Cloud Foundry / Cloud Foundry Summit Europe 2018

From Commercial to Open Source Cloud Foundry in the Enterprise - Rachael Wonnacott, Fidelity
International

Fidelity’s PaaS supports business critical applications such as retail websites and trading systems, while offering a six-9s SLA across both the UK and Asia. A key driver in their cloud strategy has always been to deliver features to developers in a cost effective way. The transition to using open source Cloud Foundry has afforded Fidelity the autonomy to tailor releases to meet the rising demand from developers. Fidelity would like to share their experience focusing on the deployment and migration decisions (running two CFs in parallel, migrating applications with zero down-time, and the benefits of a single deployment mechanism). In addition, to explore the ongoing implications for the globally distributed PaaS team who operate it (increased responsibility, utilisation of the open-source community, and the change in workload) and ask - 'Is the platform sustainable?'

https://cfseu18.sched.com/event/FRzD/from-commercial-to-open-source-cloud-foundry-in-the-enterprise-rachael-wonnacott-fidelity-international

Much like in technology, the fly fishing community is growing. Though despite some success, the sport is still struggling to encourage more diversity on the water. In this talk, Steve relates the challenges faced by the fly fishing industry with our own challenges in Cloud Foundry. He discussions common barriers of entry and steps we can all take to help build a more inclusive community.

The Orvis video is available to watch here: https://www.youtube.com/watch?v=yQHJ-mJlR04

#automateALLtheTHINGS: From Ops Manager GUI to Automating Deployments and Reporting with Concourse - Onno Brouwer, Rijkswaterstaat

In this session Onno will share the experiences and lessons learned from operating PCF since its initial deployment in December 2015. He will show you how the Operations Team changed its mode of operation from manually performing upgrades using the Ops Manager GUI into fully automated upgrades incorporating the PCF and BBR pipelines. But keeping the platform up to date is only half the story. Onno moves on to show how they keep themselves and their customers informed about the state of the platform and its applications.

https://cfseu18.sched.com/event/FRzG/automateallthethings-from-ops-manager-gui-to-automating-deployments-and-reporting-with-concourse-onno-brouwer-rijkswaterstaat

10 Ways to Build BOSH Releases Fast - Dr Nic Williams, Stark & Wayne

In 2018 there are now 10 great ways you can build, test and ship BOSH releases very quickly. We'll tackle some great ideas around distributing compiled releases, 5-minute CI pipelines, and using Debian packages and Docker images. Plus more!

My goal is to encourage you to package and deploy all your in-house bespoke systems with BOSH and to love it!

https://cfseu18.sched.com/event/FRys/10-ways-to-build-bosh-releases-fast-dr-nic-williams-stark-wayne

A New Go-Based CLI for Managing UAA - Jennifer Hamon, Pivotal

Join UAA Anchor Jennifer Hamon to learn how you can get up-and-running with the new go-based CLI for UAA. Platform operators and application developers of all levels will leave this talk knowing how manage UAA resources including Users, Groups, Memberships, Identity Zones, and Identity Providers. We will also learn to create and test OAuth2 client configurations and discuss common troubleshooting scenarios. Long-suffering users of the old Ruby-based uaac will be excited to see how we've incorporated user feedback and design thinking into this new cross-platform tool.

https://cfseu18.sched.com/event/GATs/a-new-go-based-cli-for-managing-uaa-jennifer-hamon-pivotal

ARMing Cloud Foundry - Christiaan Roeleveld & Ruurd Keizer, ITQ

In this session, we will show Cloud Foundry running on ARM CPUs. At CF Summit North America we showed CF workloads running on Raspberry PI. After this first successful demo we'll now show CF running on enterprise ARM hardware and discuss the business case for ARM.

https://cfseu18.sched.com/event/FWP4/arming-cloud-foundry-christiaan-roeleveld-ruurd-keizer-itq

Active-Active Redis Databases Across Geo-Distributed Cloud Foundry Foundations - Adi Foulger & Cassie Zimmerman, Redis Labs

When looking at business-critical workloads, where downtime represents either massive business impact or a potentially mission-ending event, then high-availability of data services becomes a key business differentiator. High availability is not only about the ability to recover gracefully from an incident, but also the ability to maintain lower local latencies to application users and achieving strong eventual consistency for your geo-distributed data-service. A highly-available, well-integrated and secure data service that can cover a variety of use cases for different applications, is a key benefit to platform and or business owners.

The Redis Enterprise Bosh release for Cloud Foundry platform gives developers a turn-key solution to set up a globally distributed Redis clusters that will handle replication and consistency automatically, using advanced Conflict-Free Resolution Data Type technology (CRDBs).

In this talk, we will cover:

Use cases that require an Active-Active database

Set-up of geo-distributed Redis clusters across Cloud Foundry foundations
Benefits to global application development and operation teams

https://cfseu18.sched.com/event/GATa/active-active-redis-databases-across-geo-distributed-cloud-foundry-foundations-adi-foulger-cassie-zimmerman-redis-labs

Administering Cloud Foundry in the Enterprise: Roles, Needs and Goals - Lucinio Santos & Carl Swanson, IBM

This agile design-thinking workshop aims at understanding the roles, goals and needs of Cloud Foundry administrators in the enterprise. Participants jointly will model the Cloud Foundry administrative roles, along with the tasks, motivations, and obstacles currently experienced by those roles. The focus is on the enterprise and the dimensions around access control, isolation, scaling, updating, monitoring, and capacity management. This is a participatory exercise where attendants get to express, discuss, prioritize and synthesize through design-thinking methods. The discussion and outcomes will give the Cloud Foundry community a better understanding of the administration needs of enterprises, and of design thinking concepts.

https://cfseu18.sched.com/event/FRyW/administering-cloud-foundry-in-the-enterprise-roles-needs-and-goals-lucinio-santos-carl-swanson-ibm

Aiming for Production Ready K8s Clusters with CFCR - Morena De Liddo & Bengt Gadelha Hammarlund, Pivotal

Kubernetes offers an extensive set of features that can provide for different purposes, ranging from test deployments on localhost to deployments with heavy ML computations on GPUs. It can get overwhelming to figure out the specific features, or combinations of features, which may be needed for making a secure and resilient service. CFCR is an open source wrapper around Kubernetes that provides an opinionated K8S deployment, leveraging BOSH functionalities like scaling and self-healing. It offers a subset of Kubernetes features enriched by some functionalities of BOSH, and facilitates an easy learning curve. In this talk, we intend to explore what can make a K8s cluster ‘production ready’ for different business and how CFCR helps reduce the complexity of spinning a K8s cluster and surface only the most commonly used features.

https://cfseu18.sched.com/event/GATJ/aiming-for-production-ready-k8s-clusters-with-cfcr-morena-de-liddo-bengt-gadelha-hammarlund-pivotal

App-AutoScaler: A Production Ready Cloud Foundry Service to Autoscale Your Cloud Native Applications - Ying Liu, IBM & Rohit Sharma, SAP

Do you want to keep your application healthy no matter how the load changes? Do you want to just pay for the instances that you need? If you do, then App-Autoscaler will be your right choice.

The app Auto-Scaler is a Cloud Foundry extension (part of the Extensions PMC) project that automatically scales Cloud Foundry applications based on load. After two years of incubation, it has achieved a major milestone that we think it is ready for production.

In this talk, the project leads will introduce the key features that the service supports, and demonstrate how to use the command line tool to manage the scaling policies, monitoring the app performance, and query the scaling history. The second part of the talk will address the deployment aspect of the service, including BOSH release, pipeline automation using Concourse CI, and the efforts to containerize the service components so that it can be easily deployed on Kubernetes. The last part will share the current two production deployments in SAP cloud and IBM Cloud Enterprise Environment, as well as the feedback team gets and new features that is coming in the near future.

https://cfseu18.sched.com/event/FRym/app-autoscaler-a-production-ready-cloud-foundry-service-to-autoscale-your-cloud-native-applications-ying-liu-ibm-rohit-sharma-sap

Autoscaler - Bring Your Own Metrics - Tanmoy Pal, SAP Labs India

Autoscaler (https://github.com/cloudfoundry-incubator/app-autoscaler) helps Cloud Foundry application developers to scale up or down applications horizontally by specifying policy on the consumption pattern of standard container metrics i.e. memory, throughput and response time. The scale up or down of an application is triggered when the crucial application resources are exhausted or under-utilised. For applications running on production, it is not enough to scale them based on only these few standard metrics. For example, an application consuming messages from a message queue (RabbitMQ) needs to scale up when the application is not able to consume enough messages from the queue at a fast-enough rate. Therefore, rather than standard metrics, in this case, queue length should be the decisive metrics for scaling.

The goal of this proposal is to propose the capability to application developers to scale their applications based on custom metrics. This session will demonstrate how an application can emit custom metrics that can be read and understood by autoscaler and used to trigger (auto) scaling when needed.

https://cfseu18.sched.com/event/GATz/autoscaler-bring-your-own-metrics-tanmoy-pal-sap-labs-india

Autoupgrade BOSH Packages - Oleksandr Slynko & Akshay Mankar, Pivotal

Keeping Bosh release update is hard. It requires constant following the next releases and testing. Cloud Foundry Container Runtime struggled with it, but then worked on automatic bumping packages. In this talk, Oleksandr will tell how is it implemented, what are benefits and risks and how the team fixes deprecations without spending too much time on upgrades.

https://cfseu18.sched.com/event/FRyK/autoupgrade-bosh-packages-oleksandr-slynko-akshay-mankar-pivotal

BOSH & Kube - Dr. Max, IBM

Creating a BOSH Cloud Provider Interface (CPI) for Kubernetes (Kube) presents a unique challenge since Kubernetes does not try to hide underlying node updates, unlike a typical IaaS like GCP where VMs are transparently migrated between hosts. While it’s relatively easy to map BOSH concepts to Kube and get a CPI that deploys BOSH releases, BOSH has to behave similarly to the Kube Deployment controller and manage Pd Disruption Budgets (PDBs) in order to automatically maintain expected workload uptime.

In this CPI we have solved these issues by taking advantage of existing Kubernetes primitives and connecting them to existing BOSH workflows. Additionally, as we tested the CPI we have also identified places where we can improve aspects of BOSH – e.g., speed and parallelism of resurrection – which as a whole will improve the BOSH toolset on any platform.

In this talk we will present our incubating project and do live demos using it to deploy / update / and use the latest CloudFoundry Application Runtime as well as other releases on Kube clusters. Secondly, we will discuss preliminary results using the CPI on public Kube offerings such as IBM Cloud, GCP, Azure. Finally, we will briefly discuss our development roadmap.

https://cfseu18.sched.com/event/GATe/bosh-kube-dr-max-ibm

BOSH Links: Bringing Foundations Closer - Gaurab Dey & Bozhidar Lenchov, Pivotal

Bringing up foundations using BOSH is getting easier, which is allowing you to create more and more foundations. But allowing these foundations to talk to each other if they are not under the same BOSH director is really difficult.

Don't worry, Links API is here to help you out! It will allow you as an operator to create links without the need for a separate consumer deployment on the same director. Now your deployments can talk to each other even if they are not under the same director!

One application of this will allow service brokers to talk to different directors and create custom links on-the-fly (corresponding to new service instances). These services can then be used by external consumers not managed through a BOSH deployment.

