing or embedded setups?

Michael Vogeler (PlusServer)

#Intermediate

❷ 14:15 – 14:50

Secure but flexible - Cloud Native Continuous Delivery in the Finance industry

Ádám Sándor (Container Solutions)

#Intermediate

14:50 – 15:20 Coffee Break

❷ 15:20 – 15:55

Conflict of generations : Container and Microservices vs. 'Classic'

Jan Ole Kastens (Cassini Consulting)

#Intermediate

❷ 16:05 – 16:40

An introduction to Kubernetes

Henrik Høegh (Praqma)

#Beginner

Stage 3
MS BLEICHEN

❸ 09:00 – 09:15

LIGHTNING TALK
Container Isolation Approaches for Multi-Tenant Container Workloads and Serverless Computing

Christian Bargmann (Hamburg University of Applied Sciences)

#Beginner

❸ 09:20 – 09:35

LIGHTNING TALK
Enterprise Cloud native is The New Normal

Mario-Leander Reimer (QAware)

#Beginner

❸ 09:45 – 10:20

Moving to Kubernetes: the Bad and the Ugly

Maxime Lagresle (XING)

#Intermediate

10:20 – 10:50 Coffee Break

❸ 10:50 – 11:25

A DevOps State of Mind: Continuous Security with Kubernetes

Chris van Tuin (Red Hat)

#Intermediate

❸ 11:35 – 12:10

Locking down Kubernetes on Azure

Oliver Lohmann (Microsoft) and Darko Krizic (Prodyna)

#Intermediate

12:10 – 13:30 Lunch break

❸ 13:30 – 14:05

Using Helm to speed up your engineering and Shift Left

Guy Salton (Codefresh)

#Intermediate

❸ 14:15 – 14:50

Kubernetes Failure Stories, or: How to Crash Your Cluster

Henning Jacobs (Zalando)

#Intermediate

14:50 – 15:20 Coffee Break

❸ 15:20 – 15:55

Kubernetes Pod: deep dive

Dario Tranchitella (Namecheap)

#Intermediate

❸ 16:05 – 16:40

State of Containers in Big Data and Big Compute

Christian Kniep (QNIB Solutions)

#Intermediate

STAGE 4
SMALL TENT

What is the Business Case of DevOps?

Everyone wants to do DevOps. But only few understand what DevOps is and what it does with your company. When you want to introduce DevOps in a company you need to convince decision makers that it is worth to invest money / time / resources into the DevOps transformation. They will ask you about the business case and the return on investment of DevOps. In this talk I will show you how to convince the decision maker about the business case and the return on investment of DevOps, so that you get the money / time and resources for your DevOps transformation.

❹ 09:00 – 09:15

LIGHTNING TALK
What is the Business Case of DevOps?

Romano Roth (Zühlke Engineering)

#Beginner

Quirks of scaling up your Custom Controllers

Ashutosh will present the quirks of scaling up Custom Controllers - around implementing mutex, handling upgrades and best practices around versioning of the CRs. The talk is based on the experiences of running Custom Controllers in openebs project. CRs are crucial part of Kubernetes ecosystem enabling projects to put their own sauce within Kubernetes environment. Whenever it comes to access/modify a resource in the world of concurrent programming the very first thing that would come to our mind is mutexes to avoid undesired behaviours. This talk will walk through live examples of code and CR YAMLs.

❹ 09:20 – 09:35

LIGHTNING TALK
Quirks of scaling up your Custom Controllers

Ashutosh Kumar and Amit Das (MayaData)

#Beginner

Stay sane while managing multiple clusters: Kops Dos and Don’ts

Kubernetes has become the de-facto standard to run you containerized applications in the cloud: over the past years, we have seen a very steep adoption curve and many interesting projects around it. This workshop aims to give an introduction to Kubernetes. We will start by understanding Kubernetes' basics concepts and principles and step by step move to more advanced topics. By the end of this workshop, you will have a grasp on how Kubernetes works under the hood and what you can achieve with it. Also, you will be able to deploy a simple application to Kubernetes and scale it.

❹ 09:45 – 10:20

Stay sane while managing multiple clusters: Kops Dos and Don’ts

Andrea Giardini (Camunda Services GmbH)

#Intermediate

10:20 – 10:50 Coffee Break

Secure Software on Azure Kubernetes Services

By applying some essential security measures, you can make your Azure Kubernetes Service solution a much harder target for hackers. But how do you do that, while still deploying to production multiple times a day? You can do this by embedding application security into your development process. For example, you model threats your application may face and add countermeasures up front. And inside the delivery pipeline, you monitor your repository for vulnerabilities. But there's more! In this talk I'll show you what you need to know.

❹ 10:50 – 11:25

Secure Software on Azure Kubernetes Services

Loek Duys (Xpirit)

#Advanced

Kubernetes at XING: what it takes to build a coherent development environment

My name is Egor Balyshev, and I am a proud member of the team who built the new platform for XING on top of Kubernetes. In this session I will walk you through the design of our internal PaaS, talk about problems we encountered and solutions we found, reflect on Kubernetes programming interface and provide real examples of making developers' lives easier with automation and closed feedback loops. Keywords: Kubernetes, PaaS, GitHub, Jenkins, Golang, Groovy, custom controllers, Prometheus, CLI, lessons learned.

❹ 11:35 – 12:10

Kubernetes at XING: what it takes to build a coherent development environment

Egor Balyshev (XING)

#Advanced

12:10 – 13:30 Lunch break

TestContainers + JUnit5 = elegant end-to-end tests for microservices

This talk suggests to perform automatic testing of the release candidate against other real services started in Docker. TestContainers library facilitates simple start up of services and their dependencies, i.e. (No)SQL databases in containers. The lib has a list of valuable features which significantly simplify a developer’s life. In the demo part a simplified version of a SMS platform is emulated. Apart from Spring Cloud Eureka there are 3 more business services built on Spring Boot. One of them is Acceptor which accepts clients requests, consults Billing on a decision whether to proceed with a request or not. Eventually Sender does an actual submit of an SMS to a mobile operator. Later the operator pushes a delivery report to Sender’s endpoint which should be matched to the submitted message and forwarded to Acceptor and then to client.

❹ 13:30 – 14:05

TestContainers + JUnit5 = elegant end-to-end tests for microservices

Nikolay Kuznetsov (Infobip)

#Intermediate

7 Deadly Sins of React

My talk is about some common anti-patterns seen with React. I teach React at an evening coding bootcamp and also work as Lead Front-End developer during my day job. Over the last 2 years, I have taught tens of people how to write applications in React and spotted some mistakes and anti-patterns people often make. These include unnecessary state and props fields, visibility props, non-generic “generic” components, controlled components used in a non-controlled manner, directory location disparity between related components and many others… This talk will summarise my experience and observations dealing and resolving such anti-patterns and what we can do to avoid them.

❹ 14:15 – 14:50

7 Deadly Sins of React

Ersel Aker (BrightHR)

#Expert

14:50 – 15:20 Coffee Break

6 weeks to migrate!

Few months ago I met a team: 8 developers working on a B2C app of car renting. They were tired, so tired ... Their vagrant was slow, the server crashed two or three times a week without restarting and without any logs, a roll out to production took 2 days to be tested, by hand ... Together we decided to react, let's have the Roll's Royce of the development environnement! Thus I've dockerized the app, I've created a Kubernetes cluster, I've added Spinnaker to the loop and some other stuff. We had some up and down, some smile and tear, but we finally did it and we have no regret. That what's I want to tell you with all the thing we learned along the way.

