“How Convenience Is Killing Open Standards” Bernd Erk · Full Talk - Monday & Tuesday (50 minutes)

All the technical freedom and diversity we enjoy in our industry is the result of internal, grass root evangelism. Over the last couple of decades, thought leaders have strongly opposed manufacturer-centric strategies and argued the case of Open Source and Open Standards. This ultimately led to the…


“Infrastructure as code in action ! - How we built a platform during a cloud migration” Thorsten Jakoby · Full Talk - Monday & Tuesday (50 minutes)

A large application landscape, handling 96.000 requests per minute has been successfully migrated to the cloud.
That migration was not only about focussing on the application.
While we applied an lift'n'shift approach to the application, managing the target infrastructure became crucial.
We needed …


“YANG and NETCONF - model-based configuration management for networks” Pieter Lexis · Full Talk - Monday & Tuesday (50 minutes)

In the networking world, configuration management is as much a hot topic as it is in the systems world. In contrast to the systems world, the networking world is full of proprietary devices, each with their own configuration "language". The IETF has standardized (and many vendors have implemented) …


“DNS as code with octoDNS” Matteo Valentini · Short Talk - Monday & Tuesday (25 minutes)

Versioning and keep track of your DNS records changes and automatize all the thing via Travis CI.


“Your own kubernetes lab with k3s” gratiendhaese · Short Talk - Monday & Tuesday (25 minutes)

Have a working kubernetes on your laptop as lab environment then k3s, which is a lightweight kubernetes distribution, is your friend. K3s is also an ideal way to get acquainted with kubernetes and to test out your own containerised applications before moving to a real kubernetes cluster. This talk …


“Ansible with ARA on RHEL7/CentOS7, welcome to hell!” Ton Kersten · Full Talk - Monday & Tuesday (50 minutes)

A lot of servers still run RHEL7 or CentOS7. But running Ansible with ARA on this moves you into dependency hell.
ARA needs Python3, CentOS delivers this, but not in /usr/bin/python. ARA needs nodejs. CentOS only has an old version..........

I will try to show you how I solved this hell and created…


“Untitled Config Game” Ryn Daniels · Full Talk - Monday & Tuesday (50 minutes)

It’s a lovely morning in the data center and you are a horrible ~goose~ devop. What sorts of trouble can you cause? For years, configuration management has been touted as a way of guarding against the fragility that comes from having humans configure things manually, but it isn’t a complete safegua…


“Nomad: Kubernetes, without the complexity” Andy Davies · Full Talk - Monday & Tuesday (50 minutes)

Nomad is a container orchestrator which is cross-platform, scalable, stable, and easy to operate. In this session, I will demonstrate how to create a Nomad cluster, and show how it's architecture and configuration differs from Kubernetes; making it easier to operate and cheaper!

We will then deploy…


“Web Application Firewall - Friend of your DevOps pipeline?” Franziska Bühler · Short Talk - Monday & Tuesday (25 minutes)

Web Application Firewalls (WAF) often raise concern about false positives, latency and other potential production problems. In addition, it is often said, that DevOps and WAF do not fit together. That is a pity, since the WAF helps to protect us from web application attacks, like those described by…


“Lessons learned from testing over 200,000 lines of Infrastructure Code” Lev Goncharov · Full Talk - Monday & Tuesday (50 minutes)

If we are talking that infrastructure is code, then we should reuse practices from development for infrastructure, i.e.

  • S.O.L.I.D. for Ansible.
  • Pair devopsing as part of XP practices.
  • Infrastructure Testing Pyramid: static/unit/integration/e2e tests.


“Configuration Management in 2020 and Beyond” Eric Sorenson · Full Talk - Monday & Tuesday (50 minutes)

What role does configuration management have in containerized and cloud-native infrastructure? What tools and practices have evolved to work with modern cloud platforms like Kubernetes? Is there a way out of the maze of YAML we've trapped ourselves in? In this session, Eric will share perspectives …


“Principle of Least Configuration” Jay Goldberg · Ignite - Monday & Tuesday (5 minutes)

This talk recounts the journey of developing a Linux platform to require very little in the way of configuration management, and how to virtually eliminate the need to modify code to change configuration. From configuration via scripts and evolving through a couple of configuration management prod…


“What's new in CFEngine” Nick Anderson · Short Talk - Monday & Tuesday (25 minutes)

Come hear about what's new in CFEngine with the latest long term supported
release and share perspectives about future work to prioritize.


“Can TypeScript really make infrastructure management easy?” Paul Stack · Full Talk - Monday & Tuesday (50 minutes)

In this talk, Paul will demonstrate why TypeScript is a great language of choice for infrastructure management. Pulumi is an open source tool that allows users to write their infrastructure code in TypeScript, Python or Go.

