KubeCon Europe 2016

• Overview
• Microservices on Kubernetes
• Common problems at scale
• Finagle's operational model
• linkerd
• Demotime!
• Q&A

• Discuss why different user interfaces match different types of user or organisation
• Show how Deis v2 uses Kubernetes, building a familiar imperative interface on top of the Kubernetes API
• Explore the use of Puppet for managing Pods, Services and Replication Controllers in Kubernetes, and why a declarative language has its advantages over raw data
• Look around at other opportunities for alternative interfaces like OpenShift, Helm and Fabric8, and explore the topic of interoperability

• Introduction (1-2 mins)
• Cloud Native SDN (8-10 mins)
• Layer 3 tenancy model
• Network isolation and multi-tenancy
• Kubernetes 1.2 NetworkPolicy Objects
• Demonstration (12-15 mins)
• Multi-tenant Kubernetes
• Applying Network Policy 
• Service insertion

• Kubernetes current data volume capabilities:
• Volume
• PersistentVolume/PersistentVolumeClaim
• Volume drivers (e.g. EBS, NFS, Flocker etc)
• Status of running common database systems on Kubernetes - eg
• Elasticsearch
• PostgreSQL
• Redis
• MongoDB
• MySQL
• Summary of the workarounds and challenges
• In-flight and proposed developments with volumes - and also wider capabilities for hosting distributed databases (ie leader election, pod hostnames/identity - petset/nominal services)

• History of the OpenStack project
• The application developer top-down approach to infrastructure
• The infrastructure provider bottom-up approach to infrastructure
• The various ways of supporting containers and Kubernetes in OpenStack
• The results of the OpenStack/Kubernetes collaboration
• Why would you go through the hassle of OpenStack to do Kubernetes ?
• OpenStack as an integration engine for infrastructure technologies to come

• Overview of how the kubelet manages pods and interacts with container runtimes
• Detailed description of how rkt integrates with the kubelet
• Comparison of using different container runtimes with the kubelet
• Some of the challenges faced in adding support for a different container runtime to Kubernetes

• Introduction to volume plugins
• Parallelism with Docker Volume Plugins
• Quickly preparation of the environment
• Examples of code
• Lessons learned

• Organizational challenges for adoption of Kubernetes
• Refresh on Kubernetes cluster architecture
• configuration challenges
• infrastructure requirements
• Decisions to be made when deploying a production cluster
• monitoring
• networking
• storage
• logging
• Variety of existing community projects
• What we ended-up doing

• Open edX background & architecture
• Why we chose Kubernetes
• Scaling & resiliency with Kubernetes
• The challenge of deploying Open edX with Kubernetes
• Architecture of Open edX running on Kubernetes
• Lessons learned & conclusion

• Motivation for writing kploy and design decisions
• Life cycle management/the landscape
• Basic usage
• Advanced usage
• Future steps

The Fortune 500 has thousands of line-of-business applications that do not easily port to a cloud-native architecture. In order to deliver these next generation cloud native apps to market, developers typically need to coordination between various siloed groups. For example, one team may deliver Node.js as a front end while SQL Server/Oracle DBAs are needed for customer data and .NET/JEE developers are responsible for the back end. In this session, we solve this common problem by first using the Apprenda PaaS to cloud-enable the existing application components without re-architecting. Second, we will use continuous delivery tools (UrbanCode) to deploy front end Node.js components to Kubernetes (Google Container Engine) and traditional application EAR files and SQL Server components to Apprenda.

• How to use CI/CD to orchestrate hybrid app components on different platforms
• How to attach classical architectures and applications (JEE/Oracle/WebSphere etc) to cloud native components on Kubernetes (Google Container Engine)
• How to use CI/CD with platform integration to coordinate deployments across different, siloed, teams in an organization

• Single tenancy: how people use Kubernetes today, and why?
• Hyper - the virtualized container
• Hyperenetes, the multi-tenant Kubernetes
• CaaS without IaaS

• This talk is about how we set up our deployment pipeline to K8S with Circle CI, GCR, Heaven and Hubot. Be prepared to see mountains of bash, avalanches of YAML and a lot of plumbing. We have been running Kubernetes in production since September 2015, so all of the examples and code is production ready
• Introduction to ChatOps with examples- Introduction to our application architecture
• Description of the discrete parts of the deployment pipeline
• Explanation of how a deployment is triggered from Slack and how it ends up deployed in production.
• Details about the scripts that are used
• Different caveats like the lack of a Deployment and what tasks need manual intervention.
• LIVE DEMO