❹ 15:20 – 15:55

6 weeks to migrate!

Aurore Malherbes (Padok)

#Intermediate

TBD

TBD

❹ 16:05 – 16:40

TBD

TBD

#TBD

ROOM 1

ROOM 2

ROOM 3

ROOM 4

Hands-on introduction to Kubernetes

Kubernetes has become the de-facto standard to run you containerized applications in the cloud: over the past years, we have seen a very steep adoption curve and many interesting projects around it. This workshop aims to give an introduction to Kubernetes. We will start by understanding Kubernetes' basics concepts and principles and step by step move to more advanced topics. By the end of this workshop, you will have a grasp on how Kubernetes works under the hood and what you can achieve with it. Also, you will be able to deploy a simple application to Kubernetes and scale it. This workshop includes: - Kubernetes introduction - How to containerize your workloads - Pods, Services, ConfigMaps and Secrets - Deployments and StatefulSets - Strategies for deployments - Scaling your applications

❶ 09:00 – 13:00

Hands-on introduction to Kubernetes

Andrea Giardini (Camunda Services)

Register

Istio: Control and Observability for Microservices

Istio is a new open platform to connect, manage, and secure micro-services jointly launched by IBM, Google, and Lyft. This session will provide a technical overview of the Istio project and demonstrations of using Istio with microservices and Kubernetes. Istio is a new open platform to connect, manage, and secure micro-services jointly launched by IBM, Google, and Lyft. This session will provide a technical overview of the Istio project and demonstrations of using Istio with microservices and Kubernetes. Specifically: Service mesh - what it is, why, and who is using it Making the deployment more secure (Using istio to get mutual tls authentication between services) Rolling out a new version to 1% of users (Using istio for traffic splitting) Making the deployment more robust (Using istio for circuit breaking and automatic request retries) Controlling the front door (Using Istio-ingressgateway instead of default Kubernetes Ingress)

❷ 09:00 – 13:00

Istio: Control and Observability for Microservices

Belinda Vennam and Ram Vennam (IBM)

Register

The Workaday World of Docker Captain

This workshop explains the concepts and best practices of containerization of the entire development flow of projects written in different programming languages. Spawn a complete development environment on-demand, running entirely in Docker - a programming language itself, helper tools like debuggers and static analyzers, but also a complete desktop editor running in a web browser, anywhere. See how to efficiently utilize Docker to work on your project and how to prepare it for the orchestration, get the maximum out of possibilities that Dockerfile and docker-compose.yml files give. Learn how to monitor and (remotely) debug your containers, diagnose individual build steps and misbehaving entrypoint, dump the network traffic or even bring up an entire Kali Linux Desktop in your browser and use its tools for analysis. Ease your everyday work - analyze, test, build, monitor, debug your Docker project and prepare it for unexpected - all presented to you by Docker Captain.

❸ 09:00 – 13:00

The Workaday World of Docker Captain

Lukasz Lach (GOG.com)

Register

Deploying to production - a CI guide

Everyone is doing continuous integration today. In this workshop we will explore ways how to deploy applications to production kubernetes clusters using build runners on kubernetes and kaniko as well as practices to implement deployments into your pipelines.

❹ 09:00 – 13:00

Deploying to production - a CI guide

Christian Jantz (Fast Lane)

Register

Securing container delivery with open source tools

Current security solutions that worked in the VM age aren't adequate anymore to securing our workloads in containers, or their delivery to our environments. How do you deal with patch management, virus scans, vulnerability management, secure application delivery in a containerized world. More and more companies are required to secure their data due to regulations, while more and more companies are being compromised too. This lab will walk through how to secure the delivery pipeline system, and how to secure your containers during runtime. We'll start by focusing on the container build process and how to simplify patch management for containers; also, container security scanning and how to know if your container is void of malicious code and vulnerabilities. We'll then move on to registries, how to create an environment that developers can use in their workflow and how to secure that for production ready containers. Finally we'll focus on runtime, how to make sure our containers are doing what they're supposed to do, and not what they shouldn't be doing. There isn't any reason to be afraid of adapting a containerized solution because of security. You can be secure and use a containerized workflow too. This will be using all open source solutions, you'll be able to see how the world of security continues to improve with open source.

❶ 14:00 – 18:00

Securing container delivery with open source tools

Travis Jeppson (Nav Technolgies)

Register

Deploying your first Micro-Service application to Kubernetes

Kubernetes is a very powerful container orchestration platform that is quickly gaining traction and gives you lots of benefits in deploying, running and scaling your microservice web application. But it has also a steep learning curve. In this workshop you will deploy your first application which consists of multiple Micro-Services to Kubernetes and learn how you can use Persistant Storage and set upsensible Monitoring and Logging tooling.

❷ 14:00 – 18:00

Deploying your first Micro-Service application to Kubernetes

Bastian Hofmann (SysEleven)

Register

Kubevirt 101 - learn the new way to operate VMs

This talk provides an overview on usage of the Open Service Broker API in practice. We show the fundamental concepts how to develop, publish and consume services using a service broker. We report from our experience and present lessons learned based on a real-world project.

❸ 14:00 – 18:00

Kubevirt 101 - learn the new way to operate VMs

Sebastian Scheele (Loodse) and Fabian Deutsch (RedHat)

Register

Securing Cloud Native Apps on Managed Kubernetes: Deep Dive

Brand new for 2019, this is the workshop to attend if you want to harden your Kubernetes clusters, configure a service mesh, securely deploy internal and external workloads and implement security metrics and observability to catch malicious behaviour in the act. Each attendee will have a GKE cluster and a microservices-based web app deployed into it. Attackers have compromised your app and are mining cryptocurrency on your public cloud bill. Your job is to identify how they got in, get them out and keep them out. You will install and configure a range of native Kubernetes security features and cloud native tools including Istio, OpenTracing, Elasticsearch, Prometheus, Weave Flux and more as we power through this intensive, hands-on workshop. Delegates will need: * Understanding of Kubernetes basics such as connecting to a cluster and deploying workloads * Understanding of networking, PKI and HTTP * Laptop with kubectl, git and a code editor installed * WiFi Internet access to connect to their training clusters on Google Cloud

❹ 14:00 – 18:00

Securing Cloud Native Apps on Managed Kubernetes: Deep Dive

Marc Wickenden (4Armed)

Register
18:30 Meetup at PlusServer
08:00 – 09:00 REGISTRATION

Stage 1
HAFENMUSEUM
Welcome & Keynote

❶ 09:00 - 09:15

WELCOME
Welcome and Opening Remarks

Sebastian Scheele & Julian Hansert (Loodse)

5 years of Kubernetes

Kubernetes celebrates 5 years since the commit #1. Ihor Dvoretskyi, Developer Advocate at the Cloud Native Computing Foundation will highlight the most notable achievements of the Kubernetes community, together with the wide Cloud Native ecosystem

❷ 09:20 - 09:35

KEYNOTE
5 years of Kubernetes

Ihor Dvoretskyi (CNCF)

