June 20 - 22 - Tokyo, Japan
Click for Open Source Summit Japan & Automotive Linux Summit Information & Registration

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Infrastructure & Automation [clear filter]
Thursday, June 21


A DevOps State of Mind: Continuous Security with DevSecOps + Containers - Chris Van Tuin, Red Hat
With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, Security is the highest adoption barrier. In this presentation, you'll learn about DevSecOps + Containers, including:

- Best practices for addressing the top container security risks in a container environment including images, builds, registry, deployment, hosts, network, storage, APIs, monitoring & logging, and federation.
- Automating and integrating security vulnerability management & compliance checking for container images in a DevOps CI/CD pipeline
- Deployment strategies for deploying container security updates including recreate, rolling, blue/green, canary and a/b testing.

avatar for Chris Van Tuin

Chris Van Tuin

Chief Technologist, NA West, Red Hat
Chris Van Tuin, Chief Technologist, NA West at Red Hat, has over 20 years of experience in IT and Software. Since joining Red Hat in 2005, Chris has been architecting solutions for strategic customers and partners and is a frequent speaker on DevOps, Security, and Containers. He started... Read More →

Thursday June 21, 2018 11:10 - 11:50
Room 1


FaaS Shell: Multi-cloud Portable Serverless Function Workflow - Naohiro Tamura, Fujitsu Limited
Serverless Function Workflow is available from each FaaS for their own such as AWS Step Functions, Azure Logic Apps, IBM Function Composer, Fission Flow, and etc.

Hence workflow isn't portable.

This presentation shows a multi-cloud portable solution, "FaaS Shell", that is an abstraction layer on top of FaaS to execute multiple workflow languages across multiple clouds.

Under the hood, FaaS Shell compiles workflow language and generate intermediate DSL, then executes it as the common language.
Also FaaS Shell made some devises to support multiple clouds seamlessly such as function name resolution and event handling rule.

As the first step, FaaS Shell supported Amazon State Language, and currently AWS Lambda, Google Cloud Functions, Azure Functions, and IBM Cloud Functions/OpenWhisk as vendor plug-ins.

Proof of Concept is available at https://github.com/NaohiroTamura/faasshell.


Naohiro Tamura

Professional Engineer, Fujitsu Limited
Professional Engineer, Fujitsu Limited Currently he's working on the project FaaS Shell in Serverless Computing. https://github.com/NaohiroTamura/faasshell Previously he worked on the project OpenStack Ironic, and was a speaker at OpenStack Summit Tokyo 2015.

Thursday June 21, 2018 12:00 - 12:40
Room 1


Package Management and Distribution in a Cloud World - Jose Miguel Parrella, Microsoft
The open source ecosystem has long been at the forefront of innovation in software distribution and package management, whether we're talking about Linux, open source library ecosystems like Node.js' or Python's or Linux-based containers.

Yet the mature and venerable stack of technologies underlying this innovation is being stretched in may different ways, with projects like Flatpak, Snaps, Nix, AppImage, OCI's imagespec and others playing a role in defining what package management and software distribution will look like in the future.

In this presentation, we’ll discuss the state of post-modern package management with emphasis on adoption and addressing the community’s concerns on use cases, where collaboration is needed and expected, how to govern this space and why should organizations care.

Audience: IT management, software architects and IT professionals (DevOps, SRE, etc.) that are heavily invested in packaging technologies for software distribution, configuration management, etc., including APT, RPM, OCI image-spec and other containerized applications, languages with large library ecosystems such as Python, Node.js and Perl, and ecosystem/channel strategists for ISVs targeting open source stacks.

avatar for Jose Miguel Parrella

Jose Miguel Parrella

Principal Program Manager, Microsoft Azure, Microsoft
Jose Miguel is an open source enthusiast with over 15 years of experience with Linux as a sysadmin, solutions architect and Debian Developer. He joined Microsoft in 2010 to work on open source technologies and is part of the Azure team, sitting right where Linux and the cloud meet... Read More →

Thursday June 21, 2018 14:00 - 14:40
Room 1


Managing Server Secrets at Scale with a Vaultless Password Manager - Ignat Korchagin, Cloudflare
Operating a large cluster, a datacenter, or a distributed network involves handling a lot of secrets. In almost all cases, you have to deal with at least four types of secrets for each piece of hardware: SSH server key (or shell access key), key to bootstrap your configuration management system, disk encryption key, and maybe some per-server credentials to access other services. And most of the time, these keys have to be set up before your configuration management kicks in, making the automation of this process more difficult.