Furthermore, improvements to links allow operators to define them right in the manifest (outside of the release spec), saving time, complexity and effort. The links concept is also expanding to include consumption of generated variables through links, as well as allowing variables to consume links. To learn more or if you have questions, come check out our talk!

https://cfseu18.sched.com/event/FRyU/bosh-links-bringing-foundations-closer-gaurab-dey-bozhidar-lenchov-pivotal

BOSH UI - Thinh Nguyen & Akshaya Khare, Dell EMC

Bosh has been utilized as a deployment and lifecycle management tool for VMs in datacenter. However, the learning curve for Bosh can be high as there is no friendly way of setting up Bosh for IaaS(es) in the open source community. Currently, we use command line to setup Bosh. Therefore, we experimentally built a UI for Bosh and proposed a model for entry level deployment of Bosh director from a laptop hooking to a datacenter. Using this UI, as long as your laptop is connected to an IaaS network, you can set up Bosh Director easily with friendly interfaces.

https://cfseu18.sched.com/event/FRyb/bosh-ui-thinh-nguyen-akshaya-khare-dell-emc

BPM + Cloud Foundry One Year On - James Myers & Aram Price, Pivotal

Since BPM debuted last year, nearly all of the release in cf-deployment are converting to use BPM, and v1.0 is available. This talk will discuss BPM’s evolution over the past year, why you should convert your release to use BPM, and some cases where BPM might not (yet) make sense. James and Aram will discuss some of the challenges and tradeoffs of adapting BPM for the releases which have been able to adopt it. They will also discuss where we might go in the future so that we more BOSH releases can adopt BPM.

This talk will also look at what future benefits BPM enables for the release-author community. Examples we hope to cover:
- BPM’s declarative config which enables static analysis of job-process requirements, and could be transliterated into other container scheduling platform formats (ex: K8s pod spec).
- Bring consistency to the Operator job-process debugging experience.

https://cfseu18.sched.com/event/GEWK/bpm-cloud-foundry-one-year-on-james-myers-aram-price-pivotal

Blockhead Service Broker - An Open Service Broker to Manage Blockchain Applications on Cloud Foundry - Nima Kaviani & Morgan Bauer, IBM

The winners of the 2018 CF Summit Boston Hackathon are back discussing the details of their winning hackathon project - the BlockHead broker. BlockHead is a dedicated service broker developed based on the Open Service Broker (OSB) API that allows for the creation and deployment of smart contracts through creation and binding of services in Cloud Foundry. Developing smart contracts is difficult. The numerous steps of having to spin up a dedicated node, creating an account, compiling the smart contract, deploying the contract, and then binding to the contract through the generated interface make it hard for the average developer to easily build and test their distributed blockchain apps (dApps). We will demonstrate how the use of the BlockHead broker significantly facilitates the process of deploying and binding to smart contracts and helps developers focus on developing their web applications. Through integration with PaaS platforms such as Kubernetes and Cloud Foundry, developers can benefit from all the great features of a PaaS platform, including scalability promises , resiliency, etc.

https://cfseu18.sched.com/event/FRyj/blockhead-service-broker-an-open-service-broker-to-manage-blockchain-applications-on-cloud-foundry-nima-kaviani-morgan-bauer-ibm

Bridging Traditional and Cloud World with OSBAPI - Matthias Winzeler & Boban Glisovic, Swisscom

Most big companies have invested enormous amounts of time and money in enterprise-scale services during the last decades. Databases, connectivity systems and storage solutions have reached a stability and maturity that is at the heart of mission-critical IT.

CloudFoundry has brought agility and to the Application tier.
However, interacting with the 'legacy' services that are required for mission-critical applications is often a hard, manual interaction.

To lay bare the potential of these valuable services, companies must bring them to 21st century and make them consumable and manageable in a self-service manner.

The OSBAPI is an ideal technical approach to bridge this gap.
Born within CloudFoundry, it is now being adopted as an open standard by different platforms.

Swisscom decided to not only use OSBAPI for its CloudFoundry offering but to build a marketplace that is used for all kind of consumers, from IaaS to on-premise workload. The marketplace offers access to various types of services such as databases, storage, and connectivity.

Boban and Matthias tell you about the challenges, obstacles and joys of bridging the old and the new world - which are very often not only technical, but also cultural.

https://cfseu18.sched.com/event/GATO/bridging-traditional-and-cloud-world-with-osbapi-matthias-winzeler-boban-glisovic-swisscom

Building Maintainable, Observable Applications on Serverless Architecture - Park Kittipatkul, SignalFx

Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all.

However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda and the soon-to-be-released Pivotal Function Service poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Longer function invocation times (referred to as cold starts) become very important to track, because they impact the response time of the service and will impose additional cost. Additionally, the transition to smaller individual components (much like breaking a monolithic application into microservices) results in a simpler deployment model, but makes the system as a whole increasingly complex.

In this talk, Park will discuss patterns and best practices around architecting and implementing code in serverless environments, specifically around how to build maintainable serverless code and minimize the occurrence of cold starts. Additionally, he will cover how to properly instrument applications and supporting services so that your systems remain easily observable.

https://cfseu18.sched.com/event/FRyH/building-maintainable-observable-applications-on-serverless-architecture-park-kittipatkul-signalfx

Buildpacks Can Be Better - Stephen Levine & Tyler Phelan, Pivotal

Wouldn't it be great if buildpacks were faster, more flexible, and more transparent -- but just as easy to use? This talk will detail the next generation buildpack API and the future of the buildpack model. Pivotal and Heroku are collaborating on a new buildpack API to serve as the model for buildpack-based platforms. Exciting new features include layer caching, surgical droplet updates, stack management, dependency management, and other improvements to speed up build times and offer a better experience to app developers.

https://cfseu18.sched.com/event/FRyB/buildpacks-can-be-better-stephen-levine-tyler-phelan-pivotal

CF + CNI: How to Integrate Your Own Networking Solution - Angela Chin, Pivotal

With the adoption of Container Networking Interface (CNI) into Cloud Foundry, it has become easier for third party networking plugins to integrate. CNI provides an abstraction between container runtimes and networking plugins, meaning that any plugin that abides by the CNI specification should be able to be swapped in place of the “batteries-included” option of Silk.

However, the reality is far more complex. Most networking plugins introduce network policy and other SDN features which are controlled by long-running daemons that must be packaged as BOSH jobs. Third party plugins must also respect existing Cloud Foundry networking concepts-- Application Security Groups (ASGs) and Container to Container Networking. In this talk, we will go over both how to package your plugin as a BOSH release and highlight several integration points for respecting existing networking in Cloud Foundry.

https://cfseu18.sched.com/event/FRyr/cf-cni-how-to-integrate-your-own-networking-solution-angela-chin-pivotal

CF Container Networking: There’s No Place Like 127.0.0.1 - Amelia Downs & Christian Ang, Pivotal

The CF Container Networking team has been up to a lot in the past year. In this talk, two engineers from the CF Container Networking team will walk through how the product has evolved and matured to provide a better experience for operators and app developers.

Polyglot service discovery, which was demoed in its early stages last year, is now GA. Operators can deploy an Envoy as a sidecar on every application instance, creating a service mesh. And changes to the application security groups (ASGs) through dynamic egress makes it simpler for operators to secure their platform.

See it how these new features work through demonstrations and learn about where the CF Container Networking team plans to go next.

https://cfseu18.sched.com/event/FRyL/cf-container-networking-theres-no-place-like-127001-amelia-downs-christian-ang-pivotal

Central Service Broker Management and Service Instance Sharing Across Cloud Foundry and Kubernetes - Florian Müller, SAP SE

The Open Service Broker API sets the standard for how a single instance of Cloud Foundry, Kubernetes, and other platforms create services instances and bind those instances to applications. But managing which services are available across multiple instances of those platforms is a challenge when there are hundreds of potential services that need to be managed across thousands of platform instances.

Another challenge is managing service instances across those platforms. There are several use cases where a service instance created within one platform must also be accessible within another platform. For example, a database instance created initially by a Cloud Foundry application must be accessible by a Kubernetes application.

In this talk we present the Service Manager, a central component to manage service brokers and service instances across many platforms and different types of platforms. The OSB API enables this component to work without any platform changes and support for the native platform tools.

https://cfseu18.sched.com/event/FRyh/central-service-broker-management-and-service-instance-sharing-across-cloud-foundry-and-kubernetes-florian-muller-sap-se

Changing the Tires at 100mph: How CF Enabled Us to Swap Development Languages Without Missing a Beat - Anouska Streets, Fiserv

We’ve all heard the microservices hype: how small independent polyglot services enable rapid and sustainable delivery of digital products and business value; how architectural and technological decisions previously baked into an application can now be deferred and changed with ease; and how Cloud Foundry is the optimised, opinionated platform for operating those services in production on Day Two and beyond. But what happens when Day Two comes and you need to migrate all of your existing services from one language and framework to another, without impacting production operations?

Join Anouska Streets as she discusses the highs and lows, trials and tribulations she faced when her FinKit Engineering team migrated their entire running microservice-based system from one language to another, with the business demanding zero downtime, and zero impact to either the client services running on the platform or the end consumers of those services. She’ll describe the patterns and approaches they used for this migration, the challenges they faced, and the techniques they used to overcome them. Did they manage it? Join us to find out!

https://cfseu18.sched.com/event/FRzE/changing-the-tires-at-100mph-how-cf-enabled-us-to-swap-development-languages-without-missing-a-beat-anouska-streets-fiserv

Cloud Foundry Security Needs The Community - Dan Jahner, Pivotal

Linus's Law applied to security could read "given enough eyeballs, all security vulnerabilities are discoverable."

This session will focus on how the community can get involved in security testing to make Cloud Foundry more secure. Dan will explain how to responsibly disclosure security vulnerabilities found in Cloud Foundry and what the triage process looks like once you have submitted a report. He will then discuss some historical vulnerabilities and general security testing concepts to get you jump started on security testing.

https://cfseu18.sched.com/event/FRz4/cloud-foundry-security-needs-the-community-dan-jahner-pivotal

Cloud Foundry and Kubernetes - Side-by-Side Comparison of the Developer and Deployer Experience - Matthias Haeussler, NovaTec Consulting GmbH

The decision "Bring your own code vs. Bring your own container" is one a lot of developers will face when deciding to deploy their code to the cloud.
Kubernetes and Cloud Foundry are very popular options to deploy and run Spring Boot Microservices successfully by providing the 2 approaches.

But what does it really take to get your application and required backend services up and running successfully on either platform?
How many configuration steps are required and where are the hidden pitfalls? How easy do you scale, recover from failure or update the application without downtime?
What kind of a difference does the abstraction layer application vs. container really mean?

In my role as Cloud consultant and university lecturer for distributed systems I come across these topics a lot and want to share my experience with this talk.
I will analyse the differences between the two platforms as seen from a developer's perspective from getting started to running successfully. The talk includes a live demo of those steps.

https://cfseu18.sched.com/event/FRyJ/cloud-foundry-and-kubernetes-side-by-side-comparison-of-the-developer-and-deployer-experience-matthias-haeussler-novatec-consulting-gmbh

Cluster Health for Application Health – Monitoring the Cloud Foundry Infrastructure - Johannes Bräuer, Dynatrace

You are wondering why applications slow down although app monitoring shows no issues? Then it is worth investigating Cloud Foundry infrastructure components such as Gorouters and Auctioneers that route traffic and balance the load on VMs, respectively. Being aware of bottlenecks regarding these components leverages your capabilities in properly scaling your Cloud Foundry cluster. Consequently, a well-provisioned environment ensures the health that is required to optimize your applications.

