Talks 2017

March 14, 2017

09:00  -  17:30

In the brave new world of Infrastructure as Code, to release confidently and frequently, we must build infrastructure as reliable as the applications running on it.

Historically it has taken days to weeks to commission a new system, several hours of manual testing and yet unreliable results still occur.

There is a better way! Using the open source tools: test-kitchen and InSpec, I will show how to build detailed and fast testing. This automated testing will ensure systems are configured as required, for the application and compliance security standards.  I will show how these tools can be run independently of Configuration Management on existing systems, and the benefits of doing so.

Topics to include:

  • Local testing
  • CDCI pipelines
  • Tools, uses and benefits.
  • Unit tests*
  • Linting tools*

*time permitting.


  • Students should have reasonable experience in using the Linux command line.
  • An understanding of the concept of infrastructure as code.
  • Students will need to provide a laptop with the ability to connect to a remote system via SSH and Microsoft RDP.

0900  -  1230

With PowerShell, Microsoft have produced a scripting environment that is usable. This workshop covers getting started and plays about with variables, types, objects and piping. what is not to like?

Ideally delegates should have the following installed on their laptops.

March 15, 2017

09:30  -  10:30


This is what winning looks like * New world of corporate involvement in FOSS * How we can help keep FOSS FO while helping the corporations embrace it

Brief Biography

In VM (aka Vicky)’s nearly 20 years in the tech. industry she has been an analyst, programmer, product manager, software engineering manager, director of software engineering, and C-level technical business and open source strategy consultant. Vicky is the winner of the Perl White Camel Award (2014) and the O’Reilly Open Source Award (2016).

Vicky occasionally blogs at {anonymous => ‘hash’}, often writes and is a moderator for, and frequently tweets at @vmbrasseur.

11:00  -  11:45

The talk we will discuss the topic of when it is best to start monitoring your products. Open source monitoring and cloud architecture make starting your monitoring that much easier and cheaper then most people think or are aware of. We will talk about why and when you may want to start monitoring, talk about the common mistakes present in many places in the industry, and we will discuss why it needs to change, and how to change it. And we will show case the ways that Icinga can help you adopt early monitoring and implementation in your work place.

11:00  -  11:45

Dump, tar and friends are reliable and well understood but could be more flexible and efficient. In a modern server infrastructure you may be backing up hundreds of physical and virtual machines. Much of the data is likely to be repeated many times. A deduplicating archiver can be used to store only the unique information.
This talk covers our experiences with the Borg Deduplicating Archiver.

12:00  -  12:45

The art and science of reconstructing a chain of events on digital systems – has for a long time been dominated by commercial software packages – EnCase, FTK, X-Ways and so on. With a small number of exceptions, when you are taught the subject, you’ll start on a Windows workstation. The argument historically had been that as you are likely to be examining a Windows device ( market prevalence of Windows in office and home environments ) familiarity with and the compatibility of the Windows based tool chain was the most logical way forward. Well, times have changed. It may or may not be the year of the Linux Desktop ( again ! ) but ChromeOS, Android, MacOS X ( now macOS ) and BSD based devices ( PS4 ) are turning up more and more often in real world cases. There are more strong tools available, more libraries to support tool development and a great justification in court for the transparency of methods used to obtain evidence. Is now the time to make the switch to Open Source?

12:00  -  12:45

Jenkins is a tool more and more businesses rely on. To build, test, and deploy code and pieces of infrastructures. But how do you automate and scale that piece of infrastructure? Automating Jenkins has been a pain in the past, but it is becoming better nowadays, with the introduction of Jenkins Pipeline and exposure of Jenkins Internal API’s.

This talk is a dive into the Jenkins world and its plugins.

14:00  -  14:45

Every once in a while, the proverbial hits the fan. There are so many ways that this can be the case that are nothing to do with the fault of the poor Systems Administrator – be it end user related or malicious 3rd party. In some really unfortunate scenarios, it may be that you’ll have to interface with Law Enforcement or external forensic analysts – this talk is about ensuring the preservation of evidence and working with those 3rd parties to enable your systems to keep working and to bring the “bad guys” to justice…

14:00  -  14:45

An overview of illumos six years later.