TypeScript allows infrastructure code to have integrated testing, compile t…


“Modern Infrastructure as Code” Paul Stack · Workshop - Wednesday (3 hours)

Learn all about Infrastructure as Code: from concepts, to serverless and container technologies, including several hands-on labs to teach you best practices for managing infrastructure in public cloud and Kubernetes.

In this workshop, we will be using a new Infrastructure as Code tool, Pulumi.

You …


“The Foreman Community Update” Tomer Brisker · Short Talk - Monday & Tuesday (25 minutes)

Another year, another CfgMgmt community update. I'll be going over what's new, what changed, and what our plans might look like for the future


“Achieving fully hands-off deployment of an Icinga 2 cluster using Puppet” Lander Van den Bulcke · Full Talk - Monday & Tuesday (50 minutes)

Although some excellent Puppet modules are provided for deploying Icinga 2, gluing everything together into a cluster with multiple satellite zones and redundancy can still be challenging, as you still need to provide the right configuration, endpoints, ... to each additional node.

This talk will i…


“Probing Ansible Bonds with Molecule tests” Bernhard Hopfenmüller, Matthias Dellweg · Full Talk - Monday & Tuesday (50 minutes)

The maxim "Test all the things" has not only become a winged word, but is also correct in its basic idea.
Ansible is no exception and not least because of the planned restructuring towards a collection system, where single roles including their necessary modules should be available as entities for …


“Managing Content in Your Large-Scale Datacenter with Katello” Ian Ballou · Full Talk - Monday & Tuesday (50 minutes)

If you’re seeking an open-source solution for managing your physical or virtual servers’ software content, then Katello could be for you! Through Katello, magnitudes of servers’ content can be easily and quickly managed via web browser. Files and software packages can be remotely synced or upload…


“Developer Stories: How to Upgrade to a Moving Target Without Disturbing Users or Your Sanity” Ian Ballou · Full Talk - Monday & Tuesday (50 minutes)

A Tale of Upgrading From MongoDB-based Pulp 2 to PostgreSQL-based Pulp 3 in Katello

Whether you are a developer, system administrator, or simply a consumer of software, upgrades can be a painful experience. When was the last time your prescribed hour-long upgrade turned into a full-day endeavor? …


“Maintaining over 40 Ansible modules: 4 years later” Evgeni Golov · Full Talk - Monday & Tuesday (50 minutes)

The Foreman community maintains a collection of over 40 Ansible modules for interaction with the Foreman API and the various plugin APIs. This all started with two modules in ansible/ansible in 2016 and escalated from there.

Today we want to share the lessons learned from these three years of modul…


“Developing Ansible modules for Foreman and Katello” Evgeni Golov · Full Talk - Monday & Tuesday (50 minutes)

The Foreman community maintains a collection of over 40 Ansible modules for interaction with the Foreman API and the various plugin APIs. This all started with two modules in ansible/ansible in 2016 and escalated from there.

Today we want to show how development of our modules works:
1. setting up …


“Automating the Vox Pupuli Yak Shaving” Robert, Tim Meusel · Full Talk - Monday & Tuesday (50 minutes)

Vox Pupuli maintains a huge amount of puppet modules and utilizes GitHub heavily for maintenance and daily tasks. We've built an app to support all the module maintainers in their daily work.


“Foreman Construction Day” Tomer Brisker · Fringe - Wednesday (8 hours)

Foreman will be holding its usual Foreman Construction Day on Wednesday 5th February 2020, right after CfgMgmtCamp. Please join us!

The aim is to build upon on the previous 2-4 days of talks and discussions, and put it to use! We’re open to all members of our community, such as

New users looking fo…


“Data-Driven Configuration with CFEngine's classfiltercsv function” Jay Goldberg · Short Talk - Monday & Tuesday (25 minutes)

Data-driven configuration management is a design pattern that can reduce complexity, improve outcomes, and empower engineers to make configuration changes without having to modify code. The new classfiltercsv function in CFEngine 3.14 makes it straightforward to implement a data-driven approach, a…


“Creating API and CLI for Foreman Kubevirt Compute Resource” Shira Maximov · Short Talk - Monday & Tuesday (25 minutes)

This talk will go over adding an API and CLI for a new Compute Resource in Foreman.
We will start with a quick introduction to the Kubevirt Compute Resource.
Then, we will dive into the code needed for adding API endpoints and a Hammer plugin that uses the API to allow provisioning automation and …


“Running Puppet from mgmt on overdrive” Felix Frank · Full Talk - Monday & Tuesday (50 minutes)

We added Puppet support to mgmt quite early on. You can run Puppet manifests through mgmt's engine, and mgmt can in turn rely on Puppet to synchronize resources that mgmt does not natively support. This incurs a significant performance overhead to each resource check, though.

