Feature toggles (aka feature flags) are a set of patterns that enable dev teams to deliver features to users rapidly and safely. Pete Hodgson leads you on a journey with a dev team as they adopt feature toggles, covering what they are, why they're helpful, and how to use them successfully.
Container deployments are based on trust—we trust our applications, developers, and infrastructure to be secure and confidently deploy microservices. But what happens when trust is broken? Tim Mackey explores the nature of data center threats and shares measures you can take to proactively identify risks.
Recently, Microsoft went from calling open source "a cancer" to being the biggest contributor on GitHub. Edward Thomson explains how Microsoft, one of the unlikeliest software vendors, began to embrace and even extend (but not extinguish) open source software and how you can begin using and contributing to open source software in your organization.
While the rest of the world tries to solve the problems of insecure software with firewalls and intrusion detection, Jeremy Anderson explains how to solve the problem where it starts: at the code that defines it. Join Jeremy to learn how to fix code security defects when they’re created instead of during production when it’s already too late.
InnerSource is a new approach to deal with usual issues in large organizations to increase development velocity and improve developer engagement, but it is still unclear how this is measured—or if this process is even actually succeeding. Daniel Izquierdo explores the concepts and tools you need from an analytics perspective and explains how they can help you make decisions.
Move fast and break things is a mantra that’s helped us learn, innovate, and push boundaries at speeds only dreamt about by other industries. However, there are times when that speed comes at a cost. Saron Yitbarek explores examples of technical projects that moved too fast and either hurt users or failed to solve a problem in irreparable ways.
A vibrant project attracts, grows, and values all contributions, and this is especially important for welcoming first-timers like women and members of other underrepresented groups to FOSS. Nithya Ruff and Rupa Dachere explain how to create on-ramps for first-time contributors, how to retain the contributors you have, and how to develop contributors for the future.
There is always something new to learn in technology. Even if we are experts in one field, we're beginners in another. It’s important to have a mentor to learn successfully, but it’s equally important to learn how to be a good mentor. Anna Ossowski explores what makes a mentor "good" and shares the tips and tricks of mentorship and concrete ways you can get involved as a mentor.
Matt Lucas demonstrates how to develop a realistic blockchain application using the Linux Foundation's Hyperledger fabric.
Jane Davis shares how Dropbox used a research- and design-led development process to de-risk and identify assumptions for both engineering and design and explains how the company effectively integrated research into the development process and involved engineers in the research and design process.
Brent Laster explains how to use Jenkins 2.0 and illustrates how to easily integrate it with other open source technologies, such as Git, as he walks you through building a simple multistage deployment pipeline (managed and automated through Jenkins) that implements principles of continuous integration and continuous delivery.
A private Java (Maven or Gradle) repository as a service can be set up in the cloud. A private Docker registry as a service can be easily set up in the cloud. But what if you want to build a holistic CI/CD pipeline on the cloud of your choice? Baruch Sadogursky walks you through setting up a universal artifact repository, which can serve for both Java and Docker.
As open source projects increase in size and complexity, open source-adopting professional services companies become their champions as partners in their clients’ projects. Drawing on their experience with Drupal, Jenn Sramek and Mark Sakurada share technical and management observations from 10 years in growing professional services companies in an open source community.
William Lyon explains how to use a graph database to generate real-time recommendations using real-world data. William introduces graph data modeling and querying concepts using Neo4j and Cypher, the query language for graphs to import and query data, before demonstrating how to apply graph algorithms and NLP using Python data science tools to enhance your recommendations.
Apache OpenWhisk on IBM Bluemix provides a powerful and flexible environment for deploying cloud-native applications driven by data, message, and API call events. Daniel Krook explains why serverless architectures are attractive for many emerging cloud workloads and when you should consider OpenWhisk for your next project.
Creating sophisticated, intelligent applications that listen and respond in natural language is getting easier. Greg Bulmash walks you through building a cross-platform application that works on both mobile and desktop clients and uses Amazon's Lex and Polly services to perform a number of useful tasks—and a few entertaining ones.
Microservices invite architectural complexity that few are prepared to address. Joshua Long explores how high-performance organizations like Ticketmaster, Alibaba, and Netflix make short work of that complexity with Spring Boot and Spring Cloud, moving beyond mere theory to implement real code to support a microservices system, live.