• Introduce myself
• Describe the Informatics Lab
• Describe the problem (how to create a fully interactive browser application to explore 4D weather data)
• Ingesting the data (supercomputer > binary files > pngs > videos > the browser)
• Long container jobs (web servers)
• Short container jobs (bin > png and png > video)
• Optimising scalable hardware by mixing job types
• Scaling Kubernetes based on message queues
• Managing application lifecycle with Kubernetes
• Persisting our data using Amazon Elastic Block Storage

• Different story formats of the NYT
• Problems with our older VM infrastructure
• Moving to containers, benefits for both the sysadmin and non-sysadmin team
• Our brief usage of Fleet for application init and problems there
• Adopting Kubernetes and the benefits 
• Network architecture of how we run apps in Kube, our Kube Router
• Demo of our custom dashboard for managing apps
• Our move towards Kube Dashboard

• Discuss Apcera's journey with first building its existing platform, starting
• in the pre-Docker landscape.
• Lessons learned in platform architecture as the system grew (monolith vs
• modular) and in improving it operationally.
• Migrating Apcera's container runtime to its own project
• Containerize everything, a container operating system
• System services for syslog, ntp, etc
• Operation access to the host without polluting it
• Extensible network and storage instrumentation through containerized
• managers
• Extensible notion of clustering. A host is a building block. It is boring and
• uninteresting. With many blocks, you can build something interesting.
• Kurma is intended to have no remote API. But it can be given a list of
• containers to run on boot, and it can entrust them with local API access.
• Those initial containers can overlay clustering semantics. They instrument
• authentication, authorization, and can define whether a container that comes
• in remotely should be allowed to run privileged or not.
• Bringing Kurma to Kubernetes
• Experiences with extending the kubelet to kurma.
• Ensuring compatibility/portability with a Docker de facto
• Deployment and instrumentation handling

• Background to virtual networking; we have an opportunity to avoid the pitfalls of building complex, hard-to-debug, overlay networks (such as those used by OpenStack). This is driven by the move to pure-IP connectivity and IP-per-container.
• Why enterprises need to think about scalability in networking and how we can achieve it: we have a proven, scalable approach to crib from, the Internet itself.
• Securing a modern microservices architecture. What do recent big headline security intrusions teach us, why microservices provide an opportunity to revolutionize our network security, where we are right now and where we’d like to get to. This section includes a demo.

• Introduction
• The state of the docs as I joined
• The redesign: An overview
• What the switch to GitHub Pages means
• [DEMO] Making an edit with GitHub Pages and staging on github.io
• Announcing: Bounties for solving our issues
• How we track and solve documentation issues

• Discuss how you can start leveraging namespaces, and why it is important to use them.
• Introduction to ephemeral namespaces. Build all your dependent services in a separate namespace, run through your tests and tear down everything whenever you are done. 
• Making every step (building docker images, provisioning kubernetes files, running rolling updates etc) within the CI/CD pipeline manageable with GoCD.
• Details about the complete isolation of all the components in each testing namespace, and having chance of running a bunch of different versions on a single kubernetes cluster. 
• Showing how everything is a part of Kubernetes component: even run your Nightwatch test scripts in a pod. 
• Demo of the whole process.

• What is load balancing: basic and advanced features
• The state of load balancing in Kubernetes now
• Features that are missing in the current options
• NGINX – an advanced Layer 4/Layer 7 load balancer, web server and cache
• Ingress Resource
• Integrating cleanly with Kubernetes and extending the features supported by Ingress
• Implementing an Ingress controller for NGINX
• Deploying NGINX to Kubernetes
• Load balancing demo using NGINX and NGINX Plus to expose services to the Internet

• I will start by presenting what is traffic control, and what is the status of implementations in different parts of the software stack: in Linux, systemd, kubernetes, CNI.
• Secondly, I'll explain what I would like to have in the context of testing and continuous integration
• Thirdly, I will run a demo of using traffic control on Kubernetes

• Introduction to OpenShift templates
• Discuss OpenShift template parameters
• Go through a few example templates/use cases
• Cover the current Kubernetes template proposal (https://github.com/kubernetes/kubernetes/pull/18215)
• Differences/changes from OpenShift
• Goals+use cases for the Kubernetes implementation
• Brief discussion of other templating technologies available
• Conclusion - templates are coming, they will make your life easier