Kubernetes patterns beyond Kubernetes

Kubernetes celebrates 5 years since the commit #1. Ihor Dvoretskyi, Developer Advocate at the Cloud Native Computing Foundation will highlight the most notable achievements of the Kubernetes community, together with the wide Cloud Native ecosystem

❸ 09:40 - 09:55

KEYNOTE
Kubernetes patterns beyond Kubernetes

Craig McLuckie (VMware)

Virtual Twins - When Visualization Technology meets Mashine Learning

❸ 10:00 - 10:15

KEYNOTE
Virtual Twins - When Visualization Technology meets Mashine Learning

Oliver Rößling (Absolute Software)

Stage 1
HAFENMUSEUM

Stage 2
BIG TENT

Stage 3
MS BLEICHEN

Stage 4
SMALL TENT

Good Enough for the Finance Industry: Achieving High Security with Containers and Microservices

Security is a challenge for most companies. Especially those in periods of rapid growth. It is often taken for granted as we trust the frameworks we use to implement the necessary security protocols for us. However, one only needs to pick up the paper to find out that this simply isn't true. Information security is now a chief concern of many small and mid-size companies as well. We'll show you how we use AWS, Calico, OWASP Dependency Checker, CoreOS’s Clair, and Notary to achieve reliable observable security at the code level, container level, cluster level, and even the AWS account level to maintain the Gold Standard of security (authentication, authorization, and auditing.) We will focus on the security mindset and the specific implementation we have at Ygrene to keep data secure.

❶ 10:25 – 11:00

Good Enough for the Finance Industry: Achieving High Security with Containers and Microservices

Austin Adams (HerdX) and Zach Arnold (Ygrene Energy Fund)

#Beginner

How AI and Big Data Platform as a Service work together - a showcase

he current industrial environments are mainly not dealing with the potentials AI can bring to those industries. The session will deal with practice examples of the potential usage of AI based technology in the industrial environments. At the beginning we will show how we started in this area and what our main learnings in the beginning were about. We will face issues in the engineering and construction area and go deeper to the methods of how AI can be used to prevent claims and changes and moreover how AI can be used to automate partial engineering tasks along the customer requirements. We will show how our AI technology is able to learn about the historical engineering processes and products and how we integrated those knowledge in the future process and especially the client infrastructure environment.

❷ 10:25 – 11:00

How AI and Big Data Platform as a Service work together - a showcase

Dennis Haßlöcher and Christopher Blaschke (DATIS IT-Services GmbH)

#Intermediate

Kubernetes Day 3: The State of Kubernetes Development Tooling

With Kubernetes emerging as the de facto standard for service orchestration, discussion is shifting from 'How does Kubernetes work?' to more specific concerns such as 'How do I achieve an optimal development workflow?' The answer lies in finding combinations of tools that work together in synergy. They should produce end to end workflows that perform effectively in the real world, while also covering a wide range of development stages—building, deploying, debugging, and so on. Goal in mind, let's dive into the tooling available in the current landscape—tools such as Helm, Draft, Skaffold, Forge, Telepresence, Garden, and Tilt. We'll map their capabilities to developer needs, then outline workflows developers can use in practice right away.

❸ 10:25 – 11:00

Kubernetes Day 3: The State of Kubernetes Development Tooling

Ellen Körbes (Garden)

#Intermediate

Explore Kubernetes Network Plugins Using a Desk-based Bare metal Cluster

Kubernetes is a highly extensible framework, where each of the cluster services can be customized depending on the use case. The extensibility also comes from the standardization of interfaces for various infrastructure components like compute/runtime, network or storage using the CRI, CNI, CSI etc., To get a clear understanding or to make a comparative study of various available options is only possible by trying each. To try these options, we require a multi-node cluster or more than one cluster. The platforms such as Raspberry-Pi, LePotato presents itself a viable option to build such multi-node home grown clusters as Kubernetes can be easily compiled and deployed on ARM architectures. In this talk, Harshvardhan Karn and Sumit Lalwani will present the usage of Raspberry-Pi, LePotato to evaluate the different CNI options like calico, flannel, cilium.

❹ 10:25 – 11:00

Explore Kubernetes Network Plugins Using a Desk-based Bare metal Cluster

Harshvardhan Karn and Sumit Lalwani (MayaData Inc)

#Intermediate

11:00 – 11:30 Coffee Break

A journey to Kubernetes

The HanseMerkur have been running Kubernetes over a year in production. In this talk, I would like to give you an insight into our tour to an on premises Kubernetes infrastructure. What does our way looks like and which experiences did we made.

❶ 11:30 – 12:05

A journey to Kubernetes

Tobias Schöne (HanseMerkur)

#Beginner

Best Practices for the successful usage of the Container Technology

IT priorities are shifting. In the past, consolidation and cost reduction were priorities. Nowadays agility and speed are getting more and more important. To give you one example. In the past you have been developing solutions for a single system. Today it is essential that applications are able to be deployed on multiple platforms. This is one example of why the spread of container technology continues to grow rapidly. Both developers and IT operations departments use containers for different reasons. In this presentation you will learn best practice approaches on how container technology can be used purposefully and profitably in your company.

❷ 11:30 – 12:05

Best Practices for the successful usage of the Container Technology

Stefan Scherer (Docker)

#Intermediate

Organizing the YAML mess with Kustomize

Writing and maintaining Kubernetes deployment YAMLs can become quite messy with a growing number of services and environments. This talk will introduce you to Kustomize which is the Kubernetes SIG CLI answer and follows a purely declarative and template-free approach. It works without any in-cluster components and encourages a fork / modify / rebase workflow. With its overlay concept, redundancies between similar service and environment deployments can be drastically reduced.

❸ 11:30 – 12:05

Organizing the YAML mess with Kustomize

Florian Assmus (Prodyna)

#Intermediate

Fasten your Seatbelts ! Deployment Automation using Docker and Ansible

In this session, we’ll discuss how we combine Docker , Ansible and Jfrog Artifactory to achieve more streamlined continuous integration . We’ll cover: * A quick history of our deployment challenges and what led us to Docker. * The benefits of our new deployment approach — easy to Setup and minimal investment * Our Experience in running Integration tests on docker containers * How we combine Docker and the Jfrog products like Artifactory for more streamlined continuous integration and deployment

❹ 11:30 – 12:05

Fasten your Seatbelts ! Deployment Automation using Docker and Ansible

Ram Mohan Rao Chukka (Appfire)

#Advanced

Talk

❶ 12:15 – 12:50

Talk

Nikhita Raghunat (Loodse)

TBD

Knative

This talk gives an overview of Knative and its subcomponents: 'Knative build' brings the build aspect to Kubernetes. It adds an abstraction for building OCI images directly from within a Kubernetes cluster. We will also talk about the follow-up project 'Tekton pipelines'. 'Knative serving' provides primitives for serverless frameworks. It especially knows how to scale-to-zero and is already used in several FaaS frameworks. 'Knative eventing' is an eventing specification for sending CloudEvents, an emerging CNCF standard, from sources to sinks.

