Why Should Developers Have All the Fun! Here's Your Guide to Cloud Foundry Summit Europe for Platform Operations Teams.

October 5, 2018 Jeff Kelly

We all know the developers are the new kingmakers. But developers couldn't build great software without the support of a killer platform ops team! So while there are plenty of great sessions at Cloud Foundry Summit Europe next week for devs, let's spend some time previewing the show from a platform ops perspective. 

A key operations theme of the show is security. In addition to providing a great platform and development experience, platform ops teams are also tasked with keeping their enterprises safe and secure. The good news is these two mandates - providing a great experience for developers and maintaining a secure environment - aren't mutually exclusive!

Let's take a look at the operations and security track at Cloud Foundry Summit Europe, with a few other relevant sessions from other tracks thrown in for good measure.

Day 1

Keynote: Service Broker Management Across Cloud Foundry and Kubernetes

Florian Müller, Technical Lead Platform Foundation & Services, SAP Cloud Platform

October 10, 9:25 to 9:35

One of the great things about Cloud Foundry is its embrace of the Open Service Broker API, which enables developers to create services instances and bind those instances to applications. But things can get tricky for ops teams when they are responsible for managing potentially hundreds of services across multiple Cloud Foundry foundations. In this keynote session, SAP’s Florian Müller demonstrates how to use Service Manager as a central service broker registry for Cloud Foundry and Kubernetes, bringing order to what can otherwise be a chaotic environment.

 

Comprehensive Cloud Foundry Security Overview and Roadmap

Sree Tummidi, Sr. Manager Product Management, Pivotal

October 10, 11:35 to 12:05

There’s perhaps now bigger responsibility for operators than keeping the platform safe and secure. The good news is that Cloud Foundry has robust security capabilities built into the platform and the community is adding new features every day. In this session, Pivotal’s Sree Tummidi will review the current state of Cloud Foundry platform security, including secure credential management, encryption, network security, authentication, authorization and auditing. You’ll leave this session with an even better understanding about how to take advantage of all of these capabilities to deliver comprehensive platform security.

 

Cloud Foundry Security Needs the Community

Dan Jahner, Senior Product Manager, Pivotal

October 10, 12:15 to 12:45

When it comes to platform security, we all have a role to play. It's too big a job for just one person or even one company. In this session, Pivotal's Dan Jahner will explain how you an get involved in security testing to help make Cloud Foundry as secure as it can be. He'll walk through the mechanics of how to responsibly report security vulnerabilities when you find one and what the triage process looks like once you have submitted a report. You'll also walk away from this session with a better understanding of the historical context of security in platform operations and better educated on some general security testing concepts to get you jump started on security testing.

 

Thales Digital Factory: A Cloud Foundry Platform Journey

Erwan Bornier, Platform Architect, Pivotal

Nicolas Dumont, Platform Product Owner, Thales Digital Factory

October 10, 12:15 to 12:45

It’s not as if Thales is new to software development. Around 15% of the French company’s 65,000 person-strong workforce is made up of software engineers. And software plays a key role in nearly all of its products, largely critical systems for the aerospace, transportation, and defense industries. But the company wanted to get better and faster at building great software, a journey that started with Cloud Foundry. In this session, you'll learn how Thales' ops team supports thousands of developers and applications, enabling the company to "go fast, go secure by default, deliver anywhere, and innovation and transform."

 

Running Isolated and Secure Workloads via BOSH

Subhankar Chattopadhyay, Associate Architect, SAP

Shashank Jain, Chief Development Architect, SAP

October 10, 14:30 to 15:00

In an ideal world, all the workloads running on your Cloud Foundry foundation will be known, trusted applications. But there are times when your developers may need to run untrusted applications on the platform. How do you prevent these application from potentially causing security and performance issues throughout the platform and other applications? In this session, SAP’s Subhankar Chattopadhyay and Shashank Jain will illustrate how to cordon off these types of workloads via sandboxing with a little help from BOSH, thereby limiting the potential damage.

 

Security Considerations for CF Container Runtime vs CF Application Runtime

John Michealson, Cloud Security Integration Architect, Aqua Security

October 10, 15:10 to 15:40

Cloud Foundry has come a long way over the last year. What started as a single application runtime environment is now a full-fledged development and operations platform with not one but two abstractions to choose from, depending on the use case. One is the tried-and-true application runtime, the other a container runtime based on Kubernetes. In addition to providng different but complimentary environments for developers, the two runtimes also have different security needs and considerations. In this session, Aqua Security's John Michealson describes how to approach the divergent security needs of the two Cloud Foundry runtimes and demonstrates some of the methods and tools that can be used to mitigate risk without slowing down development.