As container proliferation accelerates, threat surfaces increase, and new security concerns emerge as applications go into production. Merlin Glynn explores some of the headaches of running secure container workloads at scale and shares methods for addressing key challenges.
Daniel Krook explores a real application packaged using popular open source container technology and walks you through a migration to an event-oriented serverless paradigm, discussing the trade-offs and pros and cons of each approach to application deployment.
Dave Forgac and Ian Zelikman demonstrate how to use a contract-first approach to API development using the OpenAPI Specification (formerly called Swagger) and other open source tools. Dave and Ian walk you through defining a simple API specification, using it to generate documentation, a mock server, and stub code, and implementing a working API based on the specification.
Regardless of whether or not you are a developer, there are many ways for you to get involved in open source. Tracy Kuhrt offers an overview of Hyperledger and its projects and outlines the ways that you can participate. You'll leave with a set of initial steps to begin your journey with this growing community.
Containers are great ephemeral vessels for your applications. But what about the data that drives your business? It must survive containers coming and going, maintain its availability and reliability, and grow when you need it. Alvin Richards does some live coding to show key strategies to help you survive the transition to production.
Ready to dip your toe into data science? Va Barbosa explains why you should start with notebooks and PixieDust, a new open source library that helps data scientists and developers working in the Jupyter Notebook and Apache Spark be more efficient.
Taras Matyashovsky explains how to use Apache Spark MLlib to build a supervised learning NLP pipeline to distinguish pop music from heavy metal—and have fun in the process.
How can one want diversity and still fail to show up? When you say there is a pipeline issue, this doesn't reflect negatively on schools—it concerns the tech community as whole. Tameika Reed explains how to change the mindset of those who are not involved in diversity.
RESTful APIs are often designed and implemented before a client gets to see how they work, but once an API is made public, it can be hard to change. Dave Forgac and Ian Zelikman explain how to improve this process by explicitly designing the API contract and getting client feedback before implementation and outline processes and tools for building RESTful APIs with a design-first approach.
We all know the tension between open source and corporate stewardship. Are corporate and community interests aligned? Who makes the calls? As projects grow up, OSS projects must find ways to transcend their corporate boundaries or risk losing steam or being forked. Jonathan Lipps shares the story of how one large open source project found a sustainable future after corporate incubation.
Jonathon Morgan explores computer vision, deep learning, and natural language processing techniques for uncovering communities of white nationalists and neo-Nazis on social media and identifying which ones are on the path to radicalization.
Susan Sons (Center for Applied Cybersecurity Research, Indiana University)
As a community, we talk a lot about security goals and trade-offs and about the controls we may use to get there. What we don't talk enough about is first principles. Susan Sons shares the seven information security practice principles developed with her team at IU CACR and introduces a mental model for reasoning about security instead of trying to memorize for security.
Isaac Kamga discusses his contribution to the Ballistic Research Laboratory–Computer-Aided Design (BRL-CAD) community implementing a heart-shaped primitive and explains how this catapulted him into a role as a community organizer for Silicon Mountain, Africa's next tech hub.
For years, REST has been the standard architecture for APIs. But a new technology is emerging, one that's perfect for developing rich, client-friendly APIs: GraphQL. David Celis and Garen Torikian explain why this query language is being adopted by companies like Shopify, Pinterest, and GitHub and show you how you can leverage GraphQL for your own APIs.
The authors of WiSH have been involved with the WebSocket protocol since its beginning but soon realized that the real problem has always been web APIs along with a non-HTTP protocol that is truly harmful to the web. Wenbo Zhu explains why the web is better off with WiSH for deploying scalable and reliable bidirectional communication over the internet.
To establish a global user base, a product needs to support a variety of locales. The challenge with supporting multiple locales is the maintenance and generation of localized strings. Michelle Casbon explains how open source tools like Scala, Apache Spark, Apache Kafka, and Apache PredictionIO (incubating) provide structure for a scalable localization platform with machine learning at its core.
Brad Fitzpatrick recently realized he has spent over half his life immersed in the world of open source. He shares wisdom (and amusing anecdotes) from his path through various open source projects over the years.
Danese Cooper welcomes those new to InnerSource as well as those who have been on the journey for years. Danese sets the day's agenda, covers the latest goings-on with the InnerSource community, and offers a sneak peek at what's next.
