Spring 2018 Talks

About the Talks

All of the 2018 Talk submissions are judged using a ‘blind’ process. The submissions are collated by the council with identifying material removed and then a vote is cast as to accept, reject or reserve the talk.

The talks below are accepted and confirmed by the speakers. The list will grow as we accept more talks. The keynote (plenary) talks will appear at the top, all other talks will be alphabetical by speaker name. You can view the Workshops on their own page here.


You think you’re not a target? A tale of three developers…
by Chris Lamb, Debian Project Leader

If you develop or distribute software of any kind, you are vulnerable to whole categories of attacks upon yourself or your loved ones. This includes blackmail, extortion or “just” simple malware injection… By targeting software developers such as yourself, malicious actors, including nefarious governments, can infect and attack thousands — if not millions — of end users.

How can we avert this? The idea behind “reproducible” builds is to allow verification that no flaws have been introduced during build processes; this prevents against the installation of backdoor-introducing malware on developers’ machines, ensuring attempts at extortion and other forms of subterfuge are quickly uncovered and thus ultimately futile.

Through a story of three different developers, this talk will engage you on this growing threat to you and how it affects everyone involved in the production lifecycle of software development, as well as how reproducible builds can help prevent against it.

About Chris

(Website: https://chris-lamb.co.uk/)
(Twitter: @lolamby)

Chris is a freelance computer programmer and the primary author of dozens of free/open-source projects and contributor to 100s of others. Chris also runs a number of web services.

Chris has been an official Debian Developer since 2008 and am currently serving as the Debian Project Leader.

Chris is highly active in the Reproducible Builds project, has been awarded a grant from the Core Infrastructure Initiative to fund work in this area.

Chris previously worked as Technical Architect at Playfire.com(acquired) & Thread.com (YCombinator S12). He is highly experienced in full-stack web development with a focus on backend development using Django and system administration but you can find his latest programming interests on his blog.

In his spare time Chris is an avid readerfilm-goer, an Ironman, as well as a classical cellist, regularly performing in public concerts.

The Talks

Forensically looking at Digital Images (pictures)
By Simon Biles

During this talk, we would look at the analysis of digital images. We will look at the different file formats, and the ways of determining if an image has been altered or not.

About Simon

Simon is an Information Security and Digital Forensics Specialist. He’s lectured at DeMontfort University on Digital Forensics – most notably on “Alternative Operating Systems” – which, let’s face it, is what most of the attendees of this conference will be using – ‘cos basically it means “Anything that isn’t Windows”… He’s cropped up at a couple of FLOSS Spring Schools previously, so really he should know better by now, rather than doing talks instead…

Deploying your SaaS stack OnPrem
by Kris Buytaert

Even today a lot of organisations are not using “Cloud” or “SaaS” platforms , but they want the same functionality as these SaaS platforms. When that call comes it’s a hard dilemma between growing your customer base or not. This talk will discuss our experiences in running an existing Open Source Software as a Service platform on premise at a customer. It will show you all the pitfalls and painpoints we went trough in doing this, even when we had a Infrastucture as Code and Continuous Delivery as our primary values. We’ll discuss what tools we used, why we selected only Open Source tools and what our lessons learned are.

About Kris

(Website: http://krisbuytaert.be/index.shtml)
(Twitter: @KrisBuytaert)

Kris Buytaert is a long time Linux and Open Source Consultant. He’s one of instigators of the devops movement, currently working for Inuits

He is frequently speaking at, or organizing different international conferences and has written about the same subjects in different Books, Papers and Articles

He spends most of his time working on bridging the gap between developers and operations with a strong focus on High Availability, Scalability , Virtualisation and Large Infrastructure Management projects hence trying to build infrastructures that can survive the 10th floor test, better known today as the cloud while actively promoting the devops idea !

His blog titled “Everything is a Freaking DNS Problem” can be found at http://www.krisbuytaert.be/blog . Kris’ attendance will be sponsored by Inuits (http://inuits.eu/).

Shifting the acceptance approach in a DevOps team
By Assaf Flatto

DevOps is about collaboration, but we all have opinions and ideas on how things should/can be done.

Sometimes egos collide and tension in the team can cause friction and drop productivity (or even grind to a halt), how do we negate that and what can we learn on how to ensure smooth incorporation of team members and work disciplines.

AWS + Spotinst = Winning the Cloud Cost battle (Lightning Talk)

As a company grows the usage of the cloud usage increase and the CFO /CEO wants to reduce cost – in comes SpotInst to help find your best value/money in the spot market, hear about our use of SpotInst in CI/Jenkins and reduction of cost in Production.

About Assaf

Assaf Flatto has been a working in the Open Source community since 1995, starting with Slackware and has started working with NetSaint (now Nagios ) since version 0.6, since then he became a Linux Administrator and Nagios certified. He has been active in supporting the Nagios community by offering help and advice via the IRC channel and the (now dead) mailing list.

He is an active team member of Icinga since 2011. He has been a Linux Administrator and done Network Management for companies like the BBC, SKY, and LOVEFiLM in the UK and VoxPopuli, Atelis, and M-Wise in Israel. Currently working as a consultant in IT/DevOps and Network Management implementations for various companies.

Shaping Clouds with Terraform
by Mike Fowler

Terraform is an open source tool that helps you control your infrastructure configuration through code. This talk will serve as a primer showing how to build a basic infrastructure in the Google Cloud and how we can re-use our code to construct multiple, identical environments.

About Mike

Mike Fowler encountered Linux and it’s surrounding ecosystem of open source software while reading software engineering at university. As a student he delighted in the ability to read and understand the code as well as the cost freedom to make use of software that would otherwise be out of reach.

