Linux 101

Justin Reock, Chief Architect, OpenLogic

Learn how to use Linux, even if you’re a die-hard Windows user! There’s no question that Linux has taken over the enterprise, and paves the way for disruptive innovations in software. Join us for an informal breakout session where we’ll introduce you to the benefits of developing on a Linux platform and show you some basic usage fundamentals, so that you can get started with Linux today.

Multi-Cluster Kubernetes and Service Mesh Patterns

Christian Posta, Global Field CTO, Solo.io

Building applications for cloud-native infrastructure that are resilient, scalable, secure, and meet compliance and IT objectives gets complicated. Another wrinkle for the organizations with which we work is the fact they need to run across a hybrid deployment footprint, not just Kubernetes. At Solo.io, we build application networking technology on Envoy Proxy that helps solve difficult multi-deployment, multi-cluster, and even multi-mesh problems.

In this webinar, we’re going to explore different options and patterns for building secure, scalable, resilient applications using technology like Kubernetes and Service Mesh without leaving behind existing IT investments. We’ll see why and when to use multi-cluster topologies, how to build for high availability and team autonomy, and solve for things like service discovery, identity federation, traffic routing, and access control.

This talk will cover:

• Multi-cluster design patterns with Kubernetes and Service Mesh
• Service discovery across a hybrid environment
• Identity federation, including SPIFFE, in a multi-cluster world
• Emerging technology to help simplify multi-cluster and multi-mesh architectures

A Tour of Open Source on the Mainframe

Elizabeth Joseph, Developer Advocate, IBM

Many enterprises and, as many of us learned during the COVID-19 outbreak, governments, rely on mainframes to do the bulk of their data-driven work and the modern mainframe is very good at what it does. But what if you’re looking to modernize your platform and bring in the DevOps methodologies, tooling, and practice into your organization?

Today, there is an entire product line of mainframes that exclusively run Linux (RHEL, SLES, or Ubuntu). With Linux, you get access to the vast ecosystem of open source software that’s already been ported to the mainframe architecture (s390x), with more being ported every month.

If your organization is using z/OS, the Open Mainframe Project has a series of open source projects targeted specifically at the mainframe and improving usability. Zowe, for instance, helps create a consolidated API for accessing resources and workload on your system and Feilong is a z/VM connector that allows you to manage your virtual machines with familiar open source tooling like OpenStack. There are even connectors for Jenkins that allow you to integrate CI/CD pipelines with your workloads.

In this talk I’ll explore all of this in more to show you how an automated, modern environment can thrive on today’s mainframe.

Web Acceleration Mechanics 

Alexander Krizhanovsky, CEO, Tempesta Technologies

You probably might easily count ten or more web accelerators and the list is constantly growing. Besides different features, the proxies vary significantly in their architecture, how do they interact with the operating system and implement various HTTP standards.

Understanding the architecture differences and internals of particular web accelerators helps to make the right decision which one fits better to your needs and to track down complex performance issues and anomalies.

This talk covers following topics on examples of Nginx, Varnish, Apache Traffic Server, HAProxy, H2O, and Tempesta FW:

• How client and backend server connections are managed;
• HTTP message queues and backend server connections failovering in HTTP standards and proxy implementations, and security implications;
• How HTTP/1.x, HTTP/2, and HTTP/3 (QUIC) decoders and parsers interact to each other;
• HPACK and QPACK compression from HTTP/2 and HTTP/3 (QUIC) and when it hurts performance;
• What and how HTTP allows to cache;
• Different caching architectures: mmap(), file cache, and a database;
• Network I/O and TLS optimizations available in some web accelerators and modern Linux kernels.

How Red Hat ran a global OpenVPN offer during the COVID-19 pandemic with 99% Open Source software

Mauricio Teixeira, Principal Systems Administrator, Red Hat

Red Hat has been running a global OpenVPN infrastructure for their associates for years, which have been put under the microscope during the COVID-19 pandemic, and has been put under a lot of stress. Everything ran smoothly, without outages, without snags, with an average of 60% of company associates connected simultaneously during peak times. During this talk, we will demonstrate how the infrastructure has been configured, and all of the Open Source (and proprietary) technologies that were involved.

How to build a Kubernetes networking solution from scratch

Antonin Bas, Staff Engineer, VMware & Jianjun Shen, Senior Staff Engineer, VMware

For the non-initiated, Kubernetes (K8s) networking can be a bit like dark magic. Many clusters have requirements beyond what the default network plugin, kubenet, can provide and require the use of a third-party Container Network Interface (CNI) plugin. But what exactly is the role of these plugins, how do they differ from each other and how does the choice of one affect your cluster?

In this talk, Antonin and Jianjun will describe how a group of developers was able to build a CNI plugin – an open source project called Antrea – from scratch and bring it to production in a matter of months. This velocity was achieved by leveraging existing open-source technologies extensively: Open vSwitch, a well-established programmable virtual switch for the data plane, and the K8s libraries for the control plane. Antonin and Jianjun will explain the responsibilities of a CNI plugin in the context of K8s and will walk the audience through the steps required to create one. They will show how Antrea integrates with the rest of the cloud-native ecosystem (e.g. dashboards such as Octant and Prometheus) to provide insight into the network and ensure that K8s networking is not just dark magic anymore.