Are you thinking about open sourcing your codebase? Octopus Deploy started as a closed source project, but the company is making an effort to open source more of its code. Damian Brady explains why Octopus Deploy choose to open source software that is core to its business, how it chose what parts to open source, and how the company ensured it won't lose intellectual property and market advantage.
This talk is for you—the documentarians, developers, students, or community members wondering what you can contribute to open source and how to get started. Lucy Wyman discusses several ways open source projects need your help, what to look for in a project you're contributing to, and some first steps to making your first pull request.
Whether you are a CIO, IT director, or manager, as a leader of a highly talented technical team, you must motivate members of the team and the team as a whole. But how? Sam Erskine and Steve Buchanan share five key ways you can motivate technical employees, giving you a tool belt and an action plan that can be used in your organization right away.
Data informs everything Indeed does, including managing and improving its dev process. Jack Humphrey and Kevin Binswanger offer an overview of Indeed's open source analytics platform, Imhotep, explaining how Indeed uses it to surface metrics that serve as a starting point for discussion and insight.
Container orchestration has simplified application deployment with common tools across infrastructure providers, but tools for the environment running a container orchestration system tend to be more deeply coupled to cloud providers. Bill Farner and David Chung offer an overview of InfraKit, which provides tools for infrastructure automation of self-healing, self-managing systems.
Kishau Rogers offers an overview of the real-world applications for using open source simulation tools to visualize, design, and understand complex systems and presents three cases using simulation modeling tools such as Insight Maker for scaling complex business operations, developing adaptive and intelligent applications, and evaluating the broader impact of service expansion.
Alena Hall and Natallia Dzenisenka explore the set of algorithms behind distributed systems, including snapshot algorithms, traversal algorithms, election algorithms, and reliable broadcast, giving you a clear understanding of how those systems work.
Mars One is a Dutch not for profit with an audacious idea: send people to Mars to live there permanently. To accomplish this goal, the organization needs the right people working together as a high-performing team. Peter Degen-Portnoy explains how every company can benefit from the same ideas and concepts that will make Mars One successful.
How many times have your Selenium test suites run beautifully on one browser only to fail when run in any other? This is a common problem faced with cross-browser tests. Not all browser drivers are created equal, but that doesn’t mean you can’t create a robust suite with cross-browser tests. Meaghan Lewis shares strategies for making cross-browser tests invincible.
Louise Poubel outlines some of the approaches being taken to broaden Gazebo's user base by making it easier to use for folks without a technical background, simplifying the process for developers to use its libraries, and facilitating the contribution workflow for new contributors.
Come chat with Tameika, the founder of Women in Linux, about community building. She can answer your questions about how to create an inclusive and collaborative community.
Papers We Love has gained strong traction and sustained incredible growth over just three years. It is clear that this community's success is not a coincidence. There’s a desire to understand and relate to academic and industry research. Elaine Greenberg explains how the community aims to build a body of resources to help practitioners refine and explore ideas and their connections.
Service graphs allow users to define business logic requirements and workflows, enabling them to arrange cloud functions to execute in sequence or concurrently and handle scaling to accommodate varying event load. Cathy Zhang explains how service graphs address the challenge of creating and managing microservice applications.
Have you ever had to monitor the health of your service (server stats, application errors, etc.)? Measuring data and plotting is crucial to understand how software behaves in production. But what if you had to monitor the cloud? Mihai Bojin and Kamil Smuga explain how Salesforce approaches monitoring at scale by putting customers first.
InnerSource brings open development to all collaboration. Bijil Abraham Philip explains what happened when his team hopped on the InnerSource bandwagon. They immediately ran into tooling issues, so they created InnerSource's first open source tool, Mr. Gerkins, to automate the many mundane tasks associated with repository management in a collaborative organization.
Automated testing is at the heart of modern development and operations, but it's often segregated between developer-focused unit testing and separate, often semi-automated integration testing. Alex Martelli explains that the best kind of testing deploys in many layers, reusing test-components in various configurations for multiple purposes.
When Capital One was looking for a tool to help manage its software development pipeline, Jonathan Bodner suggested LGTM, an open source pull request approval system, as a starting point. After fixing bugs and adding new features to LGTM, Jonathan contacted Capital One's open source office so he could return his changes to the community. And that's where things got interesting.
The 13th Annual O’Reilly Open Source Award winners were announced.