This talk explores how monitoring can be made a platform feature that helps you to observe application health on the one hand but is also a mean to understand the well-being of the underlaying Cloud Foundry components on the other hand. A deep dive will be given in detecting component anomalies, which hit the applications’ response time and availability.

https://cfseu18.sched.com/event/FRz1/cluster-health-for-application-health-monitoring-the-cloud-foundry-infrastructure-johannes-brauer-dynatrace

Deploy my Application Across Multiple CF with Persistent Data - Vick Kelkar, Redis Labs

We have geo-distributed teams; each using a local [P]CF
We have an internal application that needs to sync persistent data between CFs.
Two ways to solve this problem
We could have setup a GeoDNS based solution for CF, sync blobs, VPN etc
We chose to go with an active-active redis replication solution for our needs
We used a bosh-release of redis-enterprise in each CF
Setup a geo-distributed redis cluster that takes care of replication and consistency using CRDB

So app-developers do a blue-green deploy of their app to both cloud-foundries and the redis-active-active cluster takes care of application persistent data with CRDB.

https://cfseu18.sched.com/event/FRyg/deploy-my-application-across-multiple-cf-with-persistent-data-vick-kelkar-redis-labs

DevX with Application Runtime (CF) and Container Runtime (K8s) - Neven Cvetkovic, Pivotal

What's the difference between these platforms, what do they have in common, and what does working with each of them look like from a developer perspective? Landing your code on the right platform will determine the quality of your developer experience. It's important, therefore, to understand what kinds of workloads are most suitable for each, the level of effort required to work with them, and what each platform does for you.

Do you let buildpacks create containers for you, or do you build your own? How much YAML do you need to author and maintain? What kind of security can your application expect from the platform?

You'll leave this session with a clear understanding of what two platforms do for developers.

https://cfseu18.sched.com/event/FRyT/devx-with-application-runtime-cf-and-container-runtime-k8s-neven-cvetkovic-pivotal

Digital Empathy - Panagiotis Xynos, Engineer Better

Developing in pairs is sometimes more difficult than debugging a thousand lines of assembly code with an old DOS console. Each one of us comes with baggage, full of emotions and experiences that we can all too easily offload on to our pair.

It doesn’t have to be that difficult. Simple rules and habits can make our pairing experience easier. Everyone knows the term “Communication is the key”, but that doesn’t mean we know how to actually communicate. Body language can make a huge difference. Distance too. Everyone has their own parameters. Panagiotis shares his experiences transitioning from a non-agile world to an agile one.

This non-technical talk is aimed at developers and those who work with them.

Panagiotis assumes that the audience has at least one pair programming experience, or is planning to try pairing soon, and a sense of humour.

https://cfseu18.sched.com/event/FWP8/digital-empathy-panagiotis-xynos-engineer-better

Diversity Luncheon: Chasing Grace Project Screening & Discussion - Jennifer Cloer, Executive Director, The Chasing Grace Project

Eighty Twenty: The Gender Pay Gap Exposed

The gender pay gap can lead to $1 million in lost wages over the course of a woman’s career, not to mention a profound emotional deficit brought on by the feeling one is always chasing something she cannot attain. Join us at the Diversity Luncheon to watch Episode One of The Chasing Grace Project, written and directed by Jennifer Cloer, co-founder of Wicked Flicks Productions, over a delicious meal. Episode One: Eighty Twenty explores the impact of the gender pay gap on women in tech, and documents how women find ways to charge ahead in order to sustain successful careers. Following the episode will be a panel moderated by Jennifer Cloer with women in the community. The audience will be given the opportunity to participate as well.

https://cfseu18.sched.com/event/Fwua/diversity-luncheon-chasing-grace-project-screening-discussion-jennifer-cloer-executive-director-the-chasing-grace-project

Eating Our Own Chocolate: the Swisscom Internal Application Cloud – Fabian Hoffschröer & Roman Bachmann, Swisscom

This presentation aims to share Swisscom's experiences in using Cloud Foundry internally as well as provide proven practices, share solutions to common problems and expose pitfalls to other members of the community who are interested in operating a Cloud Foundry based PaaS platform in their company or enterprise. Cloud Foundry service providers and users will learn how a cloud transformation can be achieved and what ecosystem components can help to facilitate this process.

https://cfseu18.sched.com/event/FW2J/eating-our-own-chocolate-the-swisscom-internal-application-cloud-fabian-hoffschroer-roman-bachmann-swisscom

Experience Report - How to Make a Legacy Java EE Application Cloud-Ready Using Community Buildpacks and Cloud Foundry - Matthias Haeussler & Thosten Jakoby, NovaTec Consulting GmbH

Many clients face the challenge of modernizing their IT landscape to make it runnable on and benefit from cloud platforms.

But how do you approach if you need to migrate a large and complex Java enterprise application? Especially, if the application processes several millions of request every day and serves over a million users?

This talk shows the Cloud migration journey from an originally WebSphere-based Java EE application. Intermediate steps involved evaluation of various approach options, levering the Cloud Foundry Liberty buildpack and finally successful deployment on Cloud Foundry.

https://cfseu18.sched.com/event/FXnk/experience-report-how-to-make-a-legacy-java-ee-application-cloud-ready-using-community-buildpacks-and-cloud-foundry-matthias-haeussler-thosten-jakoby-novatec-consulting-gmbh

Face Your X.509 Fears: Automating Certificate Rotation for Cloud Foundry - Iryna Shustava, Pivotal

As Cloud Foundry achieves its goal to be secure by default, the number of certificates and certificate authorities an operator needs to worry about increases. This introduces a burden for Cloud Foundry operators to manage those certificates and monitor their lifespan. In the past year there have been significant improvements to credential management with tools like CredHub, which make generating and storing deployment credentials very easy. The next step is to address credential rotation.

What to do if your certificates expire in two days? If you have ever rotated Cloud Foundry certificates, you know that it is hard, error-prone and can result in downtime.

This talk will explore how to streamline this process with Concourse, BOSH, and CredHub. We will show a real Concourse pipeline that rotates all certificates with zero application downtime.

https://cfseu18.sched.com/event/Gorr/face-your-x509-fears-automating-certificate-rotation-for-cloud-foundry-iryna-shustava-pivotal

From Outages to SLOs: Focusing on BOSH Performance - Marco Voelz, SAP SE

The advent of on-demand service brokers made your customers rely on BOSH for every 'cf create-service'. Therefore, the expectations to BOSH's performance and availability have increased almost as dramatically as the number of deployments it has to manage.

Triggered by concrete issues in our production environment, the BOSH Europe team has been benchmarking, testing, and improving BOSH performance at scale over the last months. We're now moving more towards testing proactively for performance and will ideally end up at defining SLOs and an operator's guide.

In this talk, we tell you about the small and quick wins, the slow and painful ones, and what didn't work. Furthermore, how to improve YOUR BOSH's performance and how we're ensuring performance doesn't degrade with upcoming releases.

https://cfseu18.sched.com/event/FRyV/from-outages-to-slos-focusing-on-bosh-performance-marco-voelz-sap-se

Getting out of First Gear, Renault-Nissan Mitsubishi Alliance A-CMS Journey with Cloud Foundry -
Lakshman Diwaakar (LD), Renault-Nissan-Mitsubishi Alliance & Didier Burkhalter, Pivotal

Within the Renault Nissan Mitsubishi Alliance, A-CMS is developing the Alliance Connected Cloud, which will enable us to connect future, current and past connected vehicles onto the same platform
In less than a year, our A-CMS organization has embraced Cloud Native development, analytics and deployment at scale with bold moves combining acquisitions of engineering specialists and strategic partnership such as with Microsoft. Adopting Cloud Foundry was one big bet as well.
Come hear about our journey across France and Japan and how we leveraged and expanded the specifics of Pivotal Cloud Foundry, Concourse and Azure to implement our architecture with secure-first, global-ready and automate-everything core goals in our design.

https://cfseu18.sched.com/event/FRz6/getting-out-of-first-gear-renault-nissan-mitsubishi-alliance-a-cms-journey-with-cloud-foundry-lakshman-diwaakar-ld-renault-nissan-mitsubishi-alliance-didier-burkhalter-pivotal

How Did Our Garden Grow? Advances in the Cloud Foundry App Runtime's Container Engine - Tom Godkin, Pivotal & Georgi Sabev, SAP

Garden (the Cloud Foundry App Runtime's container engine, optimised for PaaS workloads) saw awesome features bloom over the last year. Garden is the first production runtime to support rootless mode; a wonderful security benefit. Leveraging containerd, Garden now uses more industry standards than ever, allowing for a much more familiar operator experience. The new "Garden Peas" feature enables sidecar containers for Cloud Foundry. This makes the platform more secure and opens the door for cool things like cf ssh, intelligent routing and many more.

As well as introducing the new features, the talk will explain how operators can interact with the runtime container bundles generated by Garden to debug, extend and operate the platform.

https://cfseu18.sched.com/event/GAUx/how-did-our-garden-grow-advances-in-the-cloud-foundry-app-runtimes-container-engine-tom-godkin-pivotal-georgi-sabev-sap

How the Garden Windows Team Has Made Cloud Foundry the Best Deployment Platform for .NET - Matthew Horan & Natalie Arellano, Pivotal

The Garden Windows team has been hard at work building first class support for .NET into Cloud Foundry. We'll be providing an update on the new Windows Server 2016 stack, which leverages Windows Server containers. We'll discuss future plans around Cloud Foundry Container Runtime support for Windows, and the shared architecture of Application Runtime and Container Runtime support for Windows.

In addition to runtime components, the Garden Windows team has been exploring service mesh technologies like Istio, which will greatly benefit .NET developers. Istio enables cross-platform service discovery, failover, and scaling, and is compatible with compatible with Linux, Windows, Container Runtime (Kubernetes) and Application Runtime (Diego). We'll discuss our plans to bring that technology to Cloud Foundry Application Runtime and Container Runtime for Windows.

Finally, we'll discuss some of the work that the .NET Experience team has been working on to bring better support to our Hosted Web Core buildpack. We've been gathering feedback from end users of the buildpack and Application Runtime, and have been working to make the whole .NET experience better for our Cloud Foundry end users. We'll share what we've learned and what's on our roadmap.

https://cfseu18.sched.com/event/FRyN/how-the-garden-windows-team-has-made-cloud-foundry-the-best-deployment-platform-for-net-matthew-horan-natalie-arellano-pivotal

Implementing Cloud Foundry Right in the Middle of an Existing DataCenter - Andreas Landenberger & Juergen Sussner, DATEV eG

DATEV eG is offering software and services for tax advisors, auditors, lawyers, ... . It processes more than 12 Mio paychecks per month and more than 110.000 enterprises use its services to collaborate with their tax consultant. Due to the sensitivity of data processed, DATEV has set up its own private cloud based on Cloud Foundry.

At the beginning of our journey with Cloud Foundry we made the conscious decision to implement Cloud Foundry right in the middle of the existing DataCenter. It is not installed as an island but it is running alongside with e.g. IBM WebSphere, Microsoft IIS and IBM CICS (on the mainframe). In this presentation we will discuss what led us to this decision and how we implemented it to make it a first class citizen in our application development landscape. We will openly talk about the experiances we made with this approach and what we would
have done different in case we would have a chance to do it again.