Just prior to Oracle closing OpenSolaris, the illumos project forked from it, and for six years has carried on the work started with OpenSolaris.

In August 2010, Garrett D’Amore and others forked OpenSolaris with the intention of reducing and eliminating its closed-source components. Unknown to them, Oracle was planning to shut off publication of the OS/Net consolidation, which included the OpenSolaris kernel & system-critical user-space. This coincidence propelled the fork, illumos, into the vehicle in which OpenSolaris could continue, albeit under a different name.

illumos is now over six years old, and its distributions continue to fulfill the promise of OpenSolaris. illumos is the reference implementation of OpenZFS and DTrace. SmartOS has continued pioneering work in zones, commonly known outside Solarish circles as containers. Both OpenIndiana and OmniOS use the Image Packaging System (IPS) in traditional deployments. OpenIndiana and XStreamOS continue work on an illumos Desktop. DilOS (Debian) and Tribblix (SVr4) use alternative packaging with illumos. Appliance distributions like
NexentaStor and Delphix use and innovate with OpenZFS to great effect.

14:45  -  15:30

The Nagios Plugin API has become a well loved standard for providing scripts that act as plugins to monitoring systems, and along with the standard plugins supplied by (formerly “Nagios Plugins” prior to legal threats from Nagios Inc) many more are available on various exchanges and on github.

Unfortunately, a noticeable portion of the runtime of some scripts is due to library load overhead because of the single shot runtime model, and many more such scripts eschew library use in favour of copypasta to avoid overhead and dependency management issues.

Both the deployment and scalability issues are solvable, however, at least for perl and CPAN.

Firstly, this talk will cover how to keep deployment simple while still being able to use CPAN modules, including:

* How to track your module use to ensure you always know not only what your dependencies are, but can reproduce the exact versions you’ve developed and tested against
* How to turn a plugin with pure perl dependencies – including the standard library Monitoring::Plugin – into a single
file that can be deployed without additional installation effort
* How to handle compiled dependencies both via easy in-tree installation to avoid touching system directories and via building system packages for global installation

Secondly, we’ll discuss the limitations of the execution model, and the issues and trade-offs involved in various approaches to a more persistent execution model. Having covered the previous solutions, and why they often don’t end up getting used, we’ll present an alternative that:

* Requires zero changes to plugin code
* Intelligently preloads modules to provide fast warming
* Shares dependency loading to minimise memory usage
* Can detect and work around broken modules automatically
* Is robust to even the most legacy or newbie perl scripting

Come along and find out how to both save yourself time by accelerating your development process, and save your systems’ CPU by accelerating your deployments. Perl experience is not expected, because it *is* expected that these techniques should apply to third party/community sourced code as well.


1445  -  15:30

The origin behind Icinga and the evolution of the product, from both the code stand point and the user experience and input, changes adaptation and adoption in the world of monitoring.

16:00  -  16:45

The oVirt Project is an open virtualization project providing a feature-rich server and desktop virtualization management platform with advanced capabilities for hosts and guests, including high availability, live migration, storage management, system scheduler, and more.

oVirt provides an integration point for several open source virtualization technologies, including kvm, libvirt, spice and oVirt node.

oVirt was launched in November 2011 as a fully open source project, based on assets from Red Hat Virtualization Manager platform. The project has an open governance model, and initial board has members from IBM, Cisco, Netapp, Red Hat and SUSE.

The session will provide an intro to the project components and features.

16:00  -  16:45

KDE is the original and best community making end-user software on Linux and other platforms. However the techniques used to deploy much of this software have not updated well with a large lag between releases and the ability of users to get hold of the software.

KDE neon is brining a revolution to the way open source delivers its software on Linux. A KDE project providing KDE software directly to our users cuts the feedback loop and allows us complete control of the experience.

Using the latest buzzword compliant devops techniques with containerised continuous integration and continuous deployment, cloud provisioning and orchestration with an active engagement through social media presence, KDE neon is updating the model of how KDE provides its software.

We will show how KDE neon is used by Plasma developers to test their latest software and their releases. We’ll show how people interested in trying KDE’s software finally have an answer to the questions of where to get up to date versions.