❷ 12:15 – 12:50

Knative

Roland Huß and Matthias Wessendorf (Red Hat)

#Intermediate

Managing large scale networks using Salt and Docker

❸ 12:15 – 12:50

Managing large scale networks using Salt and Docker

Micrea Ulinic (Cloudflare)

#Intermediate

Switching the Engine (DNS) in Kubernetes: Benchmarks and Possibilities

DNS is one of the core components making Kubernetes run. It’s essential for most services and service discovery. It’s critical, underappreciated and overlooked at the same time. With the recent switch from Kube-DNS to CoreDNS as the main engine for DNS we wanted to take a retrospective look at the improvements and a future look at new possibilities. In this talk I’ll discuss common DNS issues such as UDP packet loss and resulting tail latency issues, compare the performance and reliability of Kube-DNS and CoreDNS, plus spec out and test possible iterative setups with advanced CoreDNS features such as local Daemonset caching, TCP support, prefetching, DNS over GRPC and GRPC based watches.

❹ 12:15 – 12:50

Switching the Engine (DNS) in Kubernetes: Benchmarks and Possibilities

Michael Grosser (Rekkur Solutions)

#Advanced

12:50 – 14:00 Lunch break

Should I build it or buy it?

This lab will walk through how to secure the delivery pipeline system, and how to secure your containers during runtime. We'll start by focusing on the container build process and how to simplify patch management for containers; also, container security scanning and how to know if your container is void of malicious code and vulnerabilities. We'll then move on to registries, how to create an environment that developers can use in their workflow and how to secure that for production ready containers. Finally we'll focus on runtime, how to make sure our containers are doing what they're supposed to do, and not what they shouldn't be doing. his will be using all open source solutions, you'll be able to see how the world of security continues to improve with open source.

❶ 14:00 – 14:35

Should I build it or buy it?

Travis Jeppson (Nav Technologies)

#Beginner

Continuous deployment to Kubernetes with the Google Container Tools

Kubernetes has become the orchestrator of choice to deploy applications. But what about developer's day to day job of developing those applications? Developing with containers is not always easy nor enjoyable. Google has launched a set of Open-Source projects that focus on Developer Experience in a world of containers. Whether you'd like to continuously deploy to Kubernetes with Skaffold, safely build images on a cluster with Kaniko or build images much faster with Jib and Bazel, come learn how to setup a great CI/CD.

❷ 14:00 – 14:35

Continuous deployment to Kubernetes with the Google Container Tools

David Gageot (Google)

#Intermediate

Caught in the Hype Cycle? - How to make cloud native transformation a success

Platforms such as Kubernetes offer huge benefits in terms of reducing operations efforts and encapsulating complexity. Due to this attractiveness, we built up a large-scale Kubernetes cluster to be used for our public and internal services. However with every new cloud native service deployed we found a new obstacle preventing it from going live. So we had to solve a number of unexpected challenges. In particular coupling cloud native services to the large existing application landscape turned out to be difficult. Also moving artifacts into the container platform comes with challenges. Consequently in the first 12 months we only moved very few services as many users were disillusioned. We iteratively identified the obstacles - technical and cultural - and developed strategies to resolve them. This presentation will discuss them and help you guide your project to success.

❸ 14:00 – 14:35

Caught in the Hype Cycle? - How to make cloud native transformation a success

Sascha Mühlbach and David Meder-Marouelli (1&1)

#Intermediate

What does the kubelet say?

Etcd goes 'store', kube-proxy goes 'route', API server goes '418', what does the kubelet say? Kubelet is one of the central components in the kubernetes cluster. Most of us are taking it for granted that is would just work and start our containers. CNI handles the networking part, kube-proxy the service part, but kubelet does more than just starting containers. In this talk, I cover kubelet on a high level before deep diving in the belly of the beast and its interfacing with CNI, container runtime and ultimately Linux kernel.

❹ 14:00 – 14:35

What does the kubelet say?

Neven Miculinić (Loodse)

#Advanced

# How To Manage Kubernetes Clusters using Cluster-API

For a long time we've managed our infrastructure and Kubernetes clusters using various imperative scripts and tools. The question that often arises is can we manage our clusters the same way we manage our workload? Cluster-API is a Kubernetes SIG-Cluster-Lifecycle project focused on bringing declarative, Kubernetes-style APIs for the most common cluster lifecycle operations—create, destroy, update and repair. In this talk you'll learn what is Cluster-API and how it works. You'll see how you can integrate it in your workflow and build tooling around it, regardless of are you running on one of the most popular cloud providers, or on on-premise or bare-metal.

❶ 14:45 – 15:20

# How To Manage Kubernetes Clusters using Cluster-API

Marko Mudrinić (Loodse)

#Intermediate

Service Mesh Magic for Managed Kubernetes

A service mesh adds new qualities to your container orchestration: It connects, secures, observes and controls service invocations in a language agnostic way that doesn't require any code changes. This presentation starts with a gentle intro to service meshes. Starting with the shortcomings of Docker and Kubernetes. I will show in a live demo how a service mesh implements cross cutting concerns like traffic shifting, blue/green deployments, and observability. We then have a look at how a service mesh bridges to the world of chaos engineering by giving us the possibility to inject errors at a certain rate. As a practical example I will use Envoy with Istio and AWS App Mesh. To conclude I will critically analyze if and how a service mesh should evolve into becoming a standard component of a managed container service.

❷ 14:45 – 15:20

Service Mesh Magic for Managed Kubernetes

Franz Munz (AWS)

#Intermediate

Large scale kubernetes on the road

At car2go we are running 50 k8s clusters in different regions using multiple cloud providers. This talk is about the ups and downs, the pains, and gains when providing a seamless kubernetes experience to our developers.

❸ 14:45 – 15:20

Large scale kubernetes on the road

Georg Rabenstein and Marius Svechla (SHARENOW)

#Intermediate

Kubernetes and AWS Lambda can play nicely together

Vendor lock-in is a major worry for many engineers . A new innovative approach, will for the first time, allow open-source serverless to run on AWS Lambda or Kubernetes using the same deployment artifact, packaged using the tools we love: containers. Worried about vendor lock-in with serverless computing, but enjoy the scale, price and simplicity of AWS Lambda? OpenFaaS is an open-source function as a service (FaaS) platform on the CNCF serverless landscape. With OpenFaaS you can package anything as a serverless function and deploy to Kubernetes using containers. Due to UNIX-like primitives in the core architecture, it was possible to extend the system to run functions on both Kubernetes and AWS Lambda depending on user preference. The core components of OpenFaaS still run on Kubernetes but the functions are deployed and invoked on AWS Lambda In this talk we explain how the provider model in OpenFaaS separates the control plane from the function execution plane. The live demonstration deploys a function to Kubernetes using kubectl, then invokes the deployed function via Kubernetes on AWS Lambda

❹ 14:45 – 15:20

Kubernetes and AWS Lambda can play nicely together

Edward Wilde (OpenFaaS)

#Intermediate

15:20 – 15:50 Coffee Break

Public Clouds vs on-premise: is data sovereignty really security?

❶ 15:50 – 16:25

PANEL DISCUSSION
Public Clouds vs on-premise: is data sovereignty really security?

Creating a fast Kubernetes Development Workflow

Kubernetes is very powerful in orchestrating where your services are running, but building docker images, writing and updating all the necessary YAML files and applying them to your cluster can still become an annoying maintenance overhead. In this talk you will learn how to create a fast, low friction development workflow with Kubernetes and tools like Telepresence and Forge which enables you to quickly and safely build, test and deploy your services.