Some of the questions we will adress are: What were the technical drawbacks we faced with the current infrastructure as we tried to enable new business-models? What led us (from a technical standpoint) to the implementation of Cloud Foundry?
What are the experiances managing Cloud Foundry in a truely air-gapped environment ("offline")? How are various workloads seperated and how can developers decide about the placement of their applications? How is the connectivity to and from the existing infrastructure / applications? Why does DATEV use custom buildpacks in some areas? How did DATEV make use of the Cloud Foundry ecosystem?

Finally we will take a look at the future challanges and what we would need from Cloud Foundry to help us to build a future-proove platform.

This presentation will discuss *how* DATEV uses Cloud Foundry. It looks at some of the technical details of the
Cloud Foundry implementation at DATEV and the experiances we made so far and what we expect for the future.

https://cfseu18.sched.com/event/FRz7/implementing-cloud-foundry-right-in-the-middle-of-an-existing-datacenter-andreas-landenberger-juergen-sussner-datev-eg

Introducing Log Cache - A New Restful Interface for Observing Distributed Systems - Adam Hevenor, Pivotal

The Firehose provides a highly available stream of logs, but requires consumers to bring their own infinitely scalable data store.

In this Product update for Loggregator Adam will walk through some of the pain points operators were experiencing with the current streaming system and introduce a new component of the Loggregator system known as Log-cache. Adam will provide an overview of how the log-cache system works and is architected in cf-deployment along with a demo of the functionality using the log-cache CLI. Adam will also demo how easy it is to create integrations with log-cache and what the future Roadmap for Loggregator + Log Cache looks like.

https://cfseu18.sched.com/event/FRyS/introducing-log-cache-a-new-restful-interface-for-observing-distributed-systems-adam-hevenor-pivotal

Introduction to BOSH-Deployed Service Instances on Cloud Foundry - Zoe Vance & Denise Yu, Pivotal

This talk will introduce at a high level how Pivotal leverages BOSH and Cloud Foundry using an Open Source project called the On-Demand Service Broker (ODB) to deliver single-tenant, isolated service instances for RabbitMQ, Redis, Pivotal Container Service (PKS), and many other products. This talk will introduce the basics of service adapter design and highlight use cases where the ODB may provide a helpful abstraction.

https://cfseu18.sched.com/event/FRyX/introduction-to-bosh-deployed-service-instances-on-cloud-foundry-zoe-vance-denise-yu-pivotal

Introduction to the Cloud Foundry in the Enterprise Track – Dormain Drewitz, Pivotal & Mathis Kretz, Swisscom

https://cfseu18.sched.com/event/FWOu/introduction-to-the-cloud-foundry-in-the-enterprise-track-dormain-drewitz-pivotal-mathis-kretz-swisscom

No description provided.

Introduction to the Core Projects Track – Nicolas Regez, Swisscom & Bernd Krannich, SAP

https://cfseu18.sched.com/event/FWOo/introduction-to-the-core-projects-track-nicolas-regez-swisscom-bernd-krannich-sap

Istio Birds of a Feather - Christopher Luciano, IBM & Shannon Coen, Pivotal

This session will be an informal discussion on how software engineers and operators envision leveraging Istio/Envoy within the Cloud Foundry stack. Istio supports various service discovery adapters that are familiar to CF users including Consul and Eureka; Cloud Foundry adapters are still a work-in-progress. The goal is to poll the audience and gather feedback on how these solutions could best integrate and support Cloud Foundry environments without exposing unnecessary complexity to an end user. Istio/Envoy contributors will facilitate the discussion with a gentle Istio introduction followed by unconference style discussion with the audience.

https://cfseu18.sched.com/event/FRyc/istio-birds-of-a-feather-christopher-luciano-ibm-shannon-coen-pivotal

It's All About Delivering: A Journey From AWS to Cloud Foundry - Daniel Basten, Talanx Group

Developing new business opportunities within an insurance company can be challenging.

You need to convince the business not to plan for years ahead but to "build, measure and learn" in small iterations and gain the most value out of your product. To achieve this you need agile minds, tools and also a platform that can handle that agility.

This is a case study of how an established company, dealing in legit business, accomplished some amazing things. This talk will be about how we started in a rush with spring boot on AWS and adopted our technology stack to AxonFramework based event sourcing in mid-project phase. Then, how maintaining our AWS stack kept us more and more distracted from developing actual business value and how we finally found our home on the cloud foundry platform hosted on AWS

https://cfseu18.sched.com/event/FRzH/its-all-about-delivering-a-journey-from-aws-to-cloud-foundry-daniel-basten-talanx-group

It's a Mob! How We Gained Shared Knowledge and Delivered Value with Quality Faster - Cai Cooper, Fiserv & Colin Simmons, EngineerBetter

How do you manage when you need a team to implement something brand new, not well understood and complex?

Join Cai Cooper from Fiserv and Colin Simmons from EngineerBetter as they discuss how they utilised Mob Programming techniques to help the Fiserv Finkit team move towards a better system of deploying and operating their Cloud Foundry foundations and other supporting tooling.

During this talk you will hear how Mob programming helped the team more effectively share knowledge, ensure a common understanding baseline and remove single points of knowledge (solving the Brent problem for those of you familiar with the Pheonix project!). Additionally, you will see how common myths associated with Mob Programming can be debunked. We will show that far from being wasteful, in fact there is a reduction in waste and an increase in quality as a direct result

Cai and Colin will share tip and tricks, what worked well and things to look out for and provide some guidance on what you can do with your own teams to try it out.

https://cfseu18.sched.com/event/FRyt/its-a-mob-how-we-gained-shared-knowledge-and-delivered-value-with-quality-faster-cai-cooper-fiserv-colin-simmons-engineerbetter

Keynote: Blockhead Service Broker: From Hackathon to CF Extensions– Swetha Repakula, Software Engineer & Nima Kaviani, Senior Cloud Engineer, IBM

Deploying and developing smart contracts is a complicated task. A developer not only needs to understand and implement the logic of a contract, but also know how to setup and integrate their nodes to a network. With configuration and management differing by network, the learning curve for a polyglot blockchain developers is quite steep.

PaaS aim to hide the complexities of the IaaS and allow cloud application developers to focus solely on their application logic. We believe the same analogy can and should be applied to blockchain application developers.

We will demonstrate how the Blockhead broker facilitates the process of developing DApps independent of the blockchain network used.

https://cfseu18.sched.com/event/Fq4A/keynote-blockhead-service-broker-from-hackathon-to-cf-extensions-swetha-repakula-software-engineer-nima-kaviani-senior-cloud-engineer-ibm

Keynote: Building Bridges - Chip Childers, CTO, Cloud Foundry Foundation

https://cfseu18.sched.com/event/FW1Q/keynote-building-bridges-chip-childers-cto-cloud-foundry-foundation

Keynote: Closing Remarks + Hackathon & Community Awards – Abby Kearns, Executive Director & Chip Childers, CTO, Cloud Foundry Foundation

Keynote: Cloud Foundry Application Runtime Demo: Making Application Developers Lives Easier - Dieu Cao, Director of Product Management, Pivotal

Have you ever wanted to make a change to your app? Update all your dependencies? Swap to a new stack? All without downtime? What about ensuring only your frontend app can talk to your backend app? Give your backend app an internally discoverable route?

In this demo, Dieu will show how some of the latest features in CF Application Runtime work together to help application developers easily achieve all of the above.

https://cfseu18.sched.com/event/Fq45/keynote-cloud-foundry-application-runtime-demo-making-application-developers-lives-easier-dieu-cao-director-of-product-management-pivotal

Keynote: Containers on Solid Grounds, a Journey to Enterprise Container-Adoption – Egon Steinkasserer, Chief Product Officer Enterprise Customers, Swisscom & Christian Bach, Chief Application Architect, Swiss Re

Closing the gap between its Cloud Foundry PaaS and cloud infrastructure services, Swisscom is developing an enterprise container service based on the Pivotal Container Service (PKS). Together with Swiss Re, a customer of the first hour, we shaped a coherent, integrated cloud solution spanning all our offerings and are writing on a new chapter in both of our cloud journeys.

https://cfseu18.sched.com/event/Fq46/keynote-containers-on-solid-grounds-a-journey-to-enterprise-container-adoption-egon-steinkasserer-chief-product-officer-enterprise-customers-swisscom-christian-bach-chief-application-architect-swiss-re

Keynote: Customer Value is More than Just Technical Solutions – Chisara Nwabara, Staff Technical Program Manager, Pivotal

A customer-facing team was feeling pain around communication with Pivotal R&D and we realized that this may not be a software problem but instead a communication problem. Software usually solves problems, but sometimes solutions could be as simple as changing people’s mindset. This adjustment can impact greatly and result in a significantly positive outcome. You may already have what you need to make a huge impact and cultural transformation is a critical element for digital transformation. Everyone's ultimate goal is to ensure that Pivotal provides recognizable value to customers through a positive customer experience.
In this keynote, Chisa will discuss some of the approaches Pivotal is taking to improve communication and build empathy between their R&D and customer-facing teams in order to deliver a better experience and value.

https://cfseu18.sched.com/event/FW1a/keynote-customer-value-is-more-than-just-technical-solutions-chisara-nwabara-staff-technical-program-manager-pivotal

Keynote: IBM Cloud Foundry Enterprise Environment – Tammy Van Hove & Simon Moser, IBM

Tammy van Hove, Distinguished Engineer & Director, Cloud Foundry, IBM Cloud, will explain the new offering from IBM, the Cloud Foundry Enterprise Environment. Now released to general availability, Cloud Foundry Enterprise Environment allows users to create and manage isolated Cloud Foundry environments for hosting applications exclusively for their organizations. It provides on-demand self-service provisioning, elastic consumption, and complete access to administrative capabilities. It can make seamless use of the vast catalog of IBM Cloud services, enabling customers to build complex applications with a wide range of capabilities, such as Watson AI.

https://cfseu18.sched.com/event/H8ke/keynote-ibm-cloud-foundry-enterprise-environment-tammy-van-hove-distinguished-engineer-director-cloud-foundry-ibm-cloud

Keynote: Inclusion in Your Industry - How You Can Help – Daniel Jones, CTO, EngineerBetter

If you've ever been frustrated and disheartened by the state of diversity in the tech industry and wondered what you can do to help, then this talk is for you. It can be hard to know what to do when there are so many conflicting passionate views, so Daniel outlines an approach founded in psychology research and the experience of martial arts training. Daniel highlights findings that dispel common misconceptions and prove the benefits of an inclusive approach, in addition to explaining the subtle psychological effects of group membership that affect us all. This presentation includes references to violence and challenging topics.

https://cfseu18.sched.com/event/FW1g/keynote-inclusion-in-your-industry-how-you-can-help-daniel-jones-cto-engineerbetter

Keynote: Internet of Things (IoT) as the Driving Force to Help Stop Climate Change – Philipp Lindner, CIO, Kaiserwetter Energy Asset Management

Kaiserwetter, a company headquartered in Hamburg with further offices in Madrid and New York is using the IoT approach to become the leading Data as a Service provider in the renewables energy space, globally. The aim is to proactively set a mark to achieve the Paris climate goals. This is done by providing capital investors and financing banks with the required information and transparency on their renewable asset portfolios to minimize investment risks and maximize returns, while gaining trust catalyzing investment into that asset segment.

The unique IoT platform Kaiserwetter has put in place is called ARISTOTELES. It is running on Cloud Foundry, leveraging apps and data transformation services to build a high performing Data as a Service platform.