Vincent Batts shares where the Open Container Initiative currently stands on container standards, how container standards have evolved in an open forum, and how this format is worth the effort in gaining agreement.
A wide variety of open source frameworks and tools support artificial intelligence and deep learning. Adrian Cockcroft explains how AWS has packaged a number of them—including deep learning frameworks such as Caffe, CNTK, Keras, MXNet, TensorFlow, Theano, and Torch and supporting tools like Jupyter and Anaconda—into an Amazon Machine Image with optimized GPU support.
New hardware, tools, and engine technologies are emerging in the exciting space of VR, but open source and open standards will be what makes VR a lasting ecosystem. Stephanie Hurlburt explains why an open ecosystem not only helps content creators thrive but is essential for the ecosystem's survival.
Netflix has become well known for its contributions to open source, creating and contributing to over 50 active projects. Dianne Marsh tells the story of Spinnaker to demonstrate how open source contributes to Netflix's success and vice versa.
Jim Jagielski offers an overview of the various FOSS license types available to the developer, exploring the advantages and disadvantages of each and sharing some helpful hints for picking the right license for your project.
From the moment you create your Twitter bio, write your first blog post, or share your first Facebook article, you are building your brand. It can be daunting, but if you proactively manage your brand, you can get ahead of the curve and put the content you care about in front of the public eye. Neha Batra explains how to create a strategy that works for you and grow your brand from it.
If you are doing anything with open source these days, the chances are very high that you are working with Git. Many know enough basic Git operations to get started but don't have the time (or even know where to look) to learn about Git's advanced functionality. Brent Laster explains how to take your Git skills to the next level.
Progressive web applications (PWAs) are web applications that feature the responsiveness and user experience of a native app and can be "installed" on a user's home screen. Brian Capouch and Danilo Zekovic offer an overview of and an introduction to this exciting new technology.
Elixir and Phoenix combine the performance and scalability of the Erlang virtual machine with the core concepts behind Ruby on Rails. Marc Sugiyama walks you through creating a website, demonstrating Elixir basics and the principles behind Elixir's scalability and performance.
Susan Sons (Center for Applied Cybersecurity Research, Indiana University)
Susan Sons demonstrates how to refactor complex and possibly very broken systems and software while in operation, covering architecture, project management, and security aspects.
Global confidence in institutions is in steep decline worldwide. Technology frequently lets us down too. Brian Behlendorf explains why trust is essential to building a functioning society and how it's under serious threat. Brian argues that open source software offers a model for how we can work together, even when we have no reason to trust each other.
Hanneli Tavante offers a quick introduction to the Rust language. Drawing on code comparisons between Java/Python and C, Hanneli explores some of Rust's main features, such as its type system, compiler structure, and development environment.
Jean de Klerk explains what it takes to pipe, parse, filter, and store 10,000 messages a second with Go.
Bianca Jiang explores the paradox of open source compliance and continuous delivery with open source, sharing her experience, lessons learned, and the best of DevOps principles. Along the way, Bianca outlines a microservices-based architecture and offers a fresh perspective on compliance requirements.
Last August, the White House released the Federal Source Code Policy to improve nationwide access to the government’s custom-developed software. Alvin Salehi walks you through some of the government's coolest open source projects available on the newly launched Code.gov.
Seth Jennings demonstrates how to start an OpenShift cluster in a single command and "port" a simple three-tier application to OpenShift, covering many of the platform features along the way, including automatic container image creation from source code, service discovery, application configuration, lifecycle management, and more.
Derek Weeks shares the results of a three-year study of open source development practices across 3,000 organizations, exploring the vast software supply chains these organizations employ that are simultaneously improving development productivity and undermining quality and security practices. Derek then outlines DevOps practices that support building in quality and security from the beginning.
Fans of the comic strip Calvin and Hobbes will undoubtedly remember when Calvin invented the transmogrifier, an ingenious device that could turn one thing into another with a quick "ZAP!" Evan Booth explains how his adventures in real-world transmogrification have shaped his perspective on open source hardware, manufacturing, and finding potential in the unremarkable.
Windows 10 now includes the Windows Subsystem for Linux (WSL), which runs native, unmodified Linux binaries directly on Windows. Rich Turner discusses why, how, and what Microsoft built and shares what's coming next.
The necessary cultural shift that accompanies the move from monolithic application to microservices is often overlooked and can topple the best-laid plans. CJ Johnson discusses the behaviors, mindset, and messaging necessary to effect a social change across an organization.