This presentation show…


“Bare Metal Provisioning with Ansible and Cobbler” Felix Frank · Ignite - Monday & Tuesday (5 minutes)

An overview of an actual bare metal provisioning scheme powered by Ansible and Cobbler, with support for several Linux flavors and virtual machines.


“Terraboard, a web interface to view Terraform data” Raphaël Pinson · Ignite - Monday & Tuesday (5 minutes)

The Terraform project has grown a lot in popularity since its inception in 2015. Many resources that were not automated as code yet can now be managed this way.

The Terraboard project aims to provide a web interface to visualize and query Terraform states.


“Manage Configuration File Entries with Augeasproviders” Raphaël Pinson · Ignite - Monday & Tuesday (5 minutes)

The Augeasproviders project aims to ease the use of Augeas by providing native Ruby types and providers for Puppet, powered by the Augeas Ruby bindings under the hood. These resource types allow to easily edit configuration files in a clean and idempotent way with Puppet.


“Switching from Docker to CRI-O” Jan Bundesmann · Ignite - Monday & Tuesday (5 minutes)

cri-o is considered safer than Docker lacking the latter’s privileged central daemon and, additionally, produces less overhead because it does not contain techniques already provided by, for instance, kubernetes clusters. That’s why it is gaining popularity as an alternative to Docker. The large di…


“Rudder and Ansible: a love story” Victor Héry, Florian Ganée · Short Talk - Monday & Tuesday (25 minutes)

Ansible as a deployment tool, and Rudder as a compliance tool. How to move your Ansible tasks to Rudder, in order to use the best of both worlds?


“Kubernetes mobprogramming experiment” Anders Bruvik · Fringe - Wednesday (8 hours)

We are going to do two tings in one workshop (how is that even possible):

  • Inspired by mob programming – we are going to try an experiment in mob operations. We will get a big screen, and do everything together.
  • The thing we are going to mob operate is Kubernetes - we will start from scratch and …


“Dynflow - Orchestration for your Ruby project” Adam Ruzicka · Full Talk - Monday & Tuesday (50 minutes)

This talk introduces Dynflow, the dynamic workflow engine. It starts with a high level description of what the project does and what benefits it brings to its users. Next it describes the building blocks and commonly used action modules using which the user can create complex workflows with example…


“Squeeze the last drop out of pulp with ansible” Matthias Dellweg · Full Talk - Monday & Tuesday (50 minutes)

Ansible, the radically simple IT automation engine is not stranger to pulp, the juicy software repository management tool.

In addition to its ansible based installer and its plugin for ansible content, we present the third way for pulp to interact with ansible:
'Ansible Modules for Pulp', alias Squ…


“The Hard Thing About Kubernetes (It's the Infrastructure!)” Paul Stack · Full Talk - Monday & Tuesday (50 minutes)

Most cloud providers now offer "easy to use" managed Kubernetes clusters, allowing us to get up and running in no time. Then our teams can just deploy containerized apps to them and life is good ..... Or is it? The truth is, this apparent simplicity fades quickly. The difficulties of adopting Kuber…


“Designing and building a Large Scale CD system” R.I.Pienaar · Full Talk - Monday & Tuesday (50 minutes)

A look at designing a git driven CD system for software packages used to deploy software to 100s of thousands of nodes continuously


“What’s new in RUDDER and future roadmap” Alexandre Brianceau · Short Talk - Monday & Tuesday (25 minutes)

This year, we have only released one major version. After 5.0, we moved on to... the 6.0!

What has happened in RUDDER since last year? Let's discover together this new version, as well as all the new plugins: Ansible, OpenSCAP, Zabbix... And finally, let's discuss the next development of RUDDER for…


“Why compliance is essential in configuration management?” Alexandre Brianceau · Ignite - Monday & Tuesday (5 minutes)

The challenges of automation cannot be demonstrated. It is one of DevOps' CALMS pillars. However, automation serves objectives, and among them, compliance. Puppet Remediate, Chef Inspec, SalStack SecOps, RUDDER… we are all now developing towards compliance.

Why? How does compliance become essential…


“Feedback on scalability and load testing of a configuration management software” Nicolas CHARLES · Full Talk - Monday & Tuesday (50 minutes)

Rudder is based on API/Web application that allows users to configure and verify their configurations. Relying on agents on every system, itchecks and remediates configurations every 5 minutes and centralizes the result of application. Each result is made up of hundreds of events that are historize…


“Why you should revisit mgmt” Julien Pivotto · Full Talk - Monday & Tuesday (50 minutes)

mgmt has been around for 3+ years but unless you have taken the time to dig in, you probably don't know a lot about it.