The Route to Rootless Containers

Claudia Beresford, Software Engineer, Pivotal

Ed King, Software Engineer, Pivotal

October 10, 15:50 to 16:20

It's always good to know your roots. But what about when there are no roots? Rootless containers are quickly rising in popularity in part because it allows you to create and manage containers as a completely unprivileged, non-root user. This is a good thing from a security perspective and makes it easier to open up container-based workloads to a lot more developers. In this session, Pivotal's Claudia Beresford and Ed King share insights learned from adopting rootless containers in production running on for Cloud Foundry. If you’re interested in using rootless containers in production, this talk is for you!

 

Panel: Continuous Security: Inject Pipelines with Critical Protection for Your Apps

Kamala Dasika, Product Team, Cloud Platform Ecosystem, Pivotal

Josh Kirkwood, DevOps Security Lead, CyberArk

Simon Maple, Director of Developer Relations, Snyk.io

James Wickett, Head of Research, Signal Sciences

October 10, 16:50 to 17:20
 
We all agree that speeding up the software development and deployment lifecycle is a good thing for developers and, ultimately, users of the software. New features are added more frequently based on real-world feedback. But how do security practices have to change in the new go-go world of continuous integration and deployment? Security experts from CyberArk, Snyk.io and Signal Sciences will discuss in this panel discussion moderated by Pivotal's Kamala Dasika. They'll talk about how security teams can re-orient their processes to keep pace, how to ensure users get the right privileges and access to secrets across apps, and more.
 
 

Molly Crowther, Senior Technical Program Manager, Pivotal

Shatarupa Nandi, Director of Software Engineering, Pivotal

October 10, 17:30 to 18:00

You can't fix it if you don't identify it. In one of the most straightforward session of the summit, Pivotal's Molly Crowther and Shatarupa Nandi reveal the top five security vulnerabilities previously found in Cloud Foundry, including how each vulnerability was discovered, how it could be exploited, and how the it was remediated in the product. You'll leave this session with a better understanding of how critical-severity vulnerabilities are discovered, triaged, and fixed in Cloud Foundry.

 

Day 2

Platform as a Product: How to Delight Your Developers and Deliver Value for Your Customers

Paula Kennedy, Director, PCF Solutions, Pivotal

October 11, 11:15 to 11:45

As a platform operator, you may not think you are directly serving the needs of customers, but think again. In fact, your customers are the software engineers and developers building and running applications on Cloud Foundry. And Cloud Foundry itself is the product. In this session, Pivotal’s Paula Kennedy extolls the virtues of treating your platform as a product and all that entails. She’ll discuss what this approach looks like in practice and provides advice for building a platform team, applying the Build-Measure-Learn feedback loop to platform development and how to build trust with your customers, application developers.

 

Upgrading from CF-Release to CF-Deployment: The Unusual Way 

Johannes Hiemer, CEO, evoila

Yannic Remmet, Software Engineer, evoila

October 11, 11:55 to 12:25
 
You probably already have a method for upgrading Cloud Foundry deployments that are still using cf-release. But what if I told you there was an easier way? Well ... there is! In this session from evoila's Johannes Hieme and Yannic Remmet, learn how to upgrade the platform with zero downtime for applications and the ability to easily roll back the upgrade if needed. Johannes and Yannic will walk you  through the entire process so you can replicate it with your Cloud Foundry deployment during your next upgrade!

 

Cluster Health for Application Health – Monitoring the Cloud Foundry Infrastructure

Johannes Bräuer, Technology Strategist, Dynatrace

October 11, 14:10 to 14:40

Is there anything more frustrating than not being able to diagnose why application performance is suffering? I doubt it. All your application monitoring dashboards are green, yet apps are slowing to a crawl. Luckily, there is a solution and Dynatrace’s Johannes Bräuer will share it in this session! He’ll explore methods for identifying bottlenecks in core platform components, such as Gorouters and Auctioneers, and provide a demonstration of how to detect component anomalies that hit applications’ response time and availability.