What happens when you take the index out of the database and make it a separate application—perhaps one that is distributed, scalable, and takes full advantage of modern, multicore, high-memory hardware? Matthew Jaffee has spent the past few years finding out. He shares fruits of his labor: Pilosa, an open source distributed, sparse bitmap index.
Angie Jones explains how to combine multiple open source test automation tools to architect a hybrid framework that supports UI, web services, and BDD automation efforts. Along the way, Angie covers design techniques to ensure your automation framework is extendable and maintainable and easily allows for contributions even from less technical team members.
The time has come for network engineers and operators to prepare for the unique challenges brought on by cloud-native applications. Lee Calcote walks you through the different types of container connectivity options available, exploring their specific function (when they should be used) and comparing their performance characteristics.
The Paved Road, a concept formalizing a set of expectations and commitments between centralized and local teams, is absolutely critical to Netflix's culture of freedom and responsibility. Dianne Marsh shares how Netflix uses this promised path of well-integrated, supported tools toward its polyglot strategy, creating boundaries so that the company can provide value without being overwhelmed.
Ying Xiong discusses the fast-growing open source market in China, exploring the role Huawei plays in China's open source software industry, developer community engagement, and Huawei’s continuous commitment to open source strategy and growing contribution to various open source technologies.
Zuul, a gateway service created by Netflix, can be used for dynamic routing, security, throttling, and more—all done using Zuul filters. Spencer Gibb explores Zuul via Spring Boot and Spring Cloud, explaining how to write custom Zuul filters for route selection, routing, security, and transformation.
The telecommunications industry's major network operators and vendors have not traditionally engaged with open source. Now, under pressure to transform their networks to support mobile devices and the demand for video, this is changing. William Snow tells the story of how Open Networking Laboratory has transformed the industry through open source and where the industry is headed using open source.
Have you ever looked at a beautiful website and said, “Huh?" You can incorporate the latest JS framework and the best CSS, excel in accessibility, and make your website as beautiful as a Rembrandt, but websites with walls of text will still drive users away. Mike Jang explains that to keep your users happy you need excellent UI text, also known as microcopy.
We all know that performance is a critical factor in the success of applications and websites. In many cases, you can make vast improvements to the end-user experience of your application by focusing on some very basic application delivery techniques. Kevin Jones shares techniques utilizing cache features included in NGINX that can help users see better performance.
Contributing to open source has been the cornerstone of Zaheda Bhorat's career in tech—she has been an active champion of open source and the community for over 17 years. Zaheda talks about open source at Amazon Web Services (AWS) and takes you through some of the highlights of her journey to AWS.
User story mapping gives you strategies to view features alongside the problems they solve, allowing you to prioritize features regardless of your technical expertise. Emily Stamey walks you through user story mapping, teaching you how to plan your project as if it were a vehicle and deliver the most valuable features to the customer by answering the question, "What’s your skateboard?"
Much of the conversation about containers these days has shifted to container automation using powerful orchestration tools, such as Kubernetes and Docker Swarm. Vincent Batts discusses the evolution of various container runtimes and interoperability and explores the current state of container standards, as well as where and how containers will continue to innovate.
Open source isn’t winning; it’s won. In the last decade, there's been an incredible explosion in open source software. Massive projects have been developed in the open, on open operating systems, using open languages and compilers. But, Christopher Aedo asks, was all the infrastructure open as well?
Open source maintainers and users aren't always sure how best to make their projects successful. Mike McQuaid explains how to encourage and increase participation in your open source project. Never worked on open source before? Join in to learn how to work your way up to becoming a maintainer.
The industry has forgotten that no matter how many clouds we use, software runs on hardware—and the abstraction gap is growing. Andrey Sibiryov explores the relationship between modern computers and wishful thinking in software engineering and performance and explains why being mindful about hardware is important.
Sean Mackrory offers an overview of and best practices for filesystems in public cloud infrastructures as they relate to traditional filesystems. Many of the examples will relate to Hadoop, namely moving from HDFS to S3.
Everyone thinks they know bash if they can type a few commands. Hey, you don’t know bash! Carl Albing leads a fast-paced tour of some of the newest features and most useful idioms in bash—the shell everyone needs to know—for better scripting, faster sysadmin-ing, and everyday work in open source development.