As the project was presented early and and evolved a lot in the last months, I would like to do a special-effect free presentation about what it can do and how it can help you to …


“Your own Kubernetes Operator: Not Only in Go” Nicolas Fränkel · Full Talk - Monday & Tuesday (50 minutes)

In Kubernetes, operators allow the API to be extended to your heart content. If one task requires too much YAML, it’s easy to create an operator to take care of the repetitive cruft, and only require a minimum amount of YAML.

On the other hand, since its beginnings, the Go language has been adverti…


“Getting started with RUDDER, the most "secops" configuration management tool” Félix Dallidet · Workshop - Wednesday (3 hours)

Security policies are increasingly complex and demanding to be implemented by operational teams. How can we be sure that our security policies are properly applied on all our servers other than through a massive and costly audit? Even if they were when they were created, how do you know if they rem…


“Using RUDDER plugins to package tools and configuration policies” Félix Dallidet · Short Talk - Monday & Tuesday (25 minutes)

In Rudder 5.0 we have introduced a plugins’ ecosystem to make Rudder more flexible and adaptable to user needs. Plugins aim to bring new functionalities to Rudder: to plug it with other tools or simply package re-usable policy sets for example. Even though the currently available plugins cover a la…


“Head in the Clouds: Testing Infra as Code” Peter Souter · Full Talk - Monday & Tuesday (50 minutes)

Infrastructure-as-code has been one of the key concepts within DevOps to allow the benefits of a full development cycle for infrastrcuture and allow better visibility of the operations process.

However, when we're writing and applying this IaC, we're often interacting with disparate systems, often …


“Ansible Collaboration within your Organization” Brian Bouterse, Oleksandr Saprykin · Full Talk - Monday & Tuesday (50 minutes)

Ansible is an incredible tool for personal and team productivity, but sharing Ansible Role and Collection content between parts of your organization, or across teams, is hard. Sharing content publicly using galaxy.ansible.com is an option, but everything you post is now public. Alternatively, priva…


“Pulp install - Fest (Ansible, Container Registry, or RPMs)” Brian Bouterse, Dennis Kliban · Workshop - Wednesday (3 hours)

Come by and install pulp_ansible, pulp_container, or pulp_rpm with the developers who make them!

https://github.com/pulp/pulp_ansible
https://github.com/pulp/pulp_container/
https://github.com/pulp/pulp_rpm

We'll be using the Ansible installer: https://github.com/pulp/ansible-pulp


“Using OpenAPI to Maximise Your Pulp 3 Experience” Dennis Kliban · Short Talk - Monday & Tuesday (25 minutes)

Pulp (pulpproject.org) enables users to organize and distribute software. Now that Pulp 3.0 is generally available, it’s time to integrate it into your software delivery workflows. While the REST API is the primary integration point, it is the OpenAPI schema definition of that API that enables user…


“A RUDDER walkthrough: manage your configurations through compliance” Alexis Mousset · Full Talk - Monday & Tuesday (50 minutes)

This talk is designed for people wanting to discover or learn more about how things are done on a day-to-day basis with Rudder. Based on our experience helping Rudder users achieve their automation and compliance goals, this session will detail real-world examples, and describe and explain step-by-…


“Hacking Terraform: Engineer your Migration to IaC” Constantin Weisser · Full Talk - Monday & Tuesday (50 minutes)

Infrastructure as Code (IaC) is considered the predominant approach to manage Cloud Infrastructure at large scale. Terraform is the market-leading tool implementing this approach, including support for all big Clouds Providers. It is extremely convenient to start new projects from scratch and autom…


“The Road to Reliability: Infrastructure Testing explained” Constantin Weisser · Full Talk - Monday & Tuesday (50 minutes)

For years, there has been a shift to "Infrastructure as Code (IaC)". The code we write daily is not just the application itself, but also definition of whatever Cloud Infrastructure the application needs. Tools like Terraform, Pulumi or Cloud APIs support this approach. The code base we start with …


“Introduction to RUDDER Language” Benoît Pecatte · Full Talk - Monday & Tuesday (50 minutes)

Rudder is a graphical configuration management tool, which is quite an unusual approach in this domain. This talk is about the why and how we are now introducing a new DSL for RUDDER. If you had never considered RUDDER because he didn't have a DSL, or if you want to discuss language with us, now is…


“Kubernetes as CfgMgmt-Tool” Andy Wirtz · Full Talk - Monday & Tuesday (50 minutes)

Depending on the viewpoint, we can call Kubernetes a cloud, a scheduler or a configuration management tool. Kubernetes is a configuration management tool for the container platform itself, for the deployment of the application containers, the routing and loadbalancing within the container network a…


“Migrating a build farm from on-prem to AWS” Claes Buckwalter · Full Talk - Monday & Tuesday (50 minutes)

If you are considering a lift-and-shift from on-prem to public cloud, this talk is for you. Our team runs a centralized build farm for Nokia's software division. The build farm consists of a fleet of Jenkins Masters, a Kubernetes cluster, artifact storage, and various back-office services for monit…


“Mgmt Config: Autonomous Datacentres” James (purpleidea) · Full Talk - Monday & Tuesday (50 minutes)

Mgmt is a real-time automation tool that is fast and safe. One goal of the tool is to allow users to model and manage infrastructure that was previously very difficult or impossible to do so previously.