And you can finally find an answer to the question, KDE neon: terrible idea, or simply a huge mistake?

16:45  -  17:05

Lets Encrypt has become a much talked about system, however its recommended software hooks into a lot of different parts, and requires a lot more access than I was happy with. Take a quick look at a set of scripts and framework I created for setting up and fetching SSL keys, and secure your public sites for free with ease!

16:45  -  17:30

Our department was located in five then four buildings and moved to a new home at the start of 2016.  This talk will cover the successful relocation of all servers and core networking to a new data centre with minimal downtime, followed by the migration of the department to its new home. With over a thousand Cat 6A network outlets, dark fibre to the data centre, new VoIP phone system, comprehensive Wi-Fi coverage, and hundreds of users with desktops, laptops and a few printers all to be installed.  The builders are running late and the move is now compressed into a week at the start of January – Merry Christmas IT.  What do you do?

March 16, 2017

09:30  -  10:20

Starting an open source project is very easy, especially in the days of GitHub. Push your code and see if somebody is interested in. If you are able to gain attention and interest for you project you feel motivated and work all night long. But on the other hand, people will start complaining about open bugs, missing features and your evil or non existing website.

Believe it or not, but this will pursue you until your last user dies.

One of the most important things for a successful open source project is to treat you community well. This talk will share some experiences made during the last 6 years with Icinga. Starting with basic concepts, it deals with tools and methods helping to increase and cultivate your community. It also covers internal organisation requirements for successful community work and upcoming challenges if you strike some new paths with your project.

10:30  -  12:30

Whether you want to monitor a bunch of temperatures or check for open doors in your data center, the ESP8266 microcontroller is a very inexpensive and easy thing to get started with. In this talk we show you a few of these tiny WiFi-enabled devices, look at a few use-cases, and we’ll also demo some things with MQTT and discuss integration into your monitoring environment.

10:30  -  11:15

Is it possible there aren’t enough cats on the web? In this talk, ODI’s Peter Wells explains how a bout of lunchtime whimsy led him to create an open data register of UK government cats. He talks about the (mostly) open source tools he used to create the register and dashboard, how people can help collaboratively maintain them on the web and some of the lessons he learnt along the way. He also admits that it wasn’t all about cats and talks about how anyone can help strengthen data infrastructure.

11:45  -  12:30

When you’re testing software, you want the framework to test both individual units, as well as the whole application. However, sometimes you require external processes, such as Apache, Postgres, or other such software. Setting up a test environment to include these can be difficult – or so the case used to be. Join me for a journey to see how such a module could be created, and how you can build frameworks in perl which will test anything.

14:00  -  14:45

A talk about publishing swearwords as open data and whether the data can be used to make better decisions about swearing.

14:00  -  14:45

An old Sun SPARC Solaris home directory file server using ZFS, NFS and Samba supporting hundreds of users is replaced by three Dell Intel servers running Debian Linux.  These use LVM, ext4fs, NFS and newer Samba along with rsync transferring backup data to another Debian Linux file server with ZFS (now the official back ported version) to provide regular snapshots and storage located in another data centre. For the migration itself, rsync and automounter are your friends.


15:00  -  16:00

OpenSSH is installed on nearly every virtual machine, physical server and IoT device. OpenSSH is a critical systems administration tool, used to manage everything from the server in the shed to continent spanning collections of systems.

Logging in to OpenSSH quickly and security is normally done with keys, sometimes using strong passwords and hardware key storage but all too often left lying about on laptops.

Managing the list of keys and permissions for an organisation of more than a handful of people rapidly gets challenging, tracking who has used which key to do what even more so.

Using the CA feature of OpenSSH it is possible to remove all this complexity, and leverage OpenSSH to enforce your central policies and provide you with strong audit trails.

Would you like to be able to issue an ssh certificate that allows Joe the new engineer to only login to the systems he’s managing, only valid for a week, and stop him forwarding ports to dodge your firewall? Would you like to be able to do that without touching any of the systems he’s managing?

Would you like a way for your 2 on call engineers to login for 5 minutes to that one critical system, but only if they both agree it’s a good idea without waking you up at 3am?