❷ 15:50 – 16:25

Creating a fast Kubernetes Development Workflow

Bastian Hofmann (SysEleven)

#Intermediate

Automatically TUF about Container Image Security in Kubernetes

The Update Framework (and its sister project from the CNCF, Notary) are a little known gems in the cloud native community. These projects are however extremely vital for making rigorous guarantees about the contents of your software package (read container image) when it is deployed into an environment like Kubernetes. We'll demystify TUF/Notary at the beginning of this talk, and then do a demonstration for setting up image signing through your build pipeline finally ending in Kubernetes where we will restrict the container images that can be deployed to just ones signed by us (using Validating/Mutating Admission Webhook Controllers.) Our goal is to empower you to take the skills you learn from the talk and implement a similar process in your own CI/CD pipeline.

❸ 15:50 – 16:25

Automatically TUF about Container Image Security in Kubernetes

Zach Arnold (Ygrenne Energy Fund)

#Intermediate

Spark performance tuning for Kubernetes/Serverless workloads

Cloud platforms provide flexibility of creating Spark clusters for short duration either as Function as a server or on Kubernetes. But, it is important to ensure that the spark jobs are written and executed in a way as to get the best mileage from these clusters. Given that the Clusters are billed on the duration of time used, performance of jobs becomes critical not only to improve efficiency but to reduce the Total Cost. This talk covers practical tips and hints on how to tune Spark jobs on popular Resource Managers like Yarn,Kubernetes for best performance. This talk will also address some of the FAQs by users and customers on Spark Clusters on popular Cloud platforms.

❹ 15:50 – 16:25

Spark performance tuning for Kubernetes/Serverless workloads

Rachit Arora and Vaibhav Kulkarni (IBM)

#Advanced

How to build a time machine?* *And not get sucked into a blackhole.

We all use Git to explore move back and forth in our code history: a deployment goes wrong? just rollback to an earlier commit. In this talk, I am going to show you how to do the same thing with your Kubernetes cluster by applying coding practices to your infrastructure: using git, unit tests, code reviews and pull requests for Kubernetes and your infrastructure.

❶ 16:35 – 17:10

How to build a time machine?* *And not get sucked into a blackhole.

Khash Sajadi (Cloud 66)

#Beginner

Automated Container Security for DevSecOps

Security is often overlooked when organizations move quickly to the cloud. So how do you maintain the speed and flexibility of application delivery and build security into your CI/CD pipeline and operations? Hybrid cloud teams focused on DevOps need to embrace security that integrates into their pipeline and runtime environments making it easier to improve both your security and development speed.

❷ 16:35 – 17:10

Automated Container Security for DevSecOps

Markus Schoenberger and Hannes Steiner (Trend Micro)

#Beginner

DITTO - Hybrid IAM for microservices architecture

How is your organization protecting users and data in a microservice setting? For authorization, the microservices community has typically adopted the API Gateway pattern. In contrast, a fully distributed approach has been recently growing through Open Policy Agent (OPA) which places access control rules storage and enforcement in front of each individual service. In this talk, we want to introduce Ditto, an open source IAM system developed at real.digital, that sits in between API Gateways and OPA. We will showcase Ditto's attributes and how it has been designed to shine in a microservice architecture. Finally, we will show how you can integrate it into your services with examples of integrations with Kubernetes and Istio.

❸ 16:35 – 17:10

DITTO - Hybrid IAM for microservices architecture

João Oliveira (real.digital) and Joschka Tillmanns (Mooncamp)

#Intermediate

Distributed Load Testing using Containers

In DellEMC Enterprise Servers Validation Organization, we perform Load testing using different workloads (Web, FTP, Database, Mail, etc.) on Servers to identify the performance of the servers under heavy load. Knowing how DellEMC Enterprise Servers perform under heavy load (% CPU, % Memory, % Network, % Disk) is extremely valuable and critical. This is achieved with the help of a Load Testing Tools. Load testing tools available in market comes with its own challenges like Cost, Learning Curve and Workloads Support. Here in this talk we are going to demonstrate how we have built JAAS (JMeter As A Service) using Containers and opensource tools and how this solution playing a crucial role in Delivering Servers Validation efforts.

❹ 16:35 – 17:10

Distributed Load Testing using Containers

Vishnu Murty (DellEMC)

#Intermediate

Atomic Host - Working with a git like operating system

Atomic Host is an immutable operating system for hosting containers​​​. It's based upon rpm-ostree which is a hybrid packet manager for managing bootable, immutable, versioned filesystem trees from upstream RPM content. This talk gives you a first introduction about what Atomic Host exactly is, how you can use it and most importantly what the common use cases are. After you're familiar with the key concepts, we'll build our very own custom OSTree within a quick demo session and learn, how we can integrate it into an Atomic Host based distribution.​​ To finish this talk, I'll give some insights about the limitations and best practices of Atomic Host and rpm-ostree.

❶ 17:20 – 17:55

Atomic Host - Working with a git like operating system

Marcel Lambacher (Zühlke Engineering)

#Beginner

Diversity, actually

What if we decided to solve, once and for all, the problem of underrepresentation of women, gender minorities, people of color, or any other group the same way we handle our problems in production, by identifying the problems and then fixing them?

❷ 17:20 – 17:55

Diversity, actually

Ronna Steinberg (Women Who Go Berlin)

#Beginner

The Silence of the Lambs: Promoting and Inspecting Source Code and Binaries in Continuous Delivery

This session discusses concepts and integrates latest DevOps enabler tools to inspect source code and its packaged binaries as part of a holistic Continuous Delivery pipelines. The comprehensive, interactive live demo is derived from couple of real-world success stories. Often real-world success stories, interactive, practical demos, and integrations of state-of-the-art tools are missing to underpin Continuous Delivery concepts. Also reality-checks are often missing since presentations usually promote textbook approaches. This session fills the gap. After setting the stage with some few slides, this session delivers lot of tips and tricks while going through a holistic live demo to bring a new change from a Git push to the Cloud.

❸ 17:20 – 17:55

The Silence of the Lambs: Promoting and Inspecting Source Code and Binaries in Continuous Delivery

Michael Hüttermann (huettermann.net)

#Intermediate

GitOps by courtesy of Jenkins-X

The talk will introduce Jenkins-X basics from an operations point of view. Then it will cover the GitOps methodology and how it is realized by JX. Besides, it will show what other benefits JX brings to a development team by simplifying the setup of new, or importing existing microservice applications to k8s.

❹ 17:20 – 17:55

GitOps by courtesy of Jenkins-X

Gerd Aschemann (Freelancer)

#Advanced

18:00 Afterparty
08:00 – 09:00 REGISTRATION

Stage 1
HAFENMUSEUM

Stage 2
BIG TENT

Stage 3
MS BLEICHEN

Stage 4
SMALL TENT

Why Kubernetes as a container orchestrator is a right choice for running spark clusters on cloud?

The intent of this talk is to share the experience of building such a service and deploying it on a Kubernetes cluster. In this talk we will discuss all the requirements which an enterprise grade Hadoop/Spark cluster running on containers bring in for a container orchestrator. This talk will cover in details how Kubernetes orchestrator can be used to meet all our needs of resource management, scheduling, networking and network isolation, volume management etc.

❶ 09:00 – 09:15

LIGHTNING TALK
Why Kubernetes as a container orchestrator is a right choice for running spark clusters on cloud?

Rachit Arora (IBM)

#Intermediate

Let's try Fedora Silverblue — an immutable desktop OS!