The tool has two main parts: the engine, and the language. This presentation will have a large n…


“Mgmt Config: Hands on with Autonomous Datacentres” James (purpleidea) · Fringe - Wednesday (8 hours)

Mgmt is a real-time automation tool that is fast and safe.
It uses a real-time, reactive programming language to model the desired state over time, and a powerful event-driven engine to apply this state.
In this workshop, we'll present a number of live demos, and get you running mgmt yourself, and …


“Vault Deploy: Organizing Terraform Code for Multiple Vault Clusters” Shobhna Shastri · Short Talk - Monday & Tuesday (25 minutes)

Using a Terraform Module and standing up one instance of a module is very common. And spinning up one Vault cluster is fairly straight forward. But what happens when you need to go from 1 instance to 4? This presentation covers how to develop and organize a Terraform project to manage multiple HA V…


“Designing the future of agent-server communication in RUDDER” Alexis Mousset · Short Talk - Monday & Tuesday (25 minutes)

Rudder is currently used to manage more than 10k machines from the same central server,
but our agent-server communication (using HTTP for inventory collection,
syslog for reporting and a custom protocol for policy updates) was limiting us in terms of
security, performance and extensibility. …


“seccomp — Your Next Layer of Defense” Philipp Krenn · Short Talk - Monday & Tuesday (25 minutes)

Why should you allow all possible system calls from your application when you know that you only need some? If you have ever wondered the same then this is the right talk for you. We are covering:

  • What is seccomp in a nutshell and where could you use it.
  • Practical example with Elasticsearch and Be…


“Autopilot, but never let go of the wheel” Simon McCartney · Short Talk - Monday & Tuesday (25 minutes)

From TOIL to Continuous Delivery of Infrastructure, our tail of migrating our existing Infrastructure as code tools & wrappers so that they can be used in a CD system, but with all of the control grey-beards, enterprises & governments expect.


“Cross-OS security hardening” Florian Heigl · Full Talk - Monday & Tuesday (50 minutes)

We have created a Rudder policy that covers all OS that we support at our customers, or that will be coming around (i.e. beta of a new version).
For our managed systems, it covers distro-/OS-specific settings with a generic rule that “what makes sense everywhere, will be applied everywhere”.
For h…


“Observability is More than Logs, Metrics & Traces” Philipp Krenn · Full Talk - Monday & Tuesday (50 minutes)

You know the drill: DevOps is using tool(s) X. So obviously, observability can be solved by throwing some tools together as well; generally logs, metrics, and traces often called the trifecta of observability.

But observability is not a tool — it is a property of a system. Moving from many small bl…


“Design, Draw, Deploy your AWS infrastructure from inception to production” Anton Babenko · Short Talk - Monday & Tuesday (25 minutes)

Once the infrastructure is designed you should be able to deploy it effortlessly. This has long been the goal and can now become a reality!


“Terraform, Pulumi... but what do we really need!?” Anton Babenko · Ignite - Monday & Tuesday (5 minutes)

We may have too many good options to choose from, aren't we? "Terraform is going to be replaced with Pulumi" - I was told. Well, I suppose that Pulumi will be replaced with what users actually WANT to use... My observations in infrastructure as management tooling in 5 minutes.


“Foreman - Basics and Provisioning” Dirk Götz · Workshop - Wednesday (3 hours)

This workshop will focus on basic knowledge, provisioning and orchestration for those new to Foreman.


“foreman-installer: 6 years of wrapping Puppet” Ewoud Kohl van Wijngaarden · Short Talk - Monday & Tuesday (25 minutes)

In 2013 the Foreman project started to wrap Puppet modules into an installer. After 6 years it's good to look back at how it went.


“Getting data out of your Foreman” Dirk Götz · Full Talk - Monday & Tuesday (50 minutes)

This talk will be about getting data for troubleshooting out of Foreman. I will take a look at multiple solutions, have a look at how easy they are to setup and which data they provide.


“Writing Ansible module for fun and profit” Abhijeet Kasurde, Ganesh B Nalawade · Workshop - Wednesday (3 hours)

Ansible provides a pluggable architecture that makes it easy to extend functionalities of Ansible. This workshop will be a hands-on session where I will discuss development process of the Ansible Module.


