Engineer for the future of Cloud
June 10-13, 2019
San Jose, CA

230 B
Add Data-corrupting architectures we know and love to your personal schedule
1:25pm Data-corrupting architectures we know and love Sean Allen (Wallaroo Labs)
Add Schema evolution patterns to your personal schedule
4:45pm Schema evolution patterns Alex Rasmussen (Bits on Disk)
LL20 A/B
Add Kubernetes APIs under the hood to your personal schedule
11:35am Kubernetes APIs under the hood Phillip Wittrock (Google)
Add Lessons from hacking Kubernetes with kube-hunter to your personal schedule
2:20pm Lessons from hacking Kubernetes with kube-hunter Liz Rice (Aqua Security)
LL21 A/B
Add Serving billions of Instagram users efficiently to your personal schedule
3:50pm Serving billions of Instagram users efficiently Guilin Chen (Facebook), Shobhit Kanaujia (Facebook)
LL21 C/D
Add This should be faster; what's going on? to your personal schedule
2:20pm This should be faster; what's going on? Andre Henry (Venmo)
LL21 E/F
Add X.509 certificate management with Vault to your personal schedule
1:25pm X.509 certificate management with Vault Christie Koehler (HashiCorp)
Add Containers can actually improve your security story to your personal schedule
2:20pm Containers can actually improve your security story Maya Kaczorowski (Google)
Add Crafty requests: Deep dive into a Kubernetes CVE to your personal schedule
3:50pm Crafty requests: Deep dive into a Kubernetes CVE Ian Coldwater (Independent)
Add Securing services using SSO to your personal schedule
4:45pm Securing services using SSO Shraya Ramani (Buzzfeed)
Expo Session
Add Use of self-healing techniques and failure injections to build a reliable service at Adobe to your personal schedule
2:20pm Use of self-healing techniques and failure injections to build a reliable service at Adobe Nicolas Brousse (Adobe), Oleksii Mykhailov (Adobe)
LL20 C
Add 50 shades of serverless security (sponsored by Oracle Cloud Infrastructure) to your personal schedule
11:35am 50 shades of serverless security (sponsored by Oracle Cloud Infrastructure) Karthik Gaekwad (Oracle Cloud Infrastructure ), James Wickett (Verica)
LL20 D
Add The telemetry data revolution at Microsoft (sponsored by Microsoft) to your personal schedule
11:35am The telemetry data revolution at Microsoft (sponsored by Microsoft) Yoni Leibowitz (Microsoft ), Sasha Rosenbaum (Microsoft)
Add 25 billion transactions and counting: How Dell manages application performance at scale (sponsored by Riverbed) to your personal schedule
1:25pm 25 billion transactions and counting: How Dell manages application performance at scale (sponsored by Riverbed) Jon Hodgson (Riverbed), Jeremy Tupa (Dell), Marcelo Soares (Dell)
Add Wednesday opening welcome to your personal schedule
Grand Ballroom 220
9:00am Wednesday opening welcome Nikki McDonald (O’Reilly Media), James Turnbull (Microsoft), Ines Sombra (Fastly)
Add Building a cloud ecosystem at Apple to your personal schedule
9:05am Building a cloud ecosystem at Apple Julie Horvath (Apple)
Add From puzzles to products to your personal schedule
9:30am From puzzles to products Jessica Kerr (Atomist)
Add Community projects inform enterprise products (sponsored by Microsoft Azure) to your personal schedule
9:50am Community projects inform enterprise products (sponsored by Microsoft Azure) Lachlan Evenson (Microsoft), Bridget Kromhout (Microsoft)
Add Keynote by Nora Jones to your personal schedule
9:55am Keynote by Nora Jones Nora Jones (Slack)
Add The SRE I aspire to be to your personal schedule
10:15am The SRE I aspire to be Yaniv Aknin (Google Cloud)
7:30am
11:00am Morning Break (sponsored by Verizon Digital Media Services) | Room: Expo Hall
Add Better Together Diversity Networking Lunch to your personal schedule
12:15pm Better Together Diversity Networking Lunch | Room: Almaden Ballroom, Hilton Hotel
3:00pm Afternoon Break (sponsored by Microsoft) | Room: Expo Hall
Add Expo Hall Reception to your personal schedule
5:25pm Event Expo Hall Reception | Room: Expo Hall
8:00am Morning Coffee | Room: Grand Ballroom Foyer
Add Wednesday Speed Networking to your personal schedule
8:15am Wednesday Speed Networking | Room: Grand Ballroom Foyer
8:45am space saver
Add The O'Reilly 5K Fun Run/Walk  to your personal schedule
6:30am The O'Reilly 5K Fun Run/Walk | Room: Start/Finish at SJCC
2:05pm (session transition) | Room: Hallway
4:30pm (session transition) | Room: Hallway
Add Night at The Tech (cosponsored by NS1 and O'Reilly) to your personal schedule
6:45pm Night at The Tech (cosponsored by NS1 and O'Reilly) | Room: The Tech Museum of Innovation
11:35am-12:15pm (40m) Distributed Data
Improving reliability of your distributed data store
Mehant Baid (Dropbox)
Mehant Baid covers the challenges Dropbox faced while running Edgestore—a low-latency, distributed data store that serves 10 million requests per second. He shares the technical and cultural changes Dropbox adopted that enabled the company to consistently hit its service level objectives.