Together with their technology partner SAP, Kaiserwetter has defined a specific IoT architecture for ARISTOTELES, which is scalable and can be run on multi-clouds or private clouds. It has become a truly 5 continents, one solution architecture.

https://cfseu18.sched.com/event/GjVR/keynote-internet-of-things-iot-as-the-driving-force-to-help-stop-climate-change-philipp-lindner-cio-kaiserwetter-energy-asset-management

Keynote: Move Fast and Don't Break Things - How We Will Build Applications in the Future – Daniela Rabiser, Technical Product Manager, Dynatrace & Tim Gerlach, Software Developer, SAP

Cloud Foundry makes it faster and easier to build, test, deploy and scale your applications. However, there is still a high burden on development and operations teams to ensure that delivered applications and microservices are always up and running and that business functionality is available for end users. Dynatrace and SAP partnered to build a platform that will automatically hold back pipeline propagation for breaking changes or roll back faulty deployments that affect your end users. This allows developers to innovate fast while still having a security net which ensures if something breaks it will be fixed automatically following the mantra “Move fast and don’t break things.”

https://cfseu18.sched.com/event/G978/keynote-move-fast-and-dont-break-things-how-we-will-build-applications-in-the-future-daniela-rabiser-technical-product-manager-dynatrace-tim-gerlach-software-developer-sap

Keynote: Service Broker Management Across Cloud Foundry and Kubernetes - Florian Müller, Technical Lead Platform Foundation & Services, SAP Cloud Platform

The Open Service Broker API sets the standard for how a single instance of Cloud Foundry, Kubernetes, and other platforms create services instances and bind those instances to applications. But managing which services are available across multiple instances of those platforms is a challenge when there are hundreds of potential services that need to be managed across thousands of platform instances.

This demo presents the Service Manager as a central service broker registry for Cloud Foundry and Kubernetes. I will show how the registration of a service broker at the Service Manager is propagated down to a Cloud Foundry Cloud Controller and a Kubernetes Service Catalog.

https://cfseu18.sched.com/event/FW16/keynote-service-broker-management-across-cloud-foundry-and-kubernetes-florian-muller-technical-lead-platform-foundation-services-sap-cloud-platform

Keynote: Welcome Remarks – Abby Kearns, Executive Director, Cloud Foundry Foundation

https://cfseu18.sched.com/event/FVkg/keynote-welcome-remarks-abby-kearns-executive-director-cloud-foundry-foundation

Keynote: What Does the .NET Renaissance Mean to Cloud Foundry – Matthew Horan, Software Engineer & Shanfan Huang, Product Designer, Pivotal

In the past few years, Microsoft has made several big moves to embrace open source, and to join the DevOps movement with Cloud Foundry and other players. At the same time, while many organizations are excited about the transformational future, they worry about their legacy workloads that have been running for decades. These organizations don’t want to be left behind, yet struggle to find a path forward.
We want to meet these organizations half way. The .NET Windows team has been working out some new and exciting solutions to handle legacy Windows workloads, taking us one step closer to bringing cloud-native practices to .NET developers. With the .NET Renaissance having started a couple years ago, we see a huge opportunity for the CF OSS community to make a difference. Come to this keynote and learn how you can be part of the force!

https://cfseu18.sched.com/event/FW1Z/keynote-what-does-the-net-renaissance-mean-to-cloud-foundry-matthew-horan-software-engineer-shanfan-huang-product-designer-pivotal

Kube Your Enthusiasm — Bringing the `CF Push` Experience to Kubernetes Operators (Project Eirini) - Julz Friedman & Julian Skupnjak, IBM

Is container scheduling commoditised yet?

The Eirini project (now an “official” incubator project in the Runtime PMC) is bringing pluggable container scheduling to the Cloud Foundry Application Runtime. In other words: the `cf push` developer experience we all love, with your choice of container orchestrator - including Kubernetes - under the covers.

This session will introduce the Eirini project, talk through the reasons behind it, and tell you what it means for your developers (not much) and your operators (for many of them, quite a lot!).

We’re also going to demo getting up and running with Eirini on Kubernetes using a single Helm chart. This way you - and your Kubernetes-loving friends and colleagues! - can try out the `cf push` developer experience, going from code to first-class Deployments, Pods and Services in your existing Kubernetes cluster, all in a single command!

https://cfseu18.sched.com/event/FRy8/kube-your-enthusiasm-bringing-the-cf-push-experience-to-kubernetes-operators-project-eirini-julz-friedman-julian-skupnjak-ibm

Kyma: Next Gen Extension Model for Enterprise Applications - Sayan Hazra, SAP

Enterprise customers have a high demand on customizability and extensibility to fit the software they are using to their needs. In the past they had access to central parts of the software and could integrate changes on code level. This is not possible in cloud applications. Sayan Hazra will show in his talk, how Kyma is providing an extension model for cloud applications, leveraging Serverless and containerized technologies.

https://cfseu18.sched.com/event/GAU5/kyma-next-gen-extension-model-for-enterprise-applications-sayan-hazra-sap

Let's Talk Everything IAM! - Sree Tummidi, Pivotal

Identity and Access Management (IAM) is a key pillar of security. Its impossible for any customer, big or small, to think about rolling out Cloud Foundry without putting controls in place to allow authenticated and authorized access at all layers of the platform. Projects like UAA and more recently PERM enable these patterns for both the platform and the apps running on it in a standards based manner.

The roadmap for UAA and PERM is going to be governed by an important development in the foundation with the introduction of CF Container Runtime for kubernetes. Kubernetes comes with its own IAM model for the platform and the Istio (https://istio.io/) service mesh provides security for applications running in Kubernetes. Achieving inter-op between these platforms (CF CR and CF AR) is a big goal keeping operator and developer productivity in mind.

In this talk we will take a closer look the role UAA and PERM will play in this new world when it comes to enabling IAM.

https://cfseu18.sched.com/event/FRyR/lets-talk-everything-iam-sree-tummidi-pivotal

Leveraging Istio & Envoy to Deliver New Capabilities in CF - Shannon Coen & Aaron Hurley, Pivotal

The core Routing and Networking teams have been working on integrations between CF, the Envoy proxy, and the Istio control plane. These initiatives have the goal of delivering on features requested by the CF community in the domain of application traffic management and security policy for workloads on CFAR and between CFAR and CFCR. We'll share our motivations, goals, provide an update/demo on what we've accomplished so far, provide a vision for the foreseeable future, and how the community can contribute/collaborate.

https://cfseu18.sched.com/event/FRyQ/leveraging-istio-envoy-to-deliver-new-capabilities-in-cf-shannon-coen-aaron-hurley-pivotal

Lightning Talk: IBM CFEE - Integrating Cloud Foundry and Kubernetes – Simon Moser, IBM

IBM introduces Cloud Foundry Enterprise Environment - a Cloud Foundry platform running on top of Kubernetes now, as well one that will run applications natively on K8s in the future. In this Lightning talk, we'll talk about the motivation of CFEE, the technology behind it, and where it's headed in the future.

https://cfseu18.sched.com/event/Gyqy/lightning-talk-ibm-cfee-integrating-cloud-foundry-and-kubernetes-simon-moser-ibm

Lightning Talk: VMware’s Cloud Native Portfolio in 5 Minutes - Tom Schwaller, VMware

Join this quick session to get an overview of VMware's container solution portfolio across a variety of product lines, including VMware vSphere Integrated Containers, VMware Pivotal Container Service and VMware Kubernetes Engine. Learn how to pick the right cloud-native infrastructure solutions for your organization - solutions that promote developer productivity and agility, while also delivering enterprise-grade security, visibility, management, and governance.

https://cfseu18.sched.com/event/HOS6/lightning-talk-vmwares-cloud-native-portfolio-in-5-minutes-tom-schwaller-vmware

Making Sense of BOSH Links Through Visualization - Jamil Shamy & Saman Alvi, Pivotal

As links move towards becoming a cornerstone in the BOSH deployments architecture, especially with the addition of BOSH Links API, a new mechanism describing Links Providers and Consumers and the relationships between them is needed.
Taking a CloudFoundry deployment as an example, on average more than 100 links will be created during a deployment. In this session, Jamil Shamy (Pivotal) and Saman Alvi (Pivotal) will be presenting a BOSH CLI extension that enables the visualization and categorization of inner and cross deployment Links; aiming towards a better understanding of the deployed software.

https://cfseu18.sched.com/event/FRyo/making-sense-of-bosh-links-through-visualization-jamil-shamy-saman-alvi-pivotal

Migrating Rabobank Online from Monoliths to Microservices with Pivotal Cloud Foundry - Vincent Oostindie, Rabobank

About a decade ago, when the world was still all about J2EE and WebSphere application servers, Rabobank introduced a new Online platform with a custom, intentionally self-built, portal framework. Since then our world has changed in many ways. Nobody does portlets anymore; instead we build rich front-end applications backed by services spitting out JSON. Like most of the rest of the world Rabobank moved from waterfall to Agile to DevOps. Microservices came along. Java is no longer the only preferred language on the server. Today, Rabobank is migrating to a new platform based on Pivotal Cloud Foundry, that intends to cope with all these changes. In this talk Vincent Oostindië will talk you through a decade of IT at Rabobank Online, of course focusing on the new platform and the underlying technologies used there, like Spring Boot and Spring Cloud Services.

https://cfseu18.sched.com/event/FRzF/migrating-rabobank-online-from-monoliths-to-microservices-with-pivotal-cloud-foundry-vincent-oostindie-rabobank

More Secrets of Successful Cloud Foundry Adopters - Dormain Drewitz, Pivotal

What are the practices and hallmarks of organizations that are running Cloud Foundry at scale? How did they get started? How did they attract hundreds of developers and equip them to deploy thousands of applications?

2017 was a year when more enterprises hit critical mass with their Cloud Foundry deployments. The best part? They shared details of how they did it. Team structures, enablement tactics, target applications… there is a growing body of examples to learn from. But you have to absorb it all! Is there a Readers’ Digest version? Yes. Yes there is.

Wherever you are on your digital transformation journey, learn from your predecessors. In this talk, Dormain Drewitz distills the learnings from several companies using Cloud Foundry. She shares the patterns around strategies, processes, and tactics.

https://cfseu18.sched.com/event/GATw/more-secrets-of-successful-cloud-foundry-adopters-dormain-drewitz-pivotal

Navigating Network Topologies in CFCR - Neil Hickey & Urvashi Reddy, Pivotal

Kubernetes is founded upon the principles of portability and plugability. This is what makes it so popular, but with greater flexibility comes greater complexity when components within Kubernetes need to communicate. The Cloud Foundry Container Runtime [CFCR] projects uses BOSH, the underlying technology which Cloud Foundry runs on, to manage the lifecycle of the infrastructure of a production Kubernetes Cluster.