“To Foreman 2.0 and beyond: an architecture perspective” Ewoud Kohl van Wijngaarden · Short Talk - Monday & Tuesday (25 minutes)

The Foreman project is 10 years old, but there's still plenty of things to change. In this presentation we'll go over the current Foreman architecture as well as Katello before looking to the future with Foreman 2.0 and Katello 4.0.


“Global Linux client with Ansible and Foreman” Eric Keller · Short Talk - Monday & Tuesday (25 minutes)

This is the story of RLC, Roche Linux Client, deployed globally in 13 sites. Fully Integrated to our corporate environment. This talk is about how open source tools like Ansible, Foreman and Aptly made it all possible. Ultimately changing minds about how automation can bring value to our organisati…


“Magic YAML” Julien Pivotto · Ignite - Monday & Tuesday (5 minutes)

You think you know YAML? This talk will show you that you don't.


“Terraform Configuration Without The Mess” James Nugent · Short Talk - Monday & Tuesday (25 minutes)

One of the most frequent complaints about Terraform is the state that configuration gets itself into after a repository have been living for a few years. The root cause is often that teams treat Terraform as configuration instead of code, and throw basic software engineering principles out the wind…


“One tool to rule them all, Infrastructure Testing and Compliance with Chef Inspec” Kimball Johnson · Full Talk - Monday & Tuesday (50 minutes)

In this talk, I will demonstrate the use of Chef Inspec for testing all your infrastructure with Inspec, no matter how you build it.

I will cover traditional testing, and also compliance testing on servers, plus how you can verify the state of other types of Infrastructure using APIs.


“Modernizing the CFEngine project” Ole Herman Schumacher Elgesem, Vratislav Podzimek · Full Talk - Monday & Tuesday (50 minutes)

Mark Burgess released the initial version of CFEngine in 1993. It's been used, and developed by people all around the world since then. It's a large C codebase, with a lot of history. In the last few years, we've been taking important steps to prepare the codebase for the future. We are making it m…


“Grafana Dashboard Automation” Malcolm Holmes, Julien Pivotto · Full Talk - Monday & Tuesday (50 minutes)

This talk demonstrates technologies for automating Grafana dashboard generation and deployment.


“Tanka, a tool for managing K8s: ksonnet Rises Again” Malcolm Holmes · Full Talk - Monday & Tuesday (50 minutes)

Introducing Tanka, a scalable Jsonnet based tool for deploying and managing Kubernetes Infrastructure


“Managing Secrets Using SaltStack and Pillar” Gareth J Greenaway · Full Talk - Monday & Tuesday (50 minutes)

When using any sort of automation system for either remote execution or configuration management, one of the major advantages is the ability to reduce repetitive tasks. Often tasks in these scenarios involve using sensitive information such as passwords. In this talk we’ll look at how the SaltStac…


“Agentless SaltStack” Gareth J Greenaway · Full Talk - Monday & Tuesday (50 minutes)

Using an automation system such as SaltStack is a great way to ensure that traditional servers and desktops are kept in a consistent state. Commonly run tasks such as software updates and system configuration can be done in a way that the results are always consistent. But what about network devi…


“Doomed are the dinosaurs II” David Heijkamp · Full Talk - Monday & Tuesday (50 minutes)

It may be hard to image, but some sysadmins do not operate in ideal, tightly controlled circumstances. Apparently, not every developer, application or organization is ready for Kubernetes…

In this presentation we will share a real world use case: deploying and configuring a brand new natural histor…


“The Baremetal Discovery and SecureBoot provisioning using Foreman” Amit Upadhye · Full Talk - Monday & Tuesday (50 minutes)

The Baremetal Discovery and SecureBoot provisioning using Foreman

Baremetal Discovery:

This feature enables to do bare-metal discovery of unknown systems of the network. The systems sends the facts to Foreman which then can be used to provision hosts with different parameters. The plugin also provi…


“Using Ansible Vault to secure passwords, ssh keys and secure tokens.” Amit Upadhye · Full Talk - Monday & Tuesday (50 minutes)

Have you ever committed personal token, password or ssh public keys to GitHub ? or any public source code repository ? The devops culture is rapidly getting adopted and often we get to know instances where private important data was pushed to GitHub. Considering the adoption of Ansible usage this s…


“Config Mgmt for Kubernetes workloads with GitOps and Helm” Tomasz Tarczynski · Full Talk - Monday & Tuesday (50 minutes)

Kubernetes provides a declarative API, so you can describe the desired state of the system. And then it is the role of the control plane to operate the cluster (make the actual state match the desired state).
But we still need config mgmt for API objects to the point when they are applied to the cl…