Entering the corporate world he discovered that the commercial equivalents of many of the tools he’d grown to love were also out of his employer’s reach, Introducing open source was the easy part, keeping it running was a different matter. So began a career that mixed elements of software engineering, system administration and systems engineering.

Driven by a belief that humans should only do interesting things Mike has spent many years automating many aspects of his duties as well as the business processes within the business. Aside from the usual collection of Perl & Ansible scripts, he made heavy use of and many contributions to the YAWL project (Yet Another Workflow Engine).

Mike is a strong advocate of PostgreSQL having driven it’s adoption at many of his previous employers. He contributed some XML features to 9.1 and has made a number of bug fixes to the JDBC driver. He has spoken of these experiences as a regular speaker at PGDayUK.

With the advent of Site Reliability Engineering Mike now has a title that matches what he’s always been doing. By combining his software & systems engineering skills with his system administration experience and passion for automation he now works on behalf of Claranet with organisations to help them migrate and make better use of the Linux public cloud offerings. The open source Terraform project plays a major role which has resulted in a number of contributions back to the community.

ODF: Great standard, but what works?
By Ben Martin

ODF is an open standard for storing office documents like text, spreadsheets, drawings, and presentations.While ODF1.2 has been a standard for years, most tools do not fully implement the entire specification. See how many current generation office suites implement and or ignore the features of the ODF
specification. I’ll also cover some open source tools which you can use to check how well your own documents are preserved across many different office suites. Some results are available at http://autotests.opendocumentformat.org/

I have been working on tools to help you work out what is supported by each office application and see how a document is presented on a platform that you
do not have access to. odfautotests runs hundreds of tests that have been derived from the ODF standard, with each test aimed at showing how well each office application preserves a specific attribute or element of the ODF standard.

So for example you can see at a glance what office application will throw away ruby text, and also see how the ruby text is presented. While you might not
care about ruby text, returning an updated document to a Japanese client with it stripped out will likely lead to tension. odfserver is a new tool created
this year to allow files to be uploaded to a central server and have numerous office applications load and save each file to test compatibility.

These testing tools are useful for a few groups of people. End users looking to use ODF and knowing what is properly preserved in their document. Small tests showing failing attributes are gold for developers who can then formulate plans as to which parts of the specification should be supported by their project next.

FileSender: Sharing large files across research facilities

The FileSender project allows large files (100gb+) to easily be shared with people at other companies and research facilities. Uploads and downloads occur in the browser and files can be uploaded to a FileSender hosted at your organization or you can be invited as a guest to another research facility installation. Optional end to end encryption keeps the data secure from users on the server, all crypto is done in the browser keeping it simple and secure for users.

While a raw http and ftp server can be used to share files many non techical users will not have access to upload and administer one of these servers. Access control to only selected users and automatic expiration of hosted files might be difficult for users more interested in research which is outside the IT field.

FileSender supports push and pull models. To push, if you have access to a FileSender installation you can upload the file to it and inform those who you want to access the data to allow them to obtain it. To pull a file, you can create a guest on your FileSender install and invite a user to upload the data there. Guests can be subjected to specific access control, for example, only uploading a single file, and only to you.

I would love to talk about the challenges the FileSender project tries to address, the php/js code that comprise it, the history, and development of FileSender. I think it is a useful project to know and use in research and commercial environments and would love to hear feedback on where the project might want to move in the future.

Prometheus, cloud native monitoring
by Julien Pivotto

This talk will present you Prometheus, an open source cloud native monitoring solution. Prometheus is nicely integrated with lots of other open source pieces of softwares; it is data-centric and nicely coupled with multiple service discovery implementation. Come to the talk to learn more and discover what that really means!

About Julien

(Website: https://roidelapluie.be/)

Julien Pivotto is a young Open-Source consultant at Inuits where he is helping organisations with the deployment of long-term solutions based on Open-Source infrastructure. He is a strong believer in the devops movement and has technical focus towards infrastructure automation, continuous integration, monitoring and high availability.

A Kubernetes cluster of sandboxed applications, using CloudABI
By Ed Schouten

Over the last 2-3 years I’ve been working on an Open Source project called CloudABI. CloudABI is a very compact UNIX-like development/runtime environment. Applications built on top of it have a couple of advantages to plain Linux/BSD applications:

They are very easy to sandbox. CloudABI doesn’t offer any global namespaces, meaning that applications cannot simply open arbitrary paths on disk or connect to arbitrary hosts on the network. They can only interact with resources that are explicitly injected in the form of file descriptors.

They are easier to test. As all resources need to be injected, they can also be replaced with stubs.

They are easier to migrate between systems. The list of resources that are being injected acts as a manifest of all of a program’s dependencies.

In 2017, I’ve added support for CloudABI to Kubernetes, an Open Source cluster management system. This work allows you to add nodes to an existing Kubernetes cluster that are capable of running CloudABI applications, as opposed to running Docker containers. Not only does this improve the security of the cluster overall, it even makes it possible to use a single Kubernetes cluster in multi-tenant environments, where applications need to be fully separated.

In this talk I will give an overview of what Kubernetes is. This will be followed by an introduction to CloudABI and an explanation of how I’ve modified Kubernetes to support CloudABI.

About Ed

Ed Schouten is an Open Source enthusiast from Eindhoven, the Netherlands. He is a developer at the FreeBSD project (since 2008) and LLVM (since 2009). Until 2012 he worked as a Site Reliability Engineer at Google in Germany. In 2012, he founded the CloudABI project, whose goal it is to improve the security and maintainability of UNIX software. In the meantime, he works for Kumina, where he’s involved in various software development projects related to Kubernetes and the Prometheus monitoring system.