Developing everything in containers? Then you might be ready for Fedora Silverblue — an immutable desktop OS built for container workflows! Silverblue is built on top of rpm-ostree providing atomic upgrades, easy rollbacks, and even installing individual packages when necessary. Come for a quick overview covering the basics of rpm-ostree, Flatpak (containerized graphical application), and the overall experience of using a container-oriented desktop.

❷ 09:00 – 09:15

LIGHTNING TALK
Let's try Fedora Silverblue — an immutable desktop OS!

Adam Šamalik (Red Hat)

#Beginner

Container Isolation Approaches for Multi-Tenant Container Workloads and Serverless Computing

Container virtualization has become the tool of choice for running isolated applications in cloud environments. Linux-Containers virtualize at the operating system level, with multiple containers running atop the operating system kernel directly. Therefore, threats to one container are potentially threats to many others. Especially for PaaS and Serverless providers, the secure execution of untrusted workloads on their platform in order to mitigate software vulnerabilities from spreading has high priority. Containers face a variety of different threats, vulnerabilities and historical weaknesses that need to be considered and defended against. In this talk we will look at different approaches for securing container workloads. gVisor, Kata Containers, Nabla Containers and Firecracker are presented and compared with each other.

❸ 09:00 – 09:15

LIGHTNING TALK
Container Isolation Approaches for Multi-Tenant Container Workloads and Serverless Computing

Christian Bargmann (Hamburg University of Applied Sciences)

#Beginner

What is the Business Case of DevOps?

Everyone wants to do DevOps. But only few understand what DevOps is and what it does with your company. When you want to introduce DevOps in a company you need to convince decision makers that it is worth to invest money / time / resources into the DevOps transformation. They will ask you about the business case and the return on investment of DevOps. In this talk I will show you how to convince the decision maker about the business case and the return on investment of DevOps, so that you get the money / time and resources for your DevOps transformation.

❹ 09:00 – 09:15

LIGHTNING TALK
What is the Business Case of DevOps?

Romano Roth (Zühlke Engineering)

#Beginner

Cloud Native: the Business Side

For developers, the benefits of a cloud native approach are quickly clear. However, these advantages are not as readily apparent to people who don’t code - yet those same people usually hold decision making and budgetary power. This talk seeks to explain the what, why, and business benefits of being cloud native without diving into code. Audience members will learn how to explain cloud native technologies to non-coders and give the business case for a cloud native approach at the organizational level.

❶ 09:20 – 09:35

LIGHTNING TALK
Cloud Native: the Business Side

Bill Mulligan (Loodse)

#Beginner

Importance of IPv6 in a cloudy World

Some words on why IPv6 is important in a cloud-native world, why you should look into and implement it now.

❷ 09:20 – 09:35

LIGHTNING TALK
Importance of IPv6 in a cloudy World

Alexander Trost (Cloudibility)

#Beginner

Enterprise Cloud native is The New Normal

The world of IT and technology is moving faster than ever before. Cloud native technology and application architecture have been influencing and disrupting the software engineering discipline for the past years and there is no end in sight. But according to Gardner we are currently entering the trough of disillusionment. So does this mean we followed the wrong path and that we should turn back? Hell no!!! Despite of all disbelievers and trolls: cloud native is neither a failure nor a hype anymore! It will become mainstream. We already see widespread adoption at all our customers. Of course there still is a lot of room for improvement. No doubt about that. Technology, methodology, processes, operations, cloud native architecture and software development need to mature even further to become boring and ready for the enterprise. This is software industrialization in its purest form. And our skills and expertise are required to make this happen.

❸ 09:20 – 09:35

LIGHTNING TALK
Enterprise Cloud native is The New Normal

Mario-Leander Reimer (QAware)

#Beginner

Quirks of scaling up your Custom Controllers

Ashutosh will present the quirks of scaling up Custom Controllers - around implementing mutex, handling upgrades and best practices around versioning of the CRs. The talk is based on the experiences of running Custom Controllers in openebs project. CRs are crucial part of Kubernetes ecosystem enabling projects to put their own sauce within Kubernetes environment. Whenever it comes to access/modify a resource in the world of concurrent programming the very first thing that would come to our mind is mutexes to avoid undesired behaviours. This talk will walk through live examples of code and CR YAMLs.

❹ 09:20 – 09:35

LIGHTNING TALK
Quirks of scaling up your Custom Controllers

Ashutosh Kumar and Amit Das (MayaData)

#Beginner

How to run a JupyterHub on Kubernetes

One of the most popular tools among data scientists are Jupyter Notebooks. The open source web application provides an environment to document and execute code, inspect the results and visualize data without leaving the environment. We show, how Docker and kubernetes enable the deployment of a pre-configured data science environment, the so-called JupyterHub. The shared resources of the multi-user version of the notebooks can be managed efficiently by kubernetes. This makes it easy for business analysts and data scientist to access computational environments and resources in the cloud without having to worry about dependency management, installation and maintenance tasks. #kubernetes #jupyterhub #datascience

❶ 09:45 – 10:20

How to run a JupyterHub on Kubernetes

Maren Übelhör (Zoi TechCon)

#Intermediate

Two years in production with Kubernetes - an experience report

At Lunar Way we have been running Kubernetes in production for over two years. This presentation will be an experience report describing the ups and downs, but also focusing on where we are headed. We started running Kubernetes in March 2017 to support at that time, 7 microservices. Today we manage around 80 microservices in production. In this presentation, Kasper will also discuss other Cloud Native technologies such as Prometheus and fluent.

❷ 09:45 – 10:20

Two years in production with Kubernetes - an experience report

Kasper Nissen (Lunar Way)

#Beginner

Moving to Kubernetes: the Bad and the Ugly

Over those past two years we’ve deployed a new platform based on Kubernetes for developing, testing and deploying XING's applications. Today most of our workloads run on this platform but the road sometimes felt a bit bumpy. From misconfiguration, to software bugs in the Kubernetes ecosystem or even Kernel race conditions, we encountered a variety of problems. In this talk we will discuss some of those issues and how we fixed, mitigated or worked around them.

❸ 09:45 – 10:20

Moving to Kubernetes: the Bad and the Ugly

Maxime Lagresle (XING)

#Intermediate

Stay sane while managing multiple clusters: Kops Dos and Don’ts

Kubernetes has become the de-facto standard to run you containerized applications in the cloud: over the past years, we have seen a very steep adoption curve and many interesting projects around it. This workshop aims to give an introduction to Kubernetes. We will start by understanding Kubernetes' basics concepts and principles and step by step move to more advanced topics. By the end of this workshop, you will have a grasp on how Kubernetes works under the hood and what you can achieve with it. Also, you will be able to deploy a simple application to Kubernetes and scale it.

❹ 09:45 – 10:20

Stay sane while managing multiple clusters: Kops Dos and Don’ts

Andrea Giardini (Camunda Services GmbH)

#Intermediate

10:20 – 10:50 Coffee Break

Using ServiceMesh technology in Kubernetes and the integration with legacy services

When deciding for Kubernetes as a general purpose platform and a general architectural shift to microservices, service meshes provide important functionality for managing and securing the communication (between services). We'll show general properties of service meshes and specifically how Istio implements them. A core feature we are interested in is the integration of legacy services by using mesh expansion. We'll share our learnings about the restrictions and caveats we found during this evaluation and the general findings about using Istio in a multi-tenancy environment.