“Kapitan: generic configuration management for Kubernetes, Terraform and other things” Ricardo Amaro · Full Talk - Monday & Tuesday (50 minutes)

When building infrastructure with technologies such as Kubernetes and Terraform, the complexity of configuration quickly becomes hard to manage, especially with multiple engineers contributing code and config. Kapitan was created at DeepMind to manage complex environments to generate config, docume…


“Creating reports based on Foreman data” Marek Hulan · Short Talk - Monday & Tuesday (25 minutes)

Foreman is a well known infrastructure management swiss army knife. Recently it got a new reporting engine that can be used to gather interesting data about managed hosts. In this talk I'll show how to do that, discuss possible gotchas and explain best practices.


“Using Git submodules” Quirin Pamp · Short Talk - Monday & Tuesday (25 minutes)

There are countless articles and blogs warning about the pitfalls in Git submodule usage, in effect resulting in an "avoid at all costs" recommendation. By contrast, this talk examines when and how to use Git submodules from a neutral point of view. Legitimate use cases, managing pitfalls, and alte…


“Automating Security Response with Serverless” Michael Ducy · Full Talk - Monday & Tuesday (50 minutes)

Serverless (or Functions as a Service) tends to get thrown in the "paradigms nice for developers" bucket, but Serverless can provide meaningful benefits to Operations, DevOps, and SRE teams. In a world where everything is presented or controlled via an API, Serverless' event driven, api first philo…


“Rethinking Open Source in the Age of Cloud” Michael Ducy · Ignite - Monday & Tuesday (5 minutes)

The last several years has brought explosive growth to the realm of open source. Many new projects have started, and many have went on to become foundational components of running applications at scale. Cloud providers have focused on a strategy of embracing open source not only to help build value…


“Yomi - Installation of the OS using SaltStack” Alberto Planas · Full Talk - Monday & Tuesday (50 minutes)

Yomi (Yet one more installer) is a new proposal for an OS installer
that is build on top of the features that a Software Configuration Tool
(StalStack) provides.


“Puppet Contributor Session” Ben Ford · Fringe - Wednesday (8 hours)

Collaboration session for the Puppet ecosystem.


“Test your infrastructure with litmus” Bram Vogelaar · Full Talk - Monday & Tuesday (50 minutes)

We have been able to test our puppet modules using rspec-puppet and
serverspec for a while now and the quality of our code is improving because
of it. This talk will introduce the new kid on the block litmus. This talk will show you how
to use litmus to test puppet modules and how to convert your e…


“Case study: porting the whole world to a new API” Ben Ford · Short Talk - Monday & Tuesday (25 minutes)

Designing the perfect v2 of your API is never enough: look at Perl6 or Python3. In the case of Puppet, look at the cleverly named "modern 4.x function API". The original function API was kind of a mess. It allowed global object pollution, was slow, leaked across environments, and in general contrib…


“Advanced Salt States: Going Beyond YAML” Gareth J Greenaway · Full Talk - Monday & Tuesday (50 minutes)

Using an automation system such as SaltStack is a great way to ensure that traditional servers and desktops are kept in a consistent state. Commonly run tasks such as software updates and configurations can be done in a way that the results are always consistent. When using SaltStack this is acco…


“Learn configuration management and SDI from scratch using Uyuni” Pau Garcia Quiles, Pablo Suárez Hernández · Workshop - Wednesday (3 hours)

Uyuni is a software-defined infrastructure and configuration management solution. You can use it to bootstrap physical servers, deploy and update packages and patches -even with content lifecycle management features- create VMs for virtualization and cloud, builds container images, tracks what runs…


“Challenges of Internet of Things at scale” Mirza Krak · Full Talk - Monday & Tuesday (50 minutes)

The Internet of Things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the internet, and they can …


“Foreman on Ansible” Ondřej Ezr · Full Talk - Monday & Tuesday (50 minutes)

Why to integrate Ansible and Foreman with each other and how to get the most value when using Ansible from Foreman. I will describe two primary approaches of using Ansible from Foreman. Firstly usage of ansible as a configuration management, where hosts are kept in a predefined state. The second us…


“Rollout all your Prometheus exporters with Puppet!” Tim Meusel · Full Talk - Monday & Tuesday (50 minutes)

Everybody loves Prometheus. Many exporters are available to gather specific data. You can download the binaries from GitHub, start them and they will expose data via plain HTTP, without any firewalling or authentication. That would just complicate the whole setup!