• Significant developer time managing build process
• Bottleneck across 400+ development teams
• Lack of security compliance across the enterprise footprint
• Little to no standardization
• Significant resource consumption
• Build pipelines are pets requiring constant attention
• CAB approvals requiring weeks of effort to ensure stability
• Manual processes contributing to stability issues
• Development teams don't want to manage their own build process

• Standardized base images
• Allows for deltas for additional libraries
• Reduce time for testing with standard images being pretested
• CISO requirements baked into base images
• Pre-approved for deployment
• Every dev team gets their own build tools
• Prevents build process from bottlenecking other teams
• Abstract build servers away and turn them into cattle
• Build servers contain no long-term information
• Configured through repos
• Requires no direct dev interaction
• Build done automatically on git push or timed event
• Build pipeline deploys and kicks off QA/CISO/PERF tests automatically
• Provides feedback loops to necessary engineers
• Automated gates to approve/reject deployment
• Automated processes establish confidence for CAB approval
• Easy oversight to view process

• Problem space: why do we care about system security, and what are the risks of it being compromised
• Introduction to trusted computing: hardware requirements, OS support, what a TPM is, how attestation works
• Integration of trusted computing in Kubernetes: The code added to Kubernetes in order to support verification of nodes at cluster admission time
• Extending trust into containers: Discussion of how the container runtime can integrate with trusted computing

This talk is documents the UK Home Office's cloud-native journey, changing how we did devops forever!

At the UK Home Office, we run Kubernetes in production. This talk is about how we got there, where we came from, where we are right now and where do we want to go from here. We will also cover what things worked out and which things didn't.

From on-boarding projects into Kubernetes to continous delivery, this talk will give you a good understanding of what lies ahead if you decided to take the road to schedule containers in production.

• What is community
• What is a contribution, its more than just code
• Contributions and where they are coming from
• Interest growth and crossing the chasm
• Trajectory

• Quick intro to Container Scheduling at Google
• The problems that containers scheduling solves 
• Efficiency and QoS (includes demo)
• The end of the Cluster Node
• Scaling up and down automatically (includes demo)
• Resources and Dependencies (includes demo)
• Roll your own Scheduler (includes demo)

• deploy stateful microservices that have a network attached block device for storage
• move stateful containers around the cluster and have their storage volume follow
• perform automatic fail-over with a stateful service
• explore and configure the range of volume drivers available for Kubernetes

• I. How does storage work in Kubernetes
• II. What are the supported volume plugins
• III. How do I configure a volume plugin in my pod
• IV. How do I make my storage secure
• V. Q&A

• Introduction - An introduction to Jenca and Connor’s story in arriving at the current product offering and set of ideas, including kubernetes involvement.
• The Built Environment - A small history of the development of the AEC industries and their technological use and development. This history will describe the steps taken and the problems Jenca have uncovered. Problems include the amount and quality of existing building stock, and the number of buildings required to meet demand over the next century, and the lack of necessary knowledge and skill to engage with the new world.
• Microservices and web technologies - How the iterative, biomimetic steps that we see loosely in agile development and lean methodology help to evolve the best solution to these problems.
• Open sourcing and Kubernetes - The importance of Kubernetes in the role of delivering the Jenca solution and the vitality of open sourcing the product.
• Vision - Our long term vision, should the solution work as we hope.

• "monitoring" - ie timeseries metrics, considerations etc
• "visualisation" - interactive visualisation of the architecture of running systems
• "tracing" - distributed tracing, its importance, and how to etc.

• Introduction and Motivation
• Highlight what's currently next for the project
• Highlight the potential issues facing the project
• Call-to-Action
• What do you want to see from the project?
• as a developer
• as a operations engineer
• as a manager
• A brief look at current visualisation tools to highlight common patterns / ideas
• Call-to-Action

• Former Hosting platform on Heroku, why to leave?
• Key features of Heroku
• Is kubernetes able to provide a similar flexilbilty on a bare-metal infrastructure?
• Side by side comparison, pros & cons
• Migration steps from Heroku to Kubernetes
• Production feedbacks

• Intro to the Kubernetes API
• Deployment Standardization
• Hardware demos!
• Explore how we used the API
• Possibilities for other apps