This adds a new, additional layer of networking complexity to Kubernetes. This talk will be a deep dive into the networking components of CFCR and Kubernetes. Attendees will learn about the layers of networking within CFCR, both core Kubernetes networking and what additional components are used by a CFCR deployed cluster. We'll take a closer look at the Kubernetes Services layer, the overlay options, as well as what BOSH provides in the platform.

https://cfseu18.sched.com/event/FRyC/navigating-network-topologies-in-cfcr-neil-hickey-urvashi-reddy-pivotal

OSB Local - Start Coding in No Time - Christian Brinker & Yannic Remmet, evoila

Do you remember tamagotchis? A little electronic pet you try to keep alive. Developers often face the same on their laptops. A little database they need for local testing. In CF you get it easy via the marketplace. Managed by the provider of the service. But locally? Here the developer has to install and keep the database alive. Wouldn’t it be cool have the CF marketplace on your laptop? With Open Service Broker local the speakers present a solution to that. Accessible via command line, deployed locally and easy to use. So getting a new database for development gets a no-brainer.

https://cfseu18.sched.com/event/FRyq/osb-local-start-coding-in-no-time-christian-brinker-yannic-remmet-evoila

One App, Two Platforms, Three Cloud Services - Sam Gunaratne, Pivotal & Georgi Lozev, SAP

The Open Service Broker API gives developers the power to consume services from different cloud providers on different cloud platforms. This talk will show the power of this specification in action. We will show a single application deployed to Cloud Foundry that uses a service from Google Cloud, a service from Microsoft Azure and a service from IBM Cloud. We will then take the same application and deploy it to Kubernetes and use the same set of services.

https://cfseu18.sched.com/event/FRyZ/one-app-two-platforms-three-cloud-services-sam-gunaratne-pivotal-georgi-lozev-sap

PaaS vs CaaS - Where Should I Ship My Code - Johannes Hiemer & Marco Henning, evoila

Modern software development methodologies are subjected to continuous change. While development cycles continue to abridge from weeks or month to days or even hours, requirements for features and reliability tend to increase. Agile development allowed for faster delivery of new capabilities on a regular basis, however value might not be put into production due to a lack of alignment with operative processes. Multiple cloud service offerings have evolved over the last decade, tackling problems on different levels, but Platform as a Service (PaaS) and Container as a Service (CaaS) have proven themselves to be the most functional. Although both offerings share similar concepts, their approaches in application development may differ greatly. However their utilization doesn’t have to be mutually exclusive. With their recently announced “Container Runtime“ Cloud Foundry (CF) extended their existing “Application Runtime“ offering, now supporting PaaS as well as CaaS workloads. In the end, no platform is going to be perfect for every use case. Therefore existing applications will have to be evaluated against general guidelines to plan, what it will take to get them to run in a cloud, while new applications will have to be designed in a cloud-native manner to utilize the platforms to its fullest extent. In their talk the speakers will guide the audience through the decision process of where to run different kinds of workloads.

https://cfseu18.sched.com/event/FRy9/paas-vs-caas-where-should-i-ship-my-code-johannes-hiemer-marco-henning-evoila

Panel: Cloud Foundry and Kubernetes - Did it Blend? - Bernd Krannich, SAP SE, Simon Moser, IBM, Jeff Hobbs, SUSE, Chris Crall, Google, Ulrich Homann, Microsoft, Cornelia Davis, Pivotal, & Swarna Podila, Cloud Foundry Foundation

The integration of Cloud Foundry and Kubernetes was one of the major topics during Cloud Foundry Summit Boston. One of the sessions there that created quite some interest was the panel discussion “Cloud Foundry and Kubernetes - Will it blend?” (http://sched.co/DdZr, https://www.youtube.com/watch?v=4ow7IumxkOM). In a sequel to this panel discussion, representatives of major companies in the Cloud Foundry ecosystem will reconvene to assess the status of an integration between Cloud Foundry and Kubernetes, the progress that has been made since CF Summit Boston, and updates to the visions these companies have for a future of Cloud Foundry and Kubernetes.

https://cfseu18.sched.com/event/FRyD/panel-cloud-foundry-and-kubernetes-did-it-blend-bernd-krannich-sap-se-simon-moser-ibm-jeff-hobbs-suse-chris-crall-google-ulrich-homann-microsoft-cornelia-davis-pivotal-swarna-podila-cloud-foundry-foundation

Panel: Continuous Security: Inject Pipelines With Critical Protection for Your Apps - Kamala Dasika, Pivotal, James Wickett, Signal Sciences, Simon Maple, Snyk, & Josh Kirkwood, CyberArk

As development teams continue to automate processes and speed up their application delivery, implementing security controls at scale to support this velocity has become a challenge for enterprises. Developers are increasingly using prebuilt open source or third-party container images, applications are being subjected to new types of attacks, and production environments need to be updated against a relentless pace of newly announced vulnerabilities.

So, how do security teams re-orient their processes to safely keep pace? How will you ensure the right privileges and access to secrets across apps? In this session, a panel of security experts will discuss best practices on how enterprises can ensure the security of their containerized applications throughout their lifecycle without negatively impacting frontline productivity.

Participants include Simon Maple, DevOps Security Lead at Snyk; Josh Kirkwood, DevOps security lead at CyberArk; and James Wickett, Head of Research at Signal Sciences. The discussion will be lead by Kamala Dasika from Pivotal Software while working in references to baking bread and CISO humor.

https://cfseu18.sched.com/event/FRyz/panel-continuous-security-inject-pipelines-with-critical-protection-for-your-apps-kamala-dasika-pivotal-james-wickett-signal-sciences-simon-maple-snyk-josh-kirkwood-cyberark

Panel: Powering Hyper-Growth in e-Mobility With Cloud Foundry - Kerstin Daher, Pivotal, Janardhan Vittal, Wipro, Jurgen Bluemink, Stefan Trager, & Vítězslav Burda, innogy SE

Explosive growth of charging stations in Germany is expected in upcoming years. Building IT solutions to support this demand requires seamless scalability for applications across cloud infrastructure. The problem? A monolithic codebase that had reached its scaling limits. How is innogy modernizing to a microservices-based architecture, running on infrastructure that enables organization scalability?

Come to this session to hear lessons learned: How we started with new application design; how developers coming from DIY world overcame their scepticism of the automated application platform; how we started our journey with Pivotal Cloud Foundry; how we set up the operational model with already outsourced IT services to a big system integrator; what unexpected difficulties we have faced and how together we found the way forward and plan our bright future.

https://cfseu18.sched.com/event/FRzB/panel-powering-hyper-growth-in-e-mobility-with-cloud-foundry-kerstin-daher-pivotal-janardhan-vittal-wipro-jurgen-bluemink-stefan-trager-vitezslav-burda-innogy-se

Panel: Practising a Massive Public Disaster - How to Mitigate Risk When You Can’t Afford to Fail - Zenon Hannick, Armakuni, Deborah Wood, James Wynne, & Chisara Nwabara, Pivotal

Each year, Comic Relief raises tens of millions of pounds to fight poverty. A few minutes of downtime during the annual TV event could mean missing out on millions of pounds to help those that need it most. For Sport Relief 2018 the platform was using Kubernetes for the first time. Hear how the app developers and operations teams ran extensive fire drills to practice troubleshooting across various layers of the stack under extreme load. Practising massive system failure built confidence in both team’s ability to support the event and ensure minimal time to recovery in case of disaster. Building, scaling and running a mission-critical multi-region multi-foundation solution is not for the faint-hearted or hero engineers; hear how collaboration across teams and the full platform stack allowed us to overcome the fear factor and avoid familiar pitfalls.

https://cfseu18.sched.com/event/FRyy/panel-practising-a-massive-public-disaster-how-to-mitigate-risk-when-you-cant-afford-to-fail-zenon-hannick-armakuni-deborah-wood-james-wynne-chisara-nwabara-pivotal

Panel: Saving Lives - Accepting Donations at Scale Across Cloud Foundry and Kubernetes - Zenon Hannick, Armakuni, Caroline Rennie, Comic Relief, Shane Huston, Paula Kennedy & Debbie Wood, Pivotal

Each year, Comic Relief raises tens of millions of pounds to fight poverty. A significant proportion of this is received online over the 7 hours of primetime television coverage. A few minutes of downtime during this period could mean missing out on millions of pounds to help those that need it most. In this session, speakers from Comic Relief, Pivotal and Armakuni share their experiences of building, scaling and running a mission-critical multi-region multi-foundation solution on Pivotal Cloud Foundry; with apps hosted on the Pivotal Application Service (PAS) and other production workloads running in Kubernetes clusters provisioned by the Pivotal Container Service (PKS).

Come and hear from Comic Relief (customer), Armakuni (app developer and operator), Pivotal (platform operators and product operators), talk about the challenges and solutions faced in preparing for and supporting the 2018 Sport Relief event, (https://www.sportrelief.com/)

https://cfseu18.sched.com/event/FRzA/panel-saving-lives-accepting-donations-at-scale-across-cloud-foundry-and-kubernetes-zenon-hannick-armakuni-caroline-rennie-comic-relief-shane-huston-paula-kennedy-debbie-wood-pivotal

Performance of a VM vs. Containerized Cloud Foundry - Vlad Iovanov & Jeff Hobbs, SUSE

One of the most asked questions about the new containerized Cloud Foundry is how it compares to a VM-based installation in terms of performance.

In this talk we will discuss the architecture design for containerization of CF, going beyond making containers to make it Kubernetes aware. We will compare a "Kubernetes-native" Cloud Foundry against a "traditional" BOSH OpenStack VM-based installation. We’ll present numbers to compare how these perform in operation.

The presenter will show the techniques used in these experiments and discuss the comparison between the two styles of deploying Cloud Foundry.

We'll explain our testing methodology and go through the results.

This will include installation/upgrade duration, application start-up and scaling duration, application latency and routing performance.

https://cfseu18.sched.com/event/FRyi/performance-of-a-vm-vs-containerized-cloud-foundry-vlad-iovanov-jeff-hobbs-suse

Piloting Cloud Foundry into Containers - Then, Now, and Next - Sandy Cash, IBM & Troy Topnik, SUSE

Creating a commercial Cloud Foundry distribution for a containerized environment brings up a number of challenges. Drawing on real-world experience providing a commercial Cloud Foundry distribution in which the entire stack runs on top of Kubernetes, this session summarizes the history of this style of Cloud Foundry deployment. Sandy and Troy examine some of the advantages of this approach as well as the challenges and solutions, including deploying Cloud Foundry, upgrading and scaling it, providing Cloud Foundry-as-a-Service, and staying in sync with upstream changes. They also describe development currently underway that brings containerized Cloud Foundry more closely in line with recent developments in BOSH.

https://cfseu18.sched.com/event/FRyA/piloting-cloud-foundry-into-containers-then-now-and-next-sandy-cash-ibm-troy-topnik-suse

Pipelines Done Right - Derik Evangelista & Diego Lemos de Resende, Pivotal

Pipelines are meant to be the road that will guide your team from code straight to production, automating everything on its way. Pipelines should be a source of joy for developers, the team's safe harbour. But the reality can be different, and many teams are struggling to get their pipelines right, spending time and energy fighting against automation instead of having their pipelines delivering value.