❶ 10:50 – 11:25

Using ServiceMesh technology in Kubernetes and the integration with legacy services

Stephan Fudeus (1&1 IONOS)

#Intermediate

A Hitchhiker's Guide to Cloud Native API Gateways

Good APIs are the center piece of any successful digital product and cloud native application architecture. But for complex systems with many API consumers the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle and enforce concerns like routing, versioning, rate limiting, access control, diagnosability or service catalogs in a microservice architecture. So this session will have a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Kong, Tyc, KrakenD, et.al. But which one of these is the right one to use in your next project? Let's find out. Leander will start off by briefly explaining the API gateway pattern and derive a simple criteria catalog. He will then continue by comparing and showcasing the most promising ones.

❷ 10:50 - 11:25

A Hitchhiker's Guide to Cloud Native API Gateways

Mario-Leander Reimer (QAware)

#Intermediate

A DevOps State of Mind: Continuous Security with Kubernetes

When it comes to adopting containers in the enterprise, Security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In this presentation, you'll learn about best practices for: - Addressing the top container security risks in a container environment including images, builds, registry, deployment, hosts, network, storage, APIs, monitoring & logging, and federation. - Integrating continuous security for containers in the CI/CD pipeline - Deployment strategies for deploying container security updates including recreate, rolling, blue/green, canary and a/b testing.

❸ 10:50 – 11:25

A DevOps State of Mind: Continuous Security with Kubernetes

Chris van Tuin (Red Hat)

#Intermediate

Secure Software on Azure Kubernetes Services

By applying some essential security measures, you can make your Azure Kubernetes Service solution a much harder target for hackers. But how do you do that, while still deploying to production multiple times a day? You can do this by embedding application security into your development process. For example, you model threats your application may face and add countermeasures up front. And inside the delivery pipeline, you monitor your repository for vulnerabilities. But there's more! In this talk I'll show you what you need to know.

❹ 10:50 – 11:25

Secure Software on Azure Kubernetes Services

Loek Duys (Xpirit)

#Advanced

Battle of the Circuit Breakers: Hystrix vs. Istio

Kubernetes in general, and Istio in particular, have changed a lot the way we look at Ops-related constraints: monitoring, load-balancing, health checks, etc. Before those products became available, there were already available solutions to handle those constraints. Among them is Hystrix, a Java library provided by Netflix. In particular, Hystrix provides an implementation of the Circuit Breaker pattern, which prevents a network or service failure from cascading to other services. But now Istio also provides the same capability. In this talk, we will have a look at how Istio and Hystrix implement the Circuit Breaker pattern, and what pros/cons each of them has.

❶ 11:35 – 12:10

Battle of the Circuit Breakers: Hystrix vs. Istio

Nicolas Frankel (Exoscale)

#Intermediate

Write maintainable integration test with Docker

Integration tests are extremely valuable but very hard to maintain and to write. You need to provision and manage the lifecycle for the dependencies that your application uses such as caches and databases. Testcontainer is an open source community all focused on solving this kind of problems across many languages. Gianluca is the maintainer of the Golang implementation that uses the Docker API to expose a test-friendly library that you can use in your test cases. During this talk, he will show you how to use testcontainer to write unit tests in Go with very low overhead.

❷ 11:35 – 12:10

Write maintainable integration test with Docker

Gianluca Arbezzano (InfluxData)

#Beginner

Locking down Kubernetes on Azure

Getting Kubernetes up and running on Microsoft Azure can be as easy as a couple of clicks. Preparing the environment for handling highly sensitive workload requires a bit more work. Starting with a fully automated setup of all Azure and Kubernetes components down to restricting communication of system components and workload to the bare minimum. We will show you how to combine different Azure and Kubernetes security features to achieve a setup you can trust with your data.

❸ 11:35 – 12:10

Locking down Kubernetes on Azure

Oliver Lohmann (Microsoft) and Darko Krizic (Prodyna)

#Intermediate

Kubernetes at XING: what it takes to build a coherent development environment

My name is Egor Balyshev, and I am a proud member of the team who built the new platform for XING on top of Kubernetes. In this session I will walk you through the design of our internal PaaS, talk about problems we encountered and solutions we found, reflect on Kubernetes programming interface and provide real examples of making developers' lives easier with automation and closed feedback loops. Keywords: Kubernetes, PaaS, GitHub, Jenkins, Golang, Groovy, custom controllers, Prometheus, CLI, lessons learned.

❹ 11:35 – 12:10

Kubernetes at XING: what it takes to build a coherent development environment

Egor Balyshev (XING)

#Advanced

12:10 – 13:30 Lunch break

Trust is good, control is better - A (short) story about Network Policies

Probably everybody who uses Kubernetes in a productive environment with multiple users possibly has looked at policies. Often the operators of the cluster(s) just trust the policies but in some cases it might be useful to control if the policies actually have taken action and often there are just to many Policies in the cluster setup to manually test them all (and obviously you don’t want to do this). Testing the effectiveness of the Network Policies can be done in different approaches. In this talk we will show you the benefits and drawbacks of different approaches and what solution we finally chose. Also we will show you some other tools and how they complement our solution. As a takeaway you will get an overview of different testing strategies for policies, as well as understanding challenges in testing policies in general and the Kubernetes ecosystem.

❶ 13:30 – 14:05

Trust is good, control is better - A (short) story about Network Policies

Maximalian Bischoff and Johannes Scheuermann (inovex)

#Intermediate

Kubernetes on edge computing or embedded setups?

With Rancher labs release of k3s distribution, there is a new game changer for Edge Computing and Embedded Setups running kubernetes. Does k3s run on raspberry pi? Do you need a lot compute resources? Can it be used of IOT? Michael Vogeler will have a close look at k3s. He will show some insights regarding the management and use cases of k3s.

❷ 13:30 – 14:05

Kubernetes on edge computing or embedded setups?

Michael Vogeler (PlusServer)

#Intermediate

Using Helm to speed up your engineering and Shift Left

Helm provides excellent application portability and makes a whole new engineering workflow possible that eliminates bottlenecks, saves money, and is enabling teams to become high-velocity engineering machines. See how real companies are using Helm to build software faster with downloadable slides to help you make the business case back at HQ.

❸ 13:30 – 14:05

Using Helm to speed up your engineering and Shift Left

Guy Salton (Codefresh)

#Intermediate

TestContainers + JUnit5 = elegant end-to-end tests for microservices

This talk suggests to perform automatic testing of the release candidate against other real services started in Docker. TestContainers library facilitates simple start up of services and their dependencies, i.e. (No)SQL databases in containers. The lib has a list of valuable features which significantly simplify a developer’s life. In the demo part a simplified version of a SMS platform is emulated. Apart from Spring Cloud Eureka there are 3 more business services built on Spring Boot. One of them is Acceptor which accepts clients requests, consults Billing on a decision whether to proceed with a request or not. Eventually Sender does an actual submit of an SMS to a mobile operator. Later the operator pushes a delivery report to Sender’s endpoint which should be matched to the submitted message and forwarded to Acceptor and then to client.