A secure and automated rollout of …


“Continuous Delivery: Infrastructure Edition!” Xander Grzywinski · Short Talk - Monday & Tuesday (25 minutes)

Application delivery pipelines can make it a lot easier to quickly iterate on applications, but what about infrastructure? There’s toil hiding everywhere in infrastructure management, including processes like scaling up or down, patching, and more. On top of that, security requirements are often a …


“DevOps is dead, Servers are dying, and I don't feel so great myself.” Paul Czarkowski · Ignite - Monday & Tuesday (5 minutes)

A look at the changing landscape for Operations. With SRE and Kubernetes both on the rise we’re seeing drastic changes in the way we build and operate infrastructure. At the same time Serverless has exploded onto the scene and confused things even further.


“Hands on with Kubernetes” Paul Czarkowski · Workshop - Wednesday (3 hours)

A half to full day training session aimed at people that are new to Containers and Kubernetes. Each attendee will have access to a Kubernetes cluster and will finish the training with the confidence to say “I Know Kubernetes”.


“Scalable configuration with CUE” Marcel van Lohuizen · Full Talk - Monday & Tuesday (50 minutes)

CUE is a new abstract-oriented constraint-based configuration language and set of APIs. This talk dives into how it came about and the problems it solves.


“Manage Virtual Machines like Configuration with Salt” Cédric Bosdonnat · Full Talk - Monday & Tuesday (50 minutes)

Virtual Machines are live things, but what if I want to manage them just like configuration? Salt helps you doing it by defining the VMs using states. This talk will be showing off how to leverage this feature. The talk will quickly walk through the basics of Salt states before exploring the virt s…


“That's not my puppet - Things *not* to do (and some alternatives)!” Alexander Fisher · Full Talk - Monday & Tuesday (50 minutes)

Whilst best practices do involve over time (and sometimes 'advice' changes completely), there's also the other end of the spectrum where
style-guides are ignored, house 'styles' take over and the anti-patterns and worse prevail.

Fed up with being told 'it works, why shouldn't I write puppet this wa…


“Automating and Managing Clusters with Helm” Taylor Thomas, Martin Hickey · Full Talk - Monday & Tuesday (50 minutes)

Are you are one of the many people migrating their projects to Kubernetes? Have you found setting up and maintaining various app and cluster configurations an ordeal? Enter Helm, the package manager for Kubernetes.

What does a package manager have to do with this? This session has the answer! We w…


“I got 99 problems and a bash DSL ain't one of them.” John Willis · Full Talk - Monday & Tuesday (50 minutes)

I got 99 problems and a bash DSL ain't one of them.


“CFEngine Workshop Room” Nils Christian Flinder Roscher-Nielsen, Nick Anderson · Fringe - Wednesday (8 hours)

Hack Day Room


“Monday Breakfast” Everyone · Break Fast (60 minutes)

Coffee and Croissants


“Tuesday Breakfast” Everyone · Break Fast (60 minutes)

Coffee and Croissants


“Wednesday Breakfast” Everyone · Break Fast (60 minutes)

Cofee and Croissants


“Monday Lunch” Everyone · Lunch (60 minutes)

Lunch (on your own)


“Tuesday Lunch” Everyone · Lunch (60 minutes)

On your own


“Wednesday Lunch” Everyone · Lunch (60 minutes)

On your own


“Monday Morning Break” Everyone · Break (20 minutes)

Coffee and Snacks


“Monday Afternoon Break” Everyone · Break (20 minutes)

Coffee and Snacks


“Tuesday Morning Break” Everyone · Break (20 minutes)

Coffee and Snacks


“Tuesday Afernoon Break” Everyone · Break (20 minutes)

Coffee and Snacks


“POP Culture: An intro to Plugin Oriented Programming” Tyler Johnson · Full Talk - Monday & Tuesday (50 minutes)

Plugin Oriented Programing, also known as POP, is a new programming paradigm and open source project developed by SaltStack. Like any programming paradigm learning POP means thinking about programming differently. Using POP to create a plugin oriented project is easy. This introduction will help yo…


“Running Ansible within Salt - Get the best of both worlds” Pablo Suárez Hernández · Full Talk - Monday & Tuesday (50 minutes)

At SUSE we love Salt for configuration management and infrastructure orchestration. We actively develop and integrate Salt as a core component of some of our products. At times we work with customers and users who chose Ansible as their configuration management engine. They invested time and effort…


“Automate Monitoring with Salt and CheckMK” Philipp Lemke · Full Talk - Monday & Tuesday (50 minutes)

Intelligent Automation meets Intelligent Monitoring. Enable synergies between Salt & checkmk

Learn how to:
- Setup quickly a full functional monitoring environment
- Add your Salt-Minions automatically to checkmk
- Install checkmk Monitoring Agents via Salt
- Use Salt Grains within checkmk to …


“Hackerroom” Everyone · Workshop - Wednesday (3 hours)

Hacker Room