In this talk, Diego and Derik will live code a Continuous Delivery pipeline from scratch, from commit to CF push, using Concourse. During the talk, we will make use of pipeline's best practices, and explain why you should adopt them in order to make your way to production more reliable. By doing so, we will share with you how Pivotal relies on pipelines to deliver value, from developers' keyboards directly to customer's hands.

https://cfseu18.sched.com/event/FRyY/pipelines-done-right-derik-evangelista-diego-lemos-de-resende-pivotal

Platform as a Product: How to Delight Your Developers and Deliver Value for Your Customers - Paula Kennedy, Pivotal

“Success is not delivering a feature; success is learning how to solve the customer’s problem.” (Eric Ries, The Lean Startup). But when your “product” is your internal platform and your “customers” are application developers, how should you apply the principles of product management to solve your internal customers problems?
In this talk Paula will provide detailed, practical steps on how to form a successful platform team, how to apply the Build-Measure-Learn feedback loop to your internal platform and how to engage your application developers and delight them. By creating and operating a platform that meets their needs, your developers can focus on what is most important for them; delivering their products, delighting their customers and driving business value.

https://cfseu18.sched.com/event/FRz3/platform-as-a-product-how-to-delight-your-developers-and-deliver-value-for-your-customers-paula-kennedy-pivotal

Reviving the Platform Every Day - Emmanouil Kiagias & Josh Hill, Pivotal

Natural disaster hit your data centre? Don't worry. Cloud Foundry is prepared for disaster from day one thanks to built-in support for BOSH backup and restore (BBR). Nice. But how do we know the platform is ready for catastrophe? What if our worst fears come true?

The BBR framework laid the technical foundation for implementing disaster recovery. However, Cloud Foundry is a complex distributed system and contributors are spread across multiple teams and timezones. The challenge was to find a way to drive out this cross-cutting feature across all Cloud Foundry components.

Thus the Disaster Recovery Acceptance Tests (DRATs) were born. Josh and Emmanouil will show you the test framework that continuously tests a critical feature of the platform. DRATs ensures that all the Cloud Foundry components continue to work together, so we can all be confident that the platform can recover when mishaps occur.

After this talk attendees will:
* take away patterns for developing features with cross-cutting concerns.
* understand DRATs and how Cloud Foundry teams test their components.
* understand how to deliver CI tasks that can be shared by many teams in their own CI pipelines.

https://cfseu18.sched.com/event/FRyM/reviving-the-platform-every-day-emmanouil-kiagias-josh-hill-pivotal

Running .Net Apps on Cloud Foundry in a Hybrid Environment - Ning Kuang & Thomas Shao, Microsoft

.Net is getting the first-class seats on Cloud Foundry. In this section, we will walk through how a .net application is built, deployed and managed, in a hybrid environment, with the .net ecosystem on CF. We will deploy an ASP.net web service, utilizing CI/CD tool, Open Service Broker, Monitoring and logging tool, and more. You will experience how .net is seamlessly integrated with the Cloud Foundry dev environment across on-prem and cloud platforms, and understand the newest progress with .Net. support on CF.

https://cfseu18.sched.com/event/FRyd/running-net-apps-on-cloud-foundry-in-a-hybrid-environment-ning-kuang-thomas-shao-microsoft

Running Isolated and Secure Workloads via BOSH - Subhankar Chattopadhyay & Shashank Jain, SAP

Providing a safe computing condition to an untrusted application is a very critical task. Insufficiently tested applications can cause a number of problems, especially operating system infections. These issues are often found only post-mortem. Most of these issues can be avoided by sandboxing running environment of these untrusted applications.
We have some interesting use cases where we allow third-party extensions to be loaded into the Service Fabrik broker for doing some pre and post lifecycle activities. Service Fabrik Broker is an OSBAPI compliant cloudfoundry incubator project which takes care of provisioning and management of backing services.
Since we don’t have any direct control over the quality of these extensions, as to What kind of resource usage these extensions trigger? What kind of system calls these extensions do? If they can load a rootkit, use LD_PRELOAD like mechanisms to divert system calls. There can be other potential hazardous implications if one of the extension goes kaput. This can cause a possible outage on the SF Broker which is the most critical component and a control plane for backing services.

To mitigate these possible attacks and still allow extension features, we intend to sandbox the extensions via mechanisms like
1. Apply resource limits in terms of memory, CPU, network
2. Restrict system calls via Seccomp profiling and disabling abilities like loading rootkits etc.
3. Fine-grained Mandatory access controls via SE Linux.

The natural progression for these extensions would be to move to BOSH BPM where we expect to have the right isolation levels needed.
This talk will cover usage, pros and cons of above mentioned mechanisms and A demo on how we used sandboxing to provide secure environment for untrusted extensions.

https://cfseu18.sched.com/event/FRz5/running-isolated-and-secure-workloads-via-bosh-subhankar-chattopadhyay-shashank-jain-sap

Running Smart Apps on the Cloud Foundry Platform - Amith Nambiar, Pivotal

"A quick look at companies disrupting well-established industries reveals a number of common characteristics. Among the most important, they're all expert at delivering insights in context to their customers and users—and they do it by surfacing data-driven, actionable information via features in smart applications."

This talk will delve into the details of delivering an end to end smart app on the Cloud Foundry platform. I will start with an example app which uses Machine learning and describe the problems involved in making the insights from the predictions available to the end users. Then, I will go into the details of how to use Cloud Foundry's Platform as a service (PaaS) abstraction to run and scale the API's, use Container as a service (CaaS) abstraction to run Machine Learning workloads using Apache Spark and Serverless computing abstraction (FaaS - Project riff) to run event driven functions. Finally, I will talk about how these different abstractions connect and enable, a whole new set of apps with varied requirements, onto the platform.

https://cfseu18.sched.com/event/FRyG/running-smart-apps-on-the-cloud-foundry-platform-amith-nambiar-pivotal

Security Considerations for CF Container Runtime vs. CF Application Runtime - John Michealson, Aqua Security

The growing adoption of containers and the availability of scalable orchestration tools (e.g. Kubernetes) are creating opportunities to develop more agile, easy-to-update applications that combine stateful and stateless modes. The emerging architecture combines both modalities, that have very different security considerations and risk profiles. While CF Application Runtime is well-suited to 12-factor application development, CF Container Runtime is better for flexible, rapidly-updated apps that can scale-out specific parts of the application in a very elastic way. However, from a security standpoint, CFCR presents challenges in the form of 3rd party open-source inflow, developer-driven code changes, and frequent updates. It also presents benefits in the form of immutability, better network segmentation, and lack of persistence on the host (the notion we sometimes refer to as “reverse uptime”). In this talk I will describe how to approach these divergent needs, and demonstrate some of the methods and tools that can be used to mitigate risk without slowing down development.

https://cfseu18.sched.com/event/FRz0/security-considerations-for-cf-container-runtime-vs-cf-application-runtime-john-michealson-aqua-security

Services API Project Update - Matt McNeeney, Pivotal & Nikolay Maslarski, SAP

The Cloud Foundry Services API team is responsible for:
- The developer experience provisioning and managing services in Cloud Foundry Application Runtime.
- Making it easier to build and integrate service brokers with all Cloud Foundry platforms.

This second project update from the team will include:
- What we’ve been working on in 2018, including the ability to create bindings asynchronously and the ability to register the same broker multiple times
- What we’re going to be working on soon, including replacing the Basic Auth mechanism with oAuth to improve platform to service broker security
- How the Services API team is contributing to the Open Service Broker API specification to make Cloud Foundry and Kubernetes better together

We'll then give a live demo showing some of the new developer experiences we’ve built in action.

https://cfseu18.sched.com/event/FRyO/services-api-project-update-matt-mcneeney-pivotal-nikolay-maslarski-sap

Shift Left Security — The What, Why and How - Ashley Ward, Twistlock

Today, developers have numerous tools to choose from and methods to consider when building applications and websites. Where 15 years ago working in the cloud was a new trend, today entire companies’ services are born in the cloud. Where virtual machines once reigned, containers are gradually taking their place. How does DevOps adapt to these changes, while still securing their environments, from inception to rollout? One way is to ‘shift left.’

This new approach moves software testing earlier in its lifecycle — or moves left on the project timeline — to prevent defects early in the software delivery process. Ben Bernstein, Chief Executive Officer of Twistlock, will begin this session by giving attendees an in-depth look at what it means to shift left, and will explain the following five steps to ensuring a successful and secure transition to begin testing software earlier in its lifecycle.
Vet configurations: Developers shouldn’t need to make configuration changes. All images, including those used in development and testing stages, should be equal to the images rolled out in production.
Test early and often: Bringing this motto to the shift left approach will help developers measure their success not by how quickly they can get their project into development, but by how many bugs they resolve before rollout.
Give insights into production: Team leads in DevOps should consider building dashboards or visualization tools so developers can gain real-time feedback into the security practices they’re building. This will help security and developer teams join forces to own the security needs in every stage of development.
Rethink automation: Don’t think of automation as a roadblock to production — think of it as a testing gauntlet where the code has to prove itself.
Be proactive: With all the tools today that can detect vulnerabilities and risks, it’s easier than ever to identify and resolve security gaps to prevent being impacted by cyber attacks. Find the right tools, and proactively use them in every stage of the development process.

After discussing these five points, Ben will conclude by discussing the rising role of the developer in stopping attacks before they happen, thereby becoming the behind-the-scenes security guards for company data and customer information.

https://cfseu18.sched.com/event/FRyI/shift-left-security-the-what-why-and-how-ashley-ward-twistlock

Simpler Releases, Faster Upgrades: BOSH Package Vendoring and Colocated Errands - Maria Ntalla & Maya Rosecrance, Pivotal

Until now, authors of BOSH releases have had to package any dependencies their software needed in their release. While this offers great flexibility, it means that for more complex deployments, there is unnecessary duplication of third-party dependencies. This also makes it difficult to patch external dependencies as they are kept in so many places.

One-off tasks are typically packaged as BOSH errand jobs. Until now, running BOSH errands would require spinning up a VM at the IaaS level. That’s costly and can take up to several minutes, depending on the IaaS.

BOSH recently introduced two very powerful features: package vendoring and errand colocation. Attendees will learn how to use them to simplify release package management, make deployments smaller in footprint, speed up operating and upgrading BOSH deployments.

https://cfseu18.sched.com/event/GATl/simpler-releases-faster-upgrades-bosh-package-vendoring-and-colocated-errands-maria-ntalla-maya-rosecrance-pivotal

Sky is the Limit for Cloud Foundry at AirFrance-KLM - Nathan Wattimena & Fabien Lebrere, AirFrance-KLM

AFKLM has mandate to setup large innovative solutions to support AF & KLM. It covers platform think, build and run both as several instantiations while keeping homogeneity and reducing costs and snowflakes.

As part of a global cloud native transformation across AFKLM, businesses and IT teams - Kaps4Biz was launched and encompasses topics from CI/CD developer ecosystem tools to actual containers and cloud native platform.

Adopting Cloud Foundry as a part of it immediately made sense - as long as the underlying larger strategic streams could be mapped for the long term:
- developer onboarding and project facilitation for several thousands of them
- rich catalog of service with a mix of build, buy & integrate strategy
- operational excellence for keeping the platform and apps running at scale on private cloud
- vendor neutrality and skill center development
- innovation acceleration for cloud native, microservices and container-first architecture
- simple rollout of a reference architecture at global scale

Come hear about our journey to start and measure success in transforming AFKLM how we leveraged and expanded the specifics of Pivotal Cloud Foundry, Pivotal DOJOs implementation approach and the Cloud Foundry partner ecosystem to rollout a new way of working for developers & operators at AFKLM.

https://cfseu18.sched.com/event/FRz9/sky-is-the-limit-for-cloud-foundry-at-airfrance-klm-nathan-wattimena-fabien-lebrere-airfrance-klm

Stratos: A Cloud Foundry UI - Past, Present and Future - Neil MacDougall & Richard Cox, SUSE

At the last CF Summit Europe, SUSE introduced Stratos UI - an Open-Source, modern, web-based Management UI aimed at meeting the needs of both Developers and Administrators.