This talk presents an approach that combines hardware support and little cryptography to deal with the above issues and unify and simplify secret management for your hardware fleet.

avatar for Ignat Korchagin

Ignat Korchagin

Systems engineer, Cloudflare
Ignat Korchagin is a security engineer at Cloudflare working mostly on platform and hardware security. Ignat’s interests are cryptography, hacking, and low-level programming. Before Cloudflare, Ignat worked as a senior security engineer for Samsung Electronics’ Mobile Communications... Read More →

Thursday June 21, 2018 14:50 - 15:30
Room 1


Panel Discussion: The Journey To Cloud Native and the Underlying Storage Transformation - Moderated by Steven Tan, Huawei
Businesses around the world are going through data center transformation towards cloud-native design. In addition to planning storage for the new cloud-native applications; the transformation also involves dealing with massive amount of existing data must be preserved, replicated, migrated, backed up, archived or disposed - this means a rethink of the entire storage infrastructure which may lead to an overhaul on the design. What are the motivations for this transformation? What are the open source tools they using? What does it take to complete this journey without disrupting existing business operations?

In this panel, we have invited experts from NTT Communications, Yahoo Japan, and Toyota to share their experience and stories on this journey; we have also invited the Lead Architect of the OpenSDS project to share what the project is doing to help end users. Join us and our panel experts will address your inquiries around storage transformation for cloud-native design.


Steven Tan

VP & CTO Cloud Storage Solution, Huawei
Steven Tan is OpenSDS TSC chair, and VP & CTO Cloud Solution at Futurewei where he is responsible for cloud solutions, and open-source collaboration. Steven brings over 20 years of engineering experience spanning cloud, virtualization, data security, data management, and storage... Read More →


Kei Kusunoki

NTT Communications
Kei Kusunoki is a Storage Architect at NTT Communications R&D department and has worked on the storage service development for telecom carrier’s cloud service since 2012. He has designed and evaluated block/file/object storages for carrier’s IaaS infrastructure.
avatar for Yusuke Sato

Yusuke Sato

Manager, Yahoo Japan
Yusuke Sato is responsible for private cloud compute and storage at Yahoo Japan Corporation. He has been engaged mainly in verification of server hardware, operation of storage systems, and establishment and operation of virtual environments. He led the server and OS team from 2013... Read More →
avatar for Xing Yang

Xing Yang

Principal Architect, Huawei Technologies
Xing is a Principal Architect at Huawei, leading the project and architecture design of OpenSDS, an open source project under Linux Foundation. She previously worked at Dell EMC and has expertise in storage, data protection, disaster recovery, cloud and virtualization technologies... Read More →

Thursday June 21, 2018 16:00 - 16:40
Room 1


Friday, June 22


Proctor: Managing A|B Tests and More - Yiqing Zhu, Indeed
In this session, we will Introduce Proctor - the system we developed to define and manage A|B test to help Indeed develop a better product. We will explain how we use Proctor to target users using data-driven rules, adjust experiments on-the-fly, and ensure clean results for multivariate tests.


Friday June 22, 2018 11:20 - 12:00
Room 6


Athenz: The Open-Source Solution to Provide Access Control in Dynamic Infrastructures - Tatsuya Yano, Yahoo Japan Corp. (slides attached)
Most Cloud computing environments are based on self-service thus authorization configuration is frequent and dynamic.
Furthermore, in Microservices architecture, each service communicates via Web APIs thus it is important to have precise and frequently configurable access controls with low cost.

Athenz is an open source platform for fine grained access control in dynamic infrastructures.
It is a set of services and libraries supporting role-based authorization (RBAC) for dynamic provisioning and configuration use cases as well as serving/runtime use cases.
Athenz provides interface to integrate with each infrastructure, thus gaining options to run multi environments with single access control model.

In this session, the speaker is going to explain the benefits of using Athenz and demonstrate how to use Athenz in a Cloud computing environment.


avatar for Tatsuya Yano

Tatsuya Yano

Platform Developer, Yahoo Japan Corporation
Platform developer in Yahoo Japan Corporation. Principal engineer for Dev/Ops of identities and access management. Contributor for development of open-source product "Athenz". (https://github.com/yahoo/athenz)

Friday June 22, 2018 12:10 - 12:50
Room 6


Pinterest's Journey from VMs to Containers on the Public Cloud - Micheal Benedict, Pinterest
Pinterest was born on AWS. Today, we operate thousands of instances and process over 150PB of data.

In this talk, I'll share why & how Pinterest moved from VMs to Containers and K8S.
1) Pinterest Infrastructure Overview
2) VMs vs. Containers
a. Developer Velocity - We will discuss the overall job lifecycle workflow i.e build, setup, deploy, operations when using VMs and Containers.
b. Service Reliability - Constraints around resource isolation
c. Infrastructure Governance - Attribution of resources both on utilization & Spend
d. Efficiency – Specifically around auto-scaling. We use ASGs heavily and will share how we quantified efficiency when in VM vs. Container
3. Move to Containers - I'll share how Pinterest adopted Docker & subsequently evaluated different orchestration systems across dimensions such as docker integration, scheduling, security, networking, etc.