 

#automateALLtheTHINGS: From Ops Manager GUI to Automating Deployments and Reporting with Concourse

Onno Brouwer, Technical Specialist, Rijkswaterstaat

October 11, 14:10 to 14:40

One of the things that sets Cloud Foundry apart from other application platforms is its extensive automation capabilities. Automation allows ops teams to reduce manual tasks, apply updates at scale, and, therefore, spend more time delivering value to developers. In this session, Rijkswaterstaat’s Onno Brouwer shares how the company’s ops team transitioned from manually performing platform upgrades using the Ops Manager GUI into fully automating the upgrades process by incorporating the PCF and BBR pipelines, and how your team can do the same.

 

Panel: Practising a Massive Public Disaster - How to Mitigate Risk When You Can’t Afford to Fail

Zenon Hannick, COO, Armakuni

Chisara Nwabara, Staff Technical Program Manager, Pivotal

Debbie Wood, Product Manager, Pivotal

James Wynne, Staff Software Engineer, Pivotal

October 11, 14:50 to 15:20

Imagine that the vast majority of your enterprise’s revenue is generated on a single day each year. The last thing you can afford is for your platform or applications to fail during this singular, extremely high-traffic event. Sound far-fetched? Maybe for most organizations, but its reality for Comic Relief. The U.K.-based charity raises millions of pounds to fight poverty during its annual telethons. It’s entire donations system runs on Cloud Foundry. In this session, hear how Comic Relief’s operations teams collaborates with its developers to run extensive fire drills across its mission-critical, multi-region, multi-foundation environment to practice troubleshooting across various layers of the stack under extreme load.

 

It's a Mob! How We Gained Shared Knowledge and Delivered Value with Quality Faster

Cai Cooper, Head of Cloud Platform Operations, Fiserv

Colin Simmons, Engineer, EngineerBetter

October 11, 15:30 to 16:00

You’ve heard of pair programming, where two developers write code together on the same machine. Well, how about you add the entire team to that scenario? That’s called Mob programming and it helped the Fiserv Finkit operations team improve how they deploy, operate and troubleshoot their Cloud Foundry foundations and other supporting tooling. In this session, Finserv’s Cai Cooper and EngineerBetter’s Colin Simmons share how Mob programming helped the team more effectively share knowledge, reduce wasted time and increase the quality of its operational expertise.

 

Face Your X.509 Fears: Automating Certificate Rotation for Cloud Foundry

Iryna Shustava, Software Engineer, Pivotal

October 11, 16:30 to 17:00

Cloud Foundry continues to become more and more secure by default. That's obviously a good thing! But, it does increase the burden on platform operations teams, who are responsible for managing the ever-increasing number of certificates and certificate authorities that come with it. The good news is the team at Pivotal has made a lot of progress on credential management, in particular with CredHub. This session covers how to manage Cloud Foundry credentials with Concourse, BOSH, and CredHub. It includes a demo of a Concourse pipeline rotating all certificates with zero application downtime. Beat that!


See You in Basel!

Now you're ready to hit the ground running in Switzerland next week at Cloud Foundry Summit Europe. So pack your passport and your thirst for platform ops knowledge and we'll see you in Basel!

About the Author

Jeff Kelly

Jeff Kelly is a Director of Product Marketing at Pivotal Software. He spends his time learning and writing about how leading enterprises are tapping the cloud, data and modern application development to transform how the world builds software. Prior to joining Pivotal, Jeff was the lead industry analyst covering Big Data analytics at Wikibon, an open source research and advisory firm. Before that, Jeff covered data warehousing, business analytics and other IT topics as a reporter and editor at TechTarget. He received his B.A. in American studies from Providence College and his M.A. in journalism from Northeastern University.

Follow on Google Plus Follow on Twitter Follow on Linkedin More Content by Jeff Kelly
Previous
How We Designed PCF Healthwatch: A Lean & Collaborative Approach that Embedded Co-Creation and Continuous Feedback.
How We Designed PCF Healthwatch: A Lean & Collaborative Approach that Embedded Co-Creation and Continuous Feedback.

How do you design a module to give engineers a view into the platform and its current state? Here's how a t...

Next
Take the Headache out of Production Deployments: Continuous Delivery to the Cloud with Pivotal Cloud Foundry and Spinnaker
Take the Headache out of Production Deployments: Continuous Delivery to the Cloud with Pivotal Cloud Foundry and Spinnaker

Pivotal is excited to share deeper integrations between Spinnaker, an open source continuous delivery platf...