Fast-Forward 6 months and at the CF Summit in Boston, we showed how Stratos (now a member of the CF-Extensions PMC) was progressing and we demonstrated the new version being developed.

Now, in this talk, we will update you on the recently-released Version 2 - showcasing the new look-and-feel and the new feature set. We’ll talk about how we’re working to grow the community and what we have planned for the year ahead.

This talk is aimed at both end-users and developers. We present Stratos with the intent of raising awareness, growing the community and encouraging others to join in and contribute.

https://cfseu18.sched.com/event/FRyn/stratos-a-cloud-foundry-ui-past-present-and-future-neil-macdougall-richard-cox-suse

Supporting Multiple Major Versions of BOSH Releases with Concourse - Michael Lieser & Steffen Zuber, anynines

Everybody knows that customers don’t all use the latest major release versions of software. Sometime the migration is too costly, sometimes it's another good reason. As a service provider, you can’t just stop supporting older versions and only focus on the latest.

When it comes to shipping BOSH releases, how can you - with minimal effort - satisfy your customer by providing them with new features and bug fixes?

This talk will show how to use Concourse to monitor 3rd-party software to keep older major versions up-to-date, release your own bug fixes and features along the way. We will also present a git branching and versioning model to do it efficiently.

At the end of this talk, you'll feel an urge to download Concourse immediately to make your release management even easier.

https://cfseu18.sched.com/event/FRya/supporting-multiple-major-versions-of-bosh-releases-with-concourse-michael-lieser-steffen-zuber-anynines

Terraform Providers for Cloud Foundry - Guillaume Berche, Orange & Mevan Samaratunga, Pivotal

As a Cloud Foundry admin, do you feel tired of scripting the CF CLI to automate provisioning of CF resources (domain/org/roles/quotas/buildpacks/sec-groups/brokers/service-plan-visibility etc...)? Is your automation getting complex and fragile as your CF ecosystem scales ?

As a CF application developer, do you sometimes feel limited by the CF application manifest ? Ever needed to script creation of space/role/service instance/network-policy ? Would you like to manage your application resources in an idempotent manner, uniformly across CF CR and CF AR, and cross-reference them ?

Terraform (https://www.terraform.io/) “enables you to safely and predictably create, change, and improve your production infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.”

This talk introduces terraform providers for CF-related resources, bringing terraform benefits to CF admins and developers. It starts by detailing some target use-cases, then illustrates use of terraform CF provider through demos, details the current state of the implementation available at https://github.com/mevansam/terraform-provider-cf, and closes with future plans and perspectives on innovative use-cases.

https://cfseu18.sched.com/event/FRyl/terraform-providers-for-cloud-foundry-guillaume-berche-orange-mevan-samaratunga-pivotal

Thales Digital Factory – A Cloud Foundry Platform Journey - Nicolas Dumont, Thales Digital Factory & Erwan Bornier, Pivotal

Thales Group, the global leader in defense, security, space, aerospace and ground transportation markets has chosen Cloud Foundry as a key asset of our Thales Digital Factory. The factory, launched in July 2017, aims at accelerating the Group’s digital transformation into a platform company and adopting digital ways of working.

Pivotal Cloud Foundry brings immediate value to us:
- "Go fast" by providing our application product teams with state of the art DevOps workflows and enabling them to meet the time-to-market required by our businesses,
- "Go secured by default" by automatically taking care of many security requirements at the platform level, enabling our application product teams to be as fast as start-ups, as securely as Thales requires,
- "Deliver anywhere" by leveraging Cloud portability to operate digital products on a global scale,
- "Innovate & Transform" by fostering the Cloud Native Application development patterns that are required to achieve velocity and provide our businesses with the full benefits of the Cloud paradigm.

Come discover our platform journey, lessons learned and what we expect from the Cloud Foundry ecosystem for the success of Thales, today & tomorrow!

https://cfseu18.sched.com/event/FRz8/thales-digital-factory-a-cloud-foundry-platform-journey-nicolas-dumont-thales-digital-factory-erwan-bornier-pivotal

The Cloud Foundry Mullet - Functions at the Front, Containers at the Back - Paul Czarkowski, Pivotal

Paul will introduce the audience to the three platforms in the Cloud Foundry ecosystem for Containers as a Service, Platform as a Service, and Functions as a Service and talk through the difference in concepts and uses cases for each. Paul will then talk through how you can apply business logic and lean practices to evaluate your workloads and determine the best platform to run them on.

While Paul will be talking about the Cloud Foundry ecosystem itself the actual platforms are examples of many options out there and the lessons and practices talked about will apply equally to non Cloud Foundry versions of the three platform archetypes ( CaaS, PaaS, FaaS ).

https://cfseu18.sched.com/event/FRyf/the-cloud-foundry-mullet-functions-at-the-front-containers-at-the-back-paul-czarkowski-pivotal

The Route To Rootless Containers - Claudia Beresford & Ed King, Pivotal

Rootless containers are a new and exciting development in the container community, offering the ability to create and manage containers as a completely unprivileged, non-root user. This is appealing both in terms of security, as well as in making container-based workloads accessible to a much wider audience.

During this presentation, Claudia and Ed will share their team's learnings from the journey to adopting rootless containers in production for a large multi-tenant PaaS (Cloud Foundry). The talk contains a technical overview of rootless containers - what they are, how they work and how to enable them in runC as well as a discussion of the limitations of rootless containers and how we overcame those limitations. If you’re interested in using rootless containers in production, this talk is for you!

https://cfseu18.sched.com/event/FRyv/the-route-to-rootless-containers-claudia-beresford-ed-king-pivotal

The Shape of Things to Come – Predictions on the Future of Platform as a Service - Bernd Krannich & Sanjay Patil, SAP

Cloud Foundry, Kubernetes, Istio, Knative – the Cloud Native ecosystem is evolving rapidly. In this talk, the speakers will provide an overview of these technologies and share their perspective on how the technology stack will line up to define the future of Platform as a Service.

https://cfseu18.sched.com/event/FvUa/the-shape-of-things-to-come-predictions-on-the-future-of-platform-as-a-service-bernd-krannich-sanjay-patil-sap

Trust the Hamster! - Peter Goetz & Norman Sutorius, IBM

Over the past two years the Bits-Service, a Cloud Foundry Blobstore API, has been developed and is ready for action! Bits-Service started as an extraction of existing functionality in the Cloud Controller today by externalising all bits related operations (application bits, droplets, packages, buildpacks, …). So it's time for an update on Bits-Service. We would like to lay out the drivers behind Bits-Service, give updates on "What's new?", "What's different?", "What to expect from Bits-Service?", and why we rewrote it in Go.
Finally, there will be an outlook on resource-matching in the CF V3 API as well as future development plans. And what exactly does all this have to do with a hamster?

https://cfseu18.sched.com/event/FRyP/trust-the-hamster-peter-goetz-norman-sutorius-ibm

Turbocharging the Cloud Foundry API with External Metadata - John Feminella, Pivotal

The Cloud Foundry API is useful for providing information about the resources it manages, but sometimes it would be helpful to have other kinds of information there. For example, operators frequently want to associate billing, chargeback, or contact metadata to an application. Unfortunately the CF API doesn't provide any mechanism to do this.

But there's still a straightforward way to make this possible. In this talk, we introduce an experimental approach by which platform owners can seamlessly add external metadata into `cf curl` API responses for use by other systems. In doing so, we'll see how we can make it possible for operators to augment API responses with whatever metadata they like. We'll also share results from some trials we're performing at several firms using this approach.

https://cfseu18.sched.com/event/FRye/turbocharging-the-cloud-foundry-api-with-external-metadata-john-feminella-pivotal

Update on the OSBAPI Specification – Doug Davis, IBM

Since the Open Service Broker API left the confines of Cloud Foundry, and is now a cross platform specification that is now supported on platforms such as Kubernetes, its importance in the community has skyrocketed. In this session we're review what's been going on with the OSBAPI specification and working group. We'll highlight the new features of the spec and some of the potential future work items the group is considering.

https://cfseu18.sched.com/event/FW1v/update-on-the-osbapi-specification-doug-davis-ibm

Upgrading From CF-Release to CF-Deployment: The Unusual Way - Johannes Hiemer & Yannic Remmet, evoila

While there is a good documentation on how to upgrade Cloud Foundry deployments that are still using cf-release, we came up with an easier way to do it.
Proven to have a zero downtime for running applications and the possibility to roll back in case some things don’t work out it’s what everybody, who is still running an cf-release deployment, should be doing.

In this talk we will give a step by step instruction how we upgraded Cloudfoundry on several occasions and an insight of what mistakes were made.

https://cfseu18.sched.com/event/FRyx/upgrading-from-cf-release-to-cf-deployment-the-unusual-way-johannes-hiemer-yannic-remmet-evoila

Keynote: User Panel – Moderated by Frederic Lardinois, Enterprise Editor, TechCrunch

https://cfseu18.sched.com/event/FW1B/keynote-user-panel-moderated-by-frederic-lardinois-enterprise-editor-techcrunch

Using Service Brokers to Bridge CF and Kubernetes - Jeremy Rickard, Microsoft

One of the great things in Cloud Foundry is the ability to bind your application to external services using service brokers! If you are moving to containerized deployments, you may be considering Kubernetes as your container orchestrator of choice. Will you lose that great benefit if you are moving to Kubernetes? The answer is no! Service Catalog brings the same capabilities to Kubernetes for your containerized applications. In this talk, Jeremy will introduce Service Catalog and talk about how it was influenced by the user experience in Cloud Foundry. He will then show how you can use Service Catalog to deliver your containerized applications to Kubernetes and provide some guidance on best practices for working with both platforms.

https://cfseu18.sched.com/event/FRyO/services-api-project-update-matt-mcneeney-pivotal-nikolay-maslarski-sap

Verifying Open Service Broker API Compliance and Testing Production Broker Deployments - Robert Gogolok & Oliver Wolf, anynines

You’ve developed a Service Broker and want to test your broker’s implementation? Maybe you're considering writing a new Service Broker and want some kind of test suite to validate against.

anynines makes use of two different kind of tests suites when it comes to automating deployments with the Open Service Broker API. The first ones are the “BOSH releases tests” and are used to verify that service instances behave like expected during failure scenarios. While these kind of tests are used in the CI/CD pipeline of the anynines Data Services, they don’t verify compliance against the OSBAPI or whether a concrete customer production setup is working correctly.

This talk focus on the latest type of tests and shows how a generic test suite that verifies production platform environments and OSBAPI compliance can be used for different kind of data services.

https://cfseu18.sched.com/event/FRyw/verifying-open-service-broker-api-compliance-and-testing-production-broker-deployments-robert-gogolok-oliver-wolf-anynines

Where Does Cloud Foundry Stand in the Containers’ Ecosystem? - Surya Duggirala, IBM

As container technology is becoming the de facto choice for cloud platforms, it is essential to compare various container ecosystems. As the industry is embracing microservices and service mesh technologies like Istio, there is a common question around how Cloud Foundry fits in this space. The main intent of this session is to compare Cloud Foundry’s garden containers with other container technologies like Docker and Kubernetes and highlight the strengths and weaknesses of each of these container technologies. This session also looks into the latest advances in Cloud Foundry Platform and how it is strengthening the cloud native deployments.

https://cfseu18.sched.com/event/FRyE/where-does-cloud-foundry-stand-in-the-containers-ecosystem-surya-duggirala-ibm