Friday June 22, 2018 12:10 - 12:50
Room 6


Git at Scale: Beyond the Linux Kernel - Edward Thomson, Microsoft
The Git version control system was created to manage the development of the Linux kernel - a large software project in many respects. But it struggles to scale beyond that, to Enterprise scale “monorepos” or with repositories with large files like binaries, media, or scientific data sets.

This session will introduce some of the architectural decisions in Git that lead to its struggle with large files or very large repositories, and show techniques to cope with them. Edward will discuss:

* Why Git (by itself) is not appropriate as a storage mechanism for large files, and how tools like git-lfs work and can allow you to manage binaries.
* Why Git cannot handle enormous “monorepos”, and how tools like GVFS work to enable them.

This session will provide evidence of teams using these tools successfully and show examples of how they work.

avatar for Edward Thomson

Edward Thomson

Speaker, Techorama
Edward Thomson is a senior program manager at Microsoft, where he focuses on Git and the version control tools in Visual Studio Team Services and ensures that customers are successful while using them. Previously, he was a software engineer building version control tools at Microsoft... Read More →

Friday June 22, 2018 14:25 - 15:05
Room 6


The Second Revolution of Unikernels: Unikraft - Wei Chen, ARM
Late last year, NEC Laboratories Europe introduced a new project called Unikraft. It had designed a totally new development model to reduce the effort of converting existed applications to Unikernels. Developers can recompile applications for Unikernels instead of rewriting them. So, after deploying Unikernels to virtual machine, this project can be regarded as the second revolution of Unikernels.

Since this project was announced, Wei has been actively working with the community to get involved in this project. In this presentation Wei intend to:

* Share some knowledge of Unikraft, including:
1) The concept and architecture of Unikraft
2) The categories of Library pools
3) The Unikraft build tool working principle
4) How to contribute to this project
5) The Arm support status of this project
* Demonstrate a Unikraft application on an Arm server

avatar for Wei Chen

Wei Chen

Staff Software Engineer, Arm
Wei is a Staff Software Engineer at Arm in the Opensource Software Ecosystem. The focus of his work is virtualization, containers and Unikernels. Wei was responsible for ukvm and hypercontainer on Arm. Currently, Wei is responsible for the Unikraft and Katacontainer projects on Arm... Read More →

Friday June 22, 2018 15:15 - 15:55
Room 6


Microservices, Service Mesh, and CI/CD Pipelines - Making it All Work Together - Brian Redmond, Microsoft
Microservices come with many advantages for massively scaling applications. CI/CD is a common approach to automating updates to these applications in kubernetes. Strategies such as canary deployments can be simple with a basic website, but this is a difficult task with distributed systems. I would argue that many CI/CD systems are missing some key components such as: advanced routing, observability, and chaos testing.

Service mesh solutions bring these missing components to kubernetes allowing us to shape traffic to specific versions and obtain metrics to better understand the impact of updates.

I will demonstrate how to use common CI/CD tooling such as Brigade, Jenkins, or Spinnaker to drive deployments with Kubernetes. I will show how service mesh technologies such as istio, conduit, or linkerd ease the ability to efficiently deliver and test microservices in Kubernetes.

avatar for Brian Redmond

Brian Redmond

Cloud Architect, Microsoft
I am a Cloud Architect on the Azure Global Black Belt team at Microsoft. I focus on containers, microservices, and cloud native applications in the Azure cloud platform. I have been working in technology for over 20 years and have a mixed background from application development to... Read More →

Friday June 22, 2018 16:20 - 17:00
Room 6


Building Debian Images With Yocto: Joining Approaches - Baurzhan Ismagulov, Ilbers GmbH & Kazuhiro Hayashi, Toshiba
Debian is a binary distribution well-known for its stability and long-term support from strong communities. Compared with source-based distributions, it provides key benefits like fast system installation, software repository infrastructure, and security updates. For embedded usage, patching Debian packages, cross-building from sources, reproducibility and traceability are additionally required.

Isar and Deby work together on building source packages in a Debian way with Yocto tools and using Debian binary packages in a single project. The goal is to benefit from Debian's advantages and make customization very, very easy. In this talk, Baurzhan and Kazuhiro will explain why the projects collaborate, what kind of build infrastructure would be preferred, and how they share common features to effectively apply Debian to a wider range of products.


Kazuhiro Hayashi

Software Engineer, TOSHIBA Corporation
Kazuhiro Hayashi works at TOSHIBA Corporation as a Software Engineer since 2010. The main part of his work is to develop Linux for various industrial embedded products. His another focus is to provide a common Linux distribution and its build infrastructure for effective product development... Read More →

Baurzhan Ismagulov

Software Engineer, ilbers GmbH

Friday June 22, 2018 17:10 - 17:50
Room 6
  • Experience Level Any