❹ 13:30 – 14:05

TestContainers + JUnit5 = elegant end-to-end tests for microservices

Nikolay Kuznetsov (Infobip)

#Intermediate

DevOps stories on adopting the mindset

Finding your place and grasping the idea of DevOps is very much depending on the personal motivation and the environment you work. They do not teach you this in schools or trainings. In this talk, I am going to share my journey. You will see the representation of a story that adopts DevOps as a mindset rather than team structures or tools. The talk will be a story-line that is supported by real-world examples from the experiences of an engineer’s road-map to DevOps.

❶ 14:15 – 14:50

DevOps stories on adopting the mindset

Busra Koken (Trivago)

#Intermediate

Secure but flexible - Cloud Native Continuous Delivery in the Finance industry

The story of transitioning a large financial company to practice Continuous Delivery on top of Openshift using only open source solutions. Cloud Native is new and rapidly evolving, which makes enterprise clients anxious -- so they jump to large, monolithic vendor solutions in search of an automatic “right answer.” These solutions can be over complicated and rigid, ultimately stifling innovation. This financial institution needed a system flexible enough to support about fifty development teams independently deploying microservices while enforcing strict security and compliance requirements. Using open source tools we were able to give our client exactly the security and flexibility they needed, without locking them into a one size fits all solution. Our solution is built using the Gitops pattern, Jenkins, Docker and Openshift/Kubernetes - all open tools which can be used at any other company. I will explain the design decisions, the technical solution and the challenges of onboarding development teams to the new platform.

❷ 14:15 – 14:50

Secure but flexible - Cloud Native Continuous Delivery in the Finance industry

Ádám Sándor (Container Solutions)

#Intermediate

Kubernetes Failure Stories, or: How to Crash Your Cluster

Bootstrapping a Kubernetes cluster is easy, rolling it out to nearly 200 engineering teams and operating it at scale is a challenge. In this talk, we are presenting our approach to Kubernetes provisioning on AWS, operations and developer experience for our growing Zalando developer base. We will walk you through our horror stories of operating 100+ clusters and share the insights we gained from incidents, failures, user reports and general observations. Our failure stories will be sourced from recent and past incidents, so the talk will be up-to-date with our latest experiences.

❸ 14:15 – 14:50

Kubernetes Failure Stories, or: How to Crash Your Cluster

Henning Jacobs (Zalando)

#Intermediate

7 Deadly Sins of React

My talk is about some common anti-patterns seen with React. I teach React at an evening coding bootcamp and also work as Lead Front-End developer during my day job. Over the last 2 years, I have taught tens of people how to write applications in React and spotted some mistakes and anti-patterns people often make. These include unnecessary state and props fields, visibility props, non-generic “generic” components, controlled components used in a non-controlled manner, directory location disparity between related components and many others… This talk will summarise my experience and observations dealing and resolving such anti-patterns and what we can do to avoid them.

❹ 14:15 – 14:50

7 Deadly Sins of React

Ersel Aker (BrightHR)

#Expert

14:50 – 15:20 Coffee Break

The Open Service Broker API - Introduction and Lessons Learned

This talk provides an overview on usage of the Open Service Broker API in practice. We show the fundamental concepts how to develop, publish and consume services using a service broker. We report from our experience and present lessons learned based on a real-world project.

❶ 15:20 – 15:55

The Open Service Broker API - Introduction and Lessons Learned

Nico Schieder (Loodse) ,Tobias Placht (QAware) and Nicolai Rybnikar (DG-i)

#Beginner

Conflict of generations : Container and Microservices vs. 'Classic'

What to do in integrating classic, monolithic structures with the dynamic demands of a modern, container-based microservices platform? Just get on with it and 'turn a sports car into a steamroller'? Or is there a path to 'peaceful' coexistence? We offer an experience report.

❷ 15:20 – 15:55

Conflict of generations : Container and Microservices vs. 'Classic'

Jan Ole Kastens (Cassini Consulting)

#Intermediate

Kubernetes Pod: deep dive

The latest container orchestrators have finally driven us to think for abstraction without worrying about the underlying concrete implementation: until we're talking about containers we know the 'black magic' behind the hood (namespaces, cgroups, overlayfs). Even the container approach helped the world to leverage applications delivery it has become obsolete (sic) since the newest cloud-native architectures require complex patterns such as Ambassador, Configurator, Adapter and much more. People assume that a Pod is just a container, often: obviously this is not true... and by the way, who knows what is a Pod exactly, how is made of, and how Kubernetes orchestrates it? The goal of this talk is to provide a low-level description of what a Pod is and how Kubernetes help us to work with this kind of resource in order to approach container patterns, demonstrating with a live coding demo how to build a simple Pod in order to understand the Kubernetes internals that provides this computational resources abstractions.

❸ 15:20 – 15:55

Kubernetes Pod: deep dive

Dario Tranchitella (Namecheap)

#Intermediate

6 weeks to migrate!

Few months ago I met a team: 8 developers working on a B2C app of car renting. They were tired, so tired ... Their vagrant was slow, the server crashed two or three times a week without restarting and without any logs, a roll out to production took 2 days to be tested, by hand ... Together we decided to react, let's have the Roll's Royce of the development environnement! Thus I've dockerized the app, I've created a Kubernetes cluster, I've added Spinnaker to the loop and some other stuff. We had some up and down, some smile and tear, but we finally did it and we have no regret. That what's I want to tell you with all the thing we learned along the way.

❹ 15:20 – 15:55

6 weeks to migrate!

Aurore Malherbes (Padok)

#Intermediate

Akka and Kubernetes, the beginning of a beautiful relationship

One of the best features of Akka is Akka Cluster. Akka cluster allows for building distributed applications, where one application or service spans multiple nodes. From its initial release in 2013, Akka Cluster needed a node management system to manage the Akka nodes and to provide a resilient and elastic platform. With Kubernetes Akka finally has the node management system that is has been waiting for. Akka Cluster has been designed to gracefully handle nodes leaving and joining a running cluster while continuing to run. Kubernetes adds and removes nodes as needed to increase capacity or to recover from failures. In effect, there is a perfect symbiosis between Akka Cluster and Kubernetes. In this talk, we will look at and demonstrate how Akka Java Cluster and Kubernetes work together and how together they form a beautiful relationship.

❶ 16:05 – 16:40

Akka and Kubernetes, the beginning of a beautiful relationship

Hugh McKee (Lighbend)

#Intermediate

An introduction to Kubernetes

This talk will cover the most common primitives in Kubernetes from defining a Pod to networking. After the talk, you will know its objects well enough to deploy your application to a Kubernetes cluster with confidence. You will get a solid understanding of the mechanics and components and be equipped with a Kubernetes vocabulary.

❷ 16:05 – 16:40

An introduction to Kubernetes

Henrik Høegh (Praqma)

#Beginner

State of Containers in Big Data and Big Compute

This session will show what makes big data and big computing facilities different from traditional containerized environments and why that hinders container adoption. After highlighting the problems Christian will discuss how the lack of easy data and hardware access can be overcome and how the delicacies of kernel and user-land drivers are addressable using the OCI image specification and CI/CD showcasing tensorflow workloads.

❸ 16:05 – 16:40

State of Containers in Big Data and Big Compute

Christian Kniep (QNIB Solutions)

#Intermediate

TBD

TBD

❹ 16:05 – 16:40

TBD

TBD

#TBD

Download Program

LIKE, SHARE, STAY INFORMED