1:25pm-2:05pm (40m) Distributed Data
Data-corrupting architectures we know and love
Sean Allen (Wallaroo Labs)
If we can't seem to get single-process shared data access right, Sean Allen asks, what chance do we have when we use distributed state?
2:20pm-3:00pm (40m) Distributed Data
Data modeling in the 24th and a half century with Apache Cassandra
Amanda Moran (DataStax)
The future is here and the future needs more than your basic relational databases. Amanda Moran explains Apache Cassandra data modeling, how to do it right, and how you can be successful with cloud native distributed databases by avoiding common mistakes.
3:50pm-4:30pm (40m) Distributed Data
Monitor disk space and other ways to keep Apache Kafka happy
Gwen Shapira (Confluent)
After five years of helping hundreds of customers use Apache Kafka, you've seen it all. Gwen Shapira provides an overview of the most common ways Apache Kafka users manage to cause downtime and lose data. And how to avoid them.
4:45pm-5:25pm (40m) Distributed Data
Schema evolution patterns
Alex Rasmussen (Bits on Disk)
Alex Rasmussen explores different categorical solutions to the problem of schema evolution—what happens when the structure of your structured data or API payload changes—and the trade-offs associated with each solution.
11:35am-12:15pm (40m) Kubernetes
Kubernetes APIs under the hood
Phillip Wittrock (Google)
Kubernetes provides a powerful set of APIs and abstractions for building distributed systems, and it provides users with the ability to build and install their own extension APIs alongside the core APIs. Phillip Wittrock covers how core Kubernetes APIs are designed and built and teaches the basics of writing an installable custom Kubernetes API.
1:25pm-2:05pm (40m) Kubernetes
Water, water, everywhere: Making Kubernetes audit logs potable
Kate Kuchin (VMware)
Kate Kuchin goes over what Kubernetes audit logging is, how to configure it on your cluster, and how to make sense of the data once you have it configured.
2:20pm-3:00pm (40m) Kubernetes
Lessons from hacking Kubernetes with kube-hunter
Liz Rice (Aqua Security)
Kube-hunter is an open source penetration testing tool for checking the security of your Kubernetes cluster. Liz Rice explores how kube-hunter finds problems and misconfigurations and shares lessons on securing your cluster learned as a result.
3:50pm-4:30pm (40m) Kubernetes
Sharing is caring: Your Kubernetes cluster, namespaces, and you
Amy Chen (VMware)
As the number of teams, clusters, and namespaces grows within an organization, it becomes increasingly difficult to maintain any kind of coherence. Amy Chen discusses how, by aligning identity, resource limits, and your application’s security posture, cluster operators can get more organizational mileage out of Kubernetes namespaces.
4:45pm-5:25pm (40m) Kubernetes
Kubernetes is still hard for app developers; let’s fix that
Aaron Schlesinger (Microsoft)
Aaron Schlesinger dives into case studies on why and how it's hard for app developers to adopt Kubernetes. He walