Mitchell is the Co-Founder and Co-CTO of HashiCorp. He is the original creator of many of HashiCorp's tools and continues to work day to day with the product and engineering teams. Mitchell is self-described as "automation obsessed" and uses that to drive the creation of new technology solutions.
About Armon Dadgar
Armon (@armon) has a passion for distributed systems and their application to real-world problems. He is a founder and CTO of HashiCorp, where he brings distributed systems into the world of DevOps tooling. He has worked on Nomad, Vault, Terraform, Consul, and Serf at HashiCorp, and maintains the Statsite and Bloomd OSS projects as well.
Consul provides a Service Mesh solution to discover, configure and secure communication between services on any platform. This talk will introduce the new kubernetes support and show how to enable seamless service connectivity between workloads inside and outside Kubernetes.View all speakers
About Paul Banks
Paul works from rural Devon, UK in a distributed team building distributed systems. He's a Software Engineer on the Consul team at HashiCorp. He previously worked on the platform team at DBaaS Compose (IBM), and was Principal Infrastructure Engineer at DeviantArt.com. With over 10 years' experience building apps and infrastructure with open source technology, Paul loves to do work that benefits the global tech community.
A Fully Containerized Platform Based on Infrastructure as Code
During the past year the Site Operations team at eBay Classifieds Group has put massive effort into moving from locally managed infrastructure to a private cloud.
With the announcement of eBay Classified Group's new global strategy and the technology center being placed in Berlin, the engineering teams were given the challenge of developing a new and innovative plan to how we build our new product. With many challenges related to the project, one of the biggest was building a platform that was production ready in an extremely short time frame.
This talk dives into how we selected our technology stack and the decisions that went into building a stable, highly scalable platform.View all speakers
About Rick Rackow
Starting his professional career as a working student at the eBay Classifieds Group, Rick was part of a team tasked with build and release engineering as well as continuous integration pipelines for all of the eCG and in particular the teams based in Berlin. Later he joined the SiteOperations Engineering team as systems engineer, being responsible for all German classifieds platforms. Since the beginning of 2018, he is facing a new challenge to run a completely new platform, containered and scalable with an on-premise OpenStack Cloud.
Securing Autonomous Vehicles and the Humans Who Build Them
Building security into the everyday workflow of engineers is a great challenge. In order to be effective as a security engineer, you must provide frictionless security. Achieving this becomes increasingly difficult when the product that is being built is an autonomous robot. This talk will cover the measures being taken to ensure that the humans who are responsible for building and deploying autonomous vehicles can do so with built-in world-class security. Then, we'll discuss how the same systems that were built for humans, were adapted to work with robots.View all speakers
About Brian Nuszkowski
Brian is a Staff Security Engineer at Cruise Automation, where he helps in securing one of the world’s best autonomous vehicle platforms. His well-rounded engineering background affords him the ability to design and build the most challenging of systems.
From deploying your first node to scaling up your clusters to handle thousands of requests per second for your whole organization, this talk will go through some of the features that Vault offers to make this type of scaling possible.View all speakers
About Brian Kassouf
Brian is the engineering lead for HashiCorp Vault. Prior to joining HashiCorp, he lead the platform and devops teams at Imgur. Brian loves working on Open Source Software, going crabbing, and eating salsa.
About Calvin Leung Huang
Calvin’s interests revolve around DevOps, automation, and tooling. Before joining HashiCorp, he was a practitioner in most of its products including Vagrant, Packer, Terraform, and Consul. He is interested in optimizing workflows and enabling teams to work more efficiently through the use of DevOps-centric tools.
Senior Infrastructure Engineer at ActBlue Technical Services
How Terraform Will Impact the 2018 US Elections
In mid 2017, ActBlue began using Terraform to revamp its donation platform, a system which has accepted and processed over $2 Billion for political campaigns and nonprofits on the progressive left. The process began by leveraging Terraform to migrate a PCI compliant credit card vault to AWS and quickly expanded to support orchestration of the majority of the infrastructure, including non-PCI environments and a Fastly configuration. The agility, modularity, and transparency of Terraform has afforded the ActBlue DevOps team the ability to deliver more features and more responsiveness to our platform during a period of massive growth of Democratic donors, campaigns, and initiatives. This talk will cover the deep technical details of how we use Terraform, as well as how we have promoted and evangelized Terraform across technical teams.View all speakers
About Nicholas Klick
Nicholas Klick is a lead engineer at ActBlue, the largest political fundraising platform in the US. He has over 10 years experience in DevOps and building web applications that serve tens of millions of users. His most recent project was a zero-downtime migration of a $2 Billion credit card vault to AWS using Terraform and Chef.
About Dan Catlin
Dan Catlin is a DevOps professional focused on engineer-oriented release engineering, composable and secure production operations and intelligent performance and security monitoring built to empower developers and deliver highly available and secure infrastructure for modern development teams. After years in quality assurance and release engineering, focusing on building a high performance devops oriented security product, I have decided to focus my energy on applying my work to improve security for ActBlue and help a cause I truly care about while delivering high performance modern infrastructure built for security and reslience.
Lead Engineer - Digital at Target CorporationsTwitter
Nomad at Target: Scaling our Microservices Across the Public and Private Cloud
On the Transact/Fulfill team at Target, we deploy hundreds of applications across multiple cloud providers. We deploy many different flavors of applications: Microservices, Elasticsearch clusters, batch jobs, Java apps, Go apps, etc. This talk will focus on how we use Nomad to continuously deploy, scale, and manage these services - both in our datacenter and the public cloud. In this talk you will learn why we chose Nomad and how we automate our deployments using Terraform. We will also cover our need for portable applications - and how we needed to support deployments to Kubernetes and VMs. Last, we will also cover our use of other components of the HashiStack, including Consul and Vault, to support service discovery and secret management inside our Nomad cluster.View all speakers
About Suresh Krishnan
Suresh Krishnan joined Target Corporation in February 2016 as lead engineer - Digital. He is involved in the development of DevOps and Platform engineering supporting the Digital Portfolio. Prior to joining Target, he worked at Cisco Systems as an IT Architect and was instrumental in integrating AppDynamics for IT systems. Prior to Cisco Systems, he worked at Phoenix Technologies as Principal Engineer, involved in the development of the cloud based flagship product called FailSafe, an anti-theft protection to laptop computers. Additionally, Suresh worked at startup and leading silicon valley companies covering various verticals such as Finance, Security, Ecommerce, Networking, and Technology domains in software development.
About Daniel Parker
Danny Parker is a principal engineer at Target Corporation. He currently works in the digital pyramid at Target, supporting inventory and checkout systems for Target.com. His current focus is automation and deployments for 100+ microservices in Target's datacenter and in the public cloud. In his free time he enjoys playing basketball, hiking, and trying new beer.
Artisanally hand-crafting our own container hosting solutions can be a fun learning experience, but for repeatable production use, we want to deploy and manage Kubernetes clusters in a reproducible fashion. Using open source tools like Helm, Draft, Brigade, and Terraform, we can deploy and update our Kubernetes clusters via a trusted, versioned, repeatable process. We’ll discuss what containers and Kubernetes clusters are at a high level, look into the practical application of open source tools to simplify cluster management, and show you how to deploy Kubernetes clusters in a repeatable and portable fashion.View all speakers
About Bridget Kromhout
Bridget Kromhout is a Principal Cloud Developer Advocate at Microsoft. Her CS degree emphasis was in theory, but she now deals with the concrete (if 'cloud' can be considered tangible.) After 15 years as an operations engineer, she traded being on call for being on a plane. A frequent speaker and program committee member for tech conferences, she leads the devopsdays organization globally and the devops community at home in Minneapolis. She podcasts with Arrested DevOps, blogs at bridgetkromhout.com, and is active in a Twitterverse near you.
About Zachary Deptawa
Zachary is a cloud developer advocate at Microsoft with a focus on Linux (yes, really.) Before that, he’s played roles from monitoring technician to system administrator and professional services consultant to solutions architect at startups (Sprout Social, ClearDATA) and larger orgs (Rackspace, Amazon Web Services.) These days, he advocates for awesome developer and operations experiences through talks, docs, and code. In his spare time, you can find him gigging with his bands, hanging out with his family, or playing StarCraft and PUBG. He blogs at cloudywithachanceofdevops.com and can be found on Twitter telling bad puns.
HashiCorp Vault is a very powerful tool and can easily be adapted to manage SSH keys, one time passwords, and even run as a CA to sign SSH credentials. This talk will deep dive into the capabilities of Vault with respect to SSH and demo how one time passwords as well as signed SSH keys work. Vault is part of many enterprises full featured secrets management solution and provides a bridge between many layers of the stack and the information security teams. The pluggable nature of Vaults secrets engine and authentication backends make it an attractive offering for enterprises. The SSH one time password capability and the SSH key signing capabilities of Vault are two use cases that have been broadly adopted by many enterprises and this talk will discuss how that is accomplished. It will not necessarily go into the architecture of Vault, but more about building the policies, roles, and credentials associated with these two use cases. Additionally, a demonstration will be shown to provide context around how Vault and SSH can be integrated.View all speakers
About Erik Rygg
Erik R. Rygg is a senior enterprise architect at HashiCorp helping large enterprises adopt HashiCorp enterprise technologies. Erik is an Air Force veteran with 18 years experience in software development, DevOps, and Infrastructure Engineering in various capacities. He has worked at Raytheon, GE, and has also consulted for various companies. He has a Master’s Degree in Software Engineering, is a co-organizer of the Denver HashiCorp User Group and an Associate Faculty member of the Computer and Information Sciences at Regis University. Erik enjoys learning and blogging about various technologies, snowboarding on the Colorado slopes, and spending time with his family. He is an avid guitar, pedal steel, and mandolin player and loves the local Denver music and restaurant scenes.
Glooing and Sqooping Your Monolith-microservice-serverless Environment
Transitions from monolith to microservices are hard, making the absence of dedicated tooling particularly painful.
To change this situation we at Solo.io developed Gloo, a platform to hybridize (or ""glue"") monolith-microservice-serverless environments and Sqoop, a codeless graphQL server.
Gloo enables multi-architecture and multi-cloud applications, by providing a suite of features to allow “glueing” components from any cloud (AWS, Azure, Google) and any backend (microservices, Serverless, and traditional VMs) into a single user-facing API. Gloo’s extensible architecture allows it to seamlessly integrate with HashiCorp technologies, such as Consul Connect, Vault and Nomad.
Sqoop aggregates data from multiple backend sources into a single GraphQL API (with zero code written by the user).
Both projects are built on top of the Envoy proxy, and integrates out-of-the-box with other open-source projects including NATS, OpenTracing and more.
In this session, we will learn about Gloo, Sqoop and other open-source projects from Solo.io, and discover how its extensible architecture offers solutions to a broad range of use cases. Warning: lots of live demos will be shown.View all speakers
About Idit Levine
Idit Levine is the founder and CEO of solo.io, a Boston-based company that develops tools to help the enterprise adopt and make the most of innovative cloud technologies. At solo, Idit leads the development of Qloo, the codeless GraphQL Engine, Gloo, the function gateway, Squash, a platform for debugging microservices applications, and UniK, an orchestration tool for unikernels. Prior to founding solo.io, Idit was the CTO of the cloud management division at EMC and a member of its global CTO Office. Previously, Idit gained first-hand experience in many aspects of the cloud infrastructure, working for both startup and enterprise companies.
Security and Scheduling Are Not My Core Competencies, And I Bet They Aren’t Yours Either
When thinking about whether you should build something in-house or adopt a ready-made solution, it’s incredibly easy to fall into the trap of, “that’s such an easy problem, we’ll just build it ourselves.” In this talk, CircleCI CTO Rob Zuber will talk about why CircleCI has adopted Nomad and Vault to solve his team’s most challenging security and scheduling demands, while decreasing complexity and increasing throughput on the things that matter to CircleCI’s customers. In the past 6 years, CircleCI has grown from a few engineers building a CI platform for single-page web apps written in Rails and Python, to powering the delivery pipelines for tens of thousands of organizations across the globe, on infrastructure processing tens of millions of jobs per month. As CircleCI’s platform has grown, the need to focus and ruthlessly prioritize has grown with it. Rob will talk about the importance of understanding your company’s core competency and value proposition to users, and how to factor that into the build vs. adopt decision. Rob will talk about how the “not invented here syndrome” still persisted for a time even at CircleCI, and how to help your team focus on delivering differentiated value to end users.View all speakers
About Robert Zuber
Rob Zuber is a 20-year veteran of software startups, a four-time founder; and three-time CTO. Since joining CircleCI as CTO, Rob has seen the company through its $18M and $31M Series B and C rounds and delivered on product innovation at scale. During that time, Rob has grown the engineering team four-fold. He leads a global team of CircleCI engineers across 9 countries and 10 different time zones. Prior to CircleCI, Rob was the CTO and Co-founder of Distiller, a continuous integration and deployment platform for mobile applications acquired by CircleCI in 2014. Before that, he cofounded Copious an online social marketplace. Prior to Copious, Rob was the CTO and Co-founder of Yoohoot, a technology company that enabled local businesses to connect with nearby consumers, which was acquired by Appconomy in 2011. Rob holds a Bachelor’s degree in Applied Science from Queen’s University in Kingston, Ontario.
Blockchain "wallets" are used to secure the private keys that serve as the identity and ownership mechanism in blockchain ecosystems - access to a private key is equivalent to access of cryptocurrency assets. Since most blockchain ecosystems are decentralized by design (Bitcoin and Ethereum being preeminent examples,) wallets are typically designed to be local to an individual's laptop and mainly protected by the access controls to the laptop. In marked contrast, most enterprises require redundancy and shared access to resources in order to scale and provide resiliency; basically, the enterprise's operational model doesn't align with the design of most blockchain wallets. This talk and live demo will show how HashiCorp's Vault and its plugin architecture provide a framework to build wallets that can bridge this gap and connect the enterprise to blockchain.View all speakers
About Jeff Ploughman
Jeff started his professional life as a software engineer in 1986 on AT&T's NET 1000 (a TCP/IP and System V based value-added network that looks remarkably modern in retrospect.) Following that system's demise, Jeff's career trajectory traced the evolution of computer systems - developing markup-based publishing systems for ANSI X12 and early client-server Windows systems for Bell Labs' Federal Telephone System in the early 1990s, to building one of the Web's first B2C services (UPS' package tracking) in the late 90s. Staring into an empty pan following a few attempts to capitalize on the dot-com gold rush (BizBots, SummitLogic,) Jeff switched focus to cyber security (as an Architect for Enterasys Dragon IDS and Principal Engineer at Safenet) and DevOps (Security Architect) Jeff's interest in the convergence of immutable architecture and blockchain led to the founding of Immutability, LLC in 2018.
Creating a Terraform Provider for Just About Anything
Terrafom is an amazing tool that lets you define your infrastructure as code. Under the hood it's an incredibly powerful state machine that makes API requests and marshals resources. In this talk we'll dive into the inner workings of Terraform and examine all the elements of a provider — from the documentation to the test suite. You'll walk away with the knowledge of how to contribute to an existing provider or create your own from scratch. We'll also take a look at some of the things we encountered while working on the DigitalOcean provider and the lessons learned from the community.View all speakers
About Eddie Zaneski
Consensus is a fundamental problem in our distributed systems to achieve system reliability. Raft sets out to solve this problem, in a different approach then the first solution, Paxos. But how does Raft make this decisions, and why should anyone trust it? Come join us in breaking down and understanding Raft!View all speakers
About Sarah Christoff
Sarah has been virtualizing her environment since college, and has researched her way out of a VirtualBox. She is known for her outreach for Project Calico, a CNI open source project. She believes your infrastructure should be like a cat: agile and easy to take care of.
Gamma CTO and Principal at The Boston Consulting Group
A Secure, On-Demand, and Scalable Machine Learning Engine
A Secure, On-Demand, and Scalable Machine Learning Engine Production-grade machine learning is a complex problem, as addressed by companies or agencies such as Google, Uber, & DARPA have pointed out in media. What may start out as a proof-of-concept, quickly snowballs into a full-blown product, where the data was never controlled or versioned correctly, and the code base quickly becomes a series of glued components with no explicit testing. The problem is further compounded by the underlying infrastructure for training, validating, testing and outputting of the finalised model being neither scalable, repeatable or secure. BCG Gamma X has developed Source as an engine to address the elements as mentioned earlier, through the use of the HashiCorp Stack as the underlying technology to ensure that the infrastructure is always: scalable, repeatable, and secure with a zero to full deployment in roughly a few hours. Additionally, we can spin client cases up within 10-12 minutes with the appropriate resources which are completely isolated from all other casework, ensuring no sensitive data leakage between teams, clients, or personnel as well as ensuring that clients can flexibly discontinue and continue their work right where they left off.View all speakers
About Andrea Gallego
Andrea Gallego, Global GAMMA CTO and Principal of Boston Consulting Group (BCG), manages the innovation and data science product team and helps drive the vision and future of GAMMA's digital capabilities. Boston Consulting Group's GAMMA team combines innovative skills in data science, computer science, artificial intelligence, statistics, and machine learning with deep industry expertise. The team is comprised of world-class data scientists, software engineers, machine learning engineers and business consultants who specialize in leveraging advanced analytics to get breakthrough business results.
Principal Product Manager - Ansible Engine at Red Hat GitHubTwitter
Ansible and HashiCorp: Better Together
Automation tools don’t have to be competitive, great things can be achieved when you combine great tools together and collaborate. Come along and learn how Terraform users can leverage Ansible to achieve their goals of an automated enterprise through complimentary security, image management, post provisioning configuration and integrated end to end automation solutions.View all speakers
About Dylan Silva
Dylan is the Principal Product Manager for Ansible Engine at Red Hat. Starting as an early Core community member in Ansible's early days, Dylan now manages the product roadmap for the Engine. He’s a self-proclaimed Linux and OSS diehard, Gamer, and Internet geek; dare he says, technologist.
It's great to move towards DevOps and Infrastructure as code, but too often the real-world intervenes. In this session, we'll discuss how the combination of Azure and HashiCorp technology can facilitate a gradual transformation of an organization.
View all speakers
About Brendan Burns
Brendan Burns is a Distinguished Engineer at Microsoft Azure and a co-worker founder of the Kubernetes project. He has a PhD in robotics from the University of Massachusetts Amherst and a BA in computer science and studio art from Williams college.
VP & Chief Web Services Evangelist at Amazon Web Services (AWS)GitHubTwitter
Keynote by Jeff Barr, VP and Chief Evangalist for Amazon Web Services. More details coming soon.View all speakers
About Jeff Barr
Jeff joined Amazon in 2002, became the company's first web services evangelist in 2003, and founded the AWS Blog in 2004. He has written nearly 3,000 posts for the blog, maintains an active social media presence, and also records weekly AWS update videos. Jeff holds a Bachelor's degree in Computer Science and a Master's degree in Communication and Digital Media. Earlier in his career Jeff held positions at Microsoft, KnowNow, eByz, and Akopia, and was a co-founder of Visix Software. In addition to writing over 1.5 million words for the AWS Blog, Jeff wrote *Host Your Website in the Cloud* in 2010, and has served as technical reviewer for four books on web services.
Keynote by Paul Hinze, Director of Terraform at HashiCorp. More details coming soon.View all speakers
About Paul Hinze
In his career, Paul has been consistently drawn to Production: its affinity for chaos, its unforgiving nature, and ultimately its deep longing for attention. This has gotten him into trouble again and again. Once, he found himself in charge of production operations at a payments company. Later, he stumbled into the deployment process automation of a globally scaled cloud application. Nowadays Paul has embraced his true nature at HashiCorp, where he works on tools that help others who feel the same call of Production.
Join Kristin for a scenic tour of Terraform 0.12; a major milestone release which introduces some fantastic new features and a few breaking changes, and sets the foundation for exciting future enhancements to Terraform. Terraform 0.12 focuses on major Terraform language improvements, improved error messages, and Terraform Providers in the Registry. The improvements to HCL (HashiCorp Configuration Language, the syntax of Terraform configurations) include "for" expressions, conditional expression improvements, nullable arguments, an exact 1:1 mapping with JSON, and much more! Many of these changes have been requested for years, and in addition to the immediate benefits, the new HCL engine gives us much more flexibility to introduce new features in the future. Whether you are brand new to Terraform, a battle-hardened practitioner, an interested decision maker, or someone who likes talks with lots of cute cat pictures interspersed among the slides, this talk has something for you!View all speakers
About Kristin Laemmert
Kristin Laemmert is a software engineer at HashiCorp. She is the newest member of the Terraform Core team where she works on Terraform, the Terraform Registry, and a handful of Terraform Providers. She's also learning the finer points of OSS community management. (And welcomes any tips!) Kristin was at Nike for 4 years prior to that, where she worked in operations, development, and infrastructure. She used many of HashiCorp's products on a daily basis at Nike and found that HashiCorp's products and values resonated with her. She highly recommends reading the Tao of HashiCorp. When she's not staring at a monitor, Kristin can be found gaming (console and tabletop,) playing cello, and generally hanging out with her cats.
Provisioning a Multi-tenant CSP Agnostic Cloud Platform for the Federal Government
Imagine deploying a greenfield multi-tenant, CSP agnostic cloud platform using HashiCorp and other related products. Add the purpose being for a strategic federal government agency in the security sector to accelerate the mandate for components to move to the cloud. With a small team of engineers and supporting roles, such a platform was built out and the results were impressive. This included an encompassing collection of DevSecOps tools used to manage the infrastructure and deployments, including multiple members of the HashiCorp suite. The services were also available to the tenant applications greatly reducing the time and money that would be expended to deploy them as yet another variation of the stack required to operate modernized applications in the cloud. The infrastructure provisioning is end to end, starting with secure networks in a transit/spoke configuration including fully configured Cisco routers. The talk will discuss what would go into such a platform starting with the architecture, highlighting the key aspects that make it all come together. And of course, we will step into example code just enough to show the organization and design principles and showcase how the HashiCorp products can be used from the start to finish of the process.View all speakers
About Mike Augustine
Mike Augustine is currently employed by Blackstone Federal, an awesome Federal Government consulting agency in the Washington DC area, as a hands-on architect/engineer working on major cloud initiatives. He has been working in technology for many years in several disciplines including operations/infrastructure, development and various levels of technical management. Primarily private industry in verticals including online banking/billpay, healthcare, and cybersecurity. He has been in and out of consulting, occasionally in government, with this being his first direct exposure to Federal Government. Mike has always been responsible for or associated with development and infrastructure automation and enterprise/corporate tooling. He learned about the DevOps movement in its early days and made a specific career path towards it, including returning to more hands-on technical roles. His broad background and technical expertise paired with the ability to interact with people and organizations have made it an enjoyable and challenging ride to be on.
Nobody likes passwords. They are a pain to remember and complexity rules and rotation requirements can actually make security worse. Users copy annoying, hard-to-remember passwords onto sticky notes. Sometimes system passwords are stored in plain text on a wiki page or in a shared document. Credentials are often shared by multiple users, or the same username and password can be used to access multiple systems. Password management is a thorn in the side of many systems administrators. Relieve your password rotation headaches with Vault. Using built-in tools that you already have installed on your servers (Bash or Powershell), you can automatically generate secure passwords for Linux or Windows servers and store them safely in Vault.View all speakers
About Sean Carolan
Sean Carolan is a solutions engineer with HashiCorp. He lives in Austin, Texas with his wife and daughter. Sean describes himself as a 'recovering system administrator.' These days you'll find him helping other sysadmins solve technical challenges with HashiCorp products. Sean's interests include yoga, backpacking, and video games.
Nomad 0.9 - Advanced Scheduling Features, Plugins and More
This talk will introduce new features in Nomad 0.9. We will cover advanced scheduling improvements, a new plugin architecture for device and runtime driver plugins, and other enhancements in Nomad 0.9View all speakers
About Preetha Appan
Preetha Appan works on Nomad at HashiCorp. She most recently worked on scheduler internals including rescheduling and affinities. She has previously worked on various Consul features towards Consul 1.0. Before joining HashiCorp, she was an early engineer at Indeed.com where she built distributed systems for search and recommendations from the ground up.
About Michael Schurter
Michael Schurter works on Nomad at HashiCorp. He designed and implemented improved node draining logic to increase service resiliency and offer greater operator control. Whether improving address autodiscovery, adding Docker on Windows support, or testing Nomad on a 96-core ARM server, he loves making Nomad as easy as possible for users on any platform. Prior to working at HashiCorp, Michael built a batch scheduler to handle all of the data ingress, egress, and processing for a CDP startup. He has worked on distributed systems at various startups for the past ten years and has operated far too many pre-1.0 databases.
Principal Solutions Architect at HAProxy TechnologiesGitHubTwitter
Integrating Consul Connect with HAProxy
Because businesses need to deploy application everywhere and because more and more traffic is now "service to service," the demand for strong and reliable authentication and authorization is increasing. One way to meet this requirement is to build a "service mesh." The service mesh is composed by two main components:
* A Control Plane, Consul and Consul Connect, whose main role is to manage service registry and authorization / authentication
* A sidecar (HA)proxy, standing close to the application: it manages incoming and outgoing traffic and applies the policy managed by the Control Plane.
This session will introduce this new type of architecture as well as demonstrate how Consul and HAProxy can be setup together to meet the Service Mesh requirements. The speaker will explain step-by-step how authorization and authentication mechanisms are performed as well as deep dive into HAProxy / Consul integration.View all speakers
About Baptiste Assmann
I’m a solution architect working for HAProxy technologies, the company behind the Open source reverse-proxy-load-balancer HAProxy. I have 20 years of experience in High Availability and performance in web hosting and through load-balancing solutions.
Winning with Terraform Enterprise - How Ellie Mae Delivers "Everything as Code" Using Terraform Enterprise
The missing DevOps handbook for running Terraform Enterprise (TFE) with an everything as code approach. Everything you want to know about deploying, configuring, and automating TFE based on lessons learned at Ellie Mae. Follow our journey as we migrate from Jenkins to Terraform Enterprise and how we overcome challenges related to governance and security in a multi-team environment. We also discuss how we leverage the TFE API and use custom providers to create an application layer for managing promotions between workspaces.View all speakers
About Anthony Johnson
As a Principal Engineer, Anthony is responsible for dreaming and delivering big ideas. After building Ellie Mae’s Public Cloud strategy, Anthony is looking towards solving the last mile of the cloud. The last mile being the delta between what the cloud delivers and Ellie Mae's business needs. Armed with experiences in both operations and engineering, Anthony pushes the needle forward towards the future.
About Scott Winkler
Scott Winkler is a software engineer at Ellie Mae. He is an open source contributor to Terraform and has written several custom providers, with the goal of automating everything possible with Terraform. A licensed chemical engineer, he likes to see the practical applications of technology to challenge old ways of thinking. In his free time, Scott does competitive ballroom dance in both smooth and Latin styles.
10 Lessons Learned From Writing Over 300,000 Lines of Infrastructure Code
This talk is a concise masterclass on how to write infrastructure code. I’ll share key lessons from the “Infrastructure Cookbook” we developed at Gruntwork while creating and maintaining a library of over 300,000 lines of infrastructure code that’s used in production by hundreds of companies. Come and hear our war stories, laugh about all the mistakes we’ve made along the way, and learn what Terraform, Packer, Docker, and Go look like in the wild. Topics include how to design infrastructure APIs, automated tests for infrastructure code, patterns for reuse and composition, patterns for zero-downtime deployments, refactoring, namespacing, versioning, CI / CD for infrastructure code, and more.View all speakers
About Yevgeniy Brikman
Yevgeniy (Jim) Brikman is the co-founder of Gruntwork, a company that provides DevOps as a Service. He's also the author of two books published by O'Reilly Media: "Hello, Startup" and "Terraform: Up & Running." Previously, he worked as a software engineer at LinkedIn, TripAdvisor, Cisco Systems, and Thomson Financial and got his BS and Masters at Cornell University.
Conducting a Large Scale Infrastructure Migration Using Terraform
A large benefit of using Terraform is the ability to track infrastructure using code. Prior to 2017, the data engineering team at Reddit was managing all of its AWS resources using manual processes. In this talk, we outline how our use of Terraform has evolved from then to now, and how we utilized Terraform’s strengths to conduct a large scale migration across AWS regions.View all speakers
About Krishnan Chandra
Krishnan is a software engineer at Reddit, and has worked there for 2 years on the data engineering and monetization teams. Before joining Reddit, Krishnan worked on backend engineering at Optimizely and LinkedIn. He holds bachelor's degrees in computer science and math from the University of Illinois at Urbana-Champaign.
This talk will look at how Bloomberg is deploying Consul in our diverse software/hardware environment. We will cover the challenges we faced when deploying Consul into an already established network with 20,000+ nodes, different architectures, operating systems, and thousands of different machine types. Our story starts with designing for nodes that cannot run a local Consul agent due to hardware, architecture, and/or network incompatibility. We will share experiences from our 2,000+ node scale tests and what we learned from these and other deployments in our data centers. We will then talk about the new Consul ESM (External Service Monitor) to focus on how and where it can add value by solving compatibility issues. We will briefly cover Consul's exposed Raft tunables and how they may be used to add an additional layer of high availability -- without sacrificing performance -- in order to add tie-breaker nodes in a geographically distributed cluster. We will conclude our story by talking about our latest project: how we are building service discovery as a SaaS platform with Consul and the Consul-ESM.View all speakers
About Michael Stewart
Michael Stewart is a software engineer at Bloomberg, and a founding member of the Bloomberg Managed Services (BMS) team. He is focused on providing a global service discovery platform based on Consul, and has worked closely with HashiCorp on the Consul External Service Monitor (ESM) design. In addition, Michael is involved with Bloomberg's distributed leader election service and access management framework used for internal applications.
About Rangan Prabhakaran
Rangan Prabhakaran leads the Bloomberg Managed Services (BMS) team at Bloomberg, delivering a unified platform hosting “as a service” offerings for 5,000+ engineers within the company. His work provides service discovery, configuration management, access control, monitoring and alerting, deployment workflows, and self-service portals common to services at Bloomberg. Rangan also helped create the programming contest and e-learning platform, Bloomberg CodeCon, used for both on-campus contests as well as a training tool at universities across the US and Europe.
Regional Director, Solutions Engineering at HashiCorpGitHub
A Tale of Application Development for the HashiCorp Stack
A year ago, Nicolas set out on the journey of building an internal application for his team:
- Cloud Agnostic
- As zero maintenance as possible (as we're not application developers)
This talk goes through how Packer, Terraform, Consul, Vault, and Nomad allowed a non-developer to write a Ruby application, abstracting the complexity of the day to day operations, which is maintained by a globally distributed team, including:
- What is the best pattern to deploy Vault, Consul and Nomad
- How to handle secrets management, and encryption in transit
- Addressing complexities around state, and immutable - Patterns for abstracting from persistence
- Reusing existing elements to minimise time investmentsView all speakers
About Nicolas Corrarello
Nicolas Corrarello’s background includes 6+ years of Unix and Windows Server system administration roles, managing AIX/Solaris/Linux and different versions of Windows Server (2000 AS and above) systems in different companies. Nicolas also worked two years as a support engineer and instructor/examiner for Red Hat delivering RHCE/RHCA courses. As an open source enthusiast, he has more IT in his house than appliances. While he spent years doing things manually, he’s now a firm believer that the IT practice needs to evolve and rise to the challenges of current times. He’s currently lead the Solutions Engineering team for HashiCorp in Europe.
Chief Systems Architect at Deluxe EntertainmentGitHub
High Performance Content Distribution
How Deluxe is using the HashiStack to build an open and modular ecosystem for their next generation of visual effects, post-production, and content distribution services.View all speakers
About Konstantin Wilms
Konstantin Wilms is SVP Cloud and Media Architecture at Deluxe, where he leads the core platform team responsible for Deluxe One, a platform that unifies every stage of the content ecosystem in one cloud-based interface. He has over 20 years of experience in the industry, and has designed & worked on large scale deep learning, digital supply chain, content encryption, satellite distribution, OTT and broadcast delivery systems, including standards work for the ATSC and OASIS. Prior to Deluxe, he was a Principal Architect at Amazon Web Services, and has held CTO and Chief Architect roles across a number of media focused startups and enterprises.
About Abhishake Pathak
Abhishake (Abs) is a Chief Systems Architect at Deluxe Entertainment, an end-to-end media services company, where he designs and implements core platform systems. Prior, Abs has worked as a Senior Engineer at some of the largest e-commerce companies like Ticketmaster and register.com. He has a passion for distributed, peer-to-peer, egalitarian systems.
The Magic of Friendship: The Google Provider’s New Approach to Terraform
With over 100 providers under its belt, Terraform provider development has come a long way. An exciting new approach, Magic Modules, is being pioneered in the Google Cloud Platform provider, allowing new resources to be supported within hours of being launched. Come learn about the past, present, and future of the Google Cloud provider, get all the details on machine-generating the provider, and hear about the unique opportunities this opens up for the provider that we’re exploring.View all speakers
About Dana Hoffman
Dana leads a team at Google working on making Terraform as great as possible for Google Cloud Platform users. She loves how much she gets to interact with the community while still writing code, and is excited to be back at HashiConf this year.
About Paddy Carver
Paddy is an engineer on the Terraform Ecosystem team, where he works on maintaining Terraform providers, with a focus on the Google Cloud provider. He's a big fan of automation, and thinks software is about people.
Instruqt is an online learning platform for DevOps and Cloud technologies. Terraform is used extensively within the platform to provision sandboxed user environments of any type on any cloud. I will show how Terraform is used programmatically within our platform, discuss how switching to Terraform 0.12 greatly simplifies our codebase and show how you can create your own challenges to share knowledge with your peers.View all speakers
About Erik Veld
Erik is the Founder of Instruqt. While working as a consultant at Xebia, he created the game for HashiConf Europe in 2016. This eventually turned into a learning platform that focuses on building skills and experience by solving hands-on challenges. His goal is to make learning technology fun.
From Physical Hosts/DCs to Containers with Consul and Connect
Criteo is a large actor in the advertisement Retargeting Business. We run our business with large datacenters with Consul for almost 3 years with more than 22k nodes, up to 2.5M requests/sec and 100Pb. Historically running only on bare-metal hosts, we are moving our workloads to Containers, Consul provide the Gateway for all our systems running Windows, Linux, containers and cloud systems. Consul is the keystone of our infrastructure: it acquires locks when needed and provide all discovery using both DNS and advanced libraries. We will show how Consul allow us to provision our load balancers (F5 / HaProxy), and configure our libraries to perform CSLB (Client Side Load Balancing) (C# and Scala). Since all of our apps are very sensible to latency, we try to avoid as much as possible proxies and are using full mesh connections between our applications. We developed lots of CSLB libraries with various algorithms and use it from C# and Scala. We will see how we manage having different kind of hosts (containers and bare-metal servers) and how Connect (with a few evolutions) will help us bringing new kind of workloads to our infrastructure.View all speakers
About Pierre Souchay
Initially coming from development (C/C++/Java), Pierra founded an Audio/Video Encoder company (Vizionr.) He became bored by MPEG standards and optimizations and became the software architect of a French public Cloud Company, revamping security and creating public APIs and modern UIs. Interested with Scalability, he then joined Criteo to work on Software Architecture, then switched to DevOps operating more than 15k hosts and finally created a Discovery Team to scale up Consul and virtualize Datacenters
Singularity Containers for Enterprise Performance Computing (EPC)
Software containers continue to evolve at a rapid pace. Two distinct classes of open source container solution have appeared - one that chiefly supports microservices, and one that also supports batch, interactive, and multi-user environments for use cases such as HPC, modelling, and machine learning. In the latter class, Singularity has emerged as the leading solution, with a strong and vibrant open source community of users and contributors. At runtime, Singularity blurs the lines between the container and the host system allowing users to read and write persistent data and leverage hardware like GPUs and Infiniband with ease. The Singularity security model is also unique among container solutions. This talk will examine why there are two classes of container solutions and present the features of Singularity that make it the preferred solution for non-microservice workloads.View all speakers
About Eduardo Arango
Eduardo Arango is a software engineer at Sylabs Inc. Currently a PhD student at Universidad del Valle, Colombia, on Cloud computing architecture. His areas of research are High Performance Computing, linux containers, Distributed Systems, and cloud computing. Eduardo is also part of Sylabs' SingularityOSS project, working on OCI compliance, Kubernetes application development, and the Singularity 3.0 release.
Preventing Security Incidents By Automating Policy Optimization
An ounce of prevention is worth a pound of cure, and the NIST Cybersecurity Framework encourages us to Protect before we detect and respond. For modern infrastructure, making sure that ACL policies aren't too permissive is an important way to reduce the attack surface of a system. But care must be taken not to revoke required privileges, and policy optimization remains a labor-intensive and risky activity. In this talk, Jon and Robbie will discuss an approach HashiCorp Research has been developing, that helps operators discover safe policy optimizations in an automated manner.View all speakers
About Robbie McKinstry
Robbie is HashiCorp's first research engineer. Robbie held various research and engineering positions while studying Computer Science at the University of Pittsburgh, and now works at their intersection on the Research Team. His research interests include program synthesis, language theory, and compiler design. Robbie is also passionately involved in computer science education.
About Jon Currey
Jon leads HashiCorp's research initiatives, with the mandate to impact our open source tools and enterprise products, while contributing back to the community with novel work and pragmatic whitepapers. Prior to HashiCorp, Jon conducted research at Microsoft Research, Samsung Research, and Nortel. He has shipped production systems at Apple, Oracle and several startups.
Scalable Continuous Integration with Nomad and Docker
Between traditional options like Jenkins and hosted offerings like Buildkite and TravisCI, developers have many choices for running tests and building artifacts. However, if you’re dealing with larger repositories, monorepos, or sensitive information like PHI, many popular choices are off the table. Learn how we build and test thousands of targets on our distributed, scalable, maintainable, and extremely fast CI system built on Nomad’s batch scheduler. We’ll talk about why we chose Nomad, and how we use Docker to achieve near-instantaneous job startup even with our multi-gigabyte repository.View all speakers
About Wyatt Anderson
Wyatt is a software engineer at Oscar, a health insurance startup in New York City. Wyatt leads a team responsible for various parts of Oscar's product stack, including authentication, web application delivery and deployment, and their continuous delivery pipeline.
Featured Keynote by Seth Vargo, Developer Advocate at Google. More details coming soon.View all speakers
About Seth Vargo
Seth Vargo is a developer advocate at Google. Previously he worked at HashiCorp, Chef Software, CustomInk, and a few Pittsburgh-based startups. He is the author of *Learning Chef* and is passionate about reducing inequality in technology. When he is not writing, working on open source, teaching, or speaking at conferences, Seth enjoys spending time with his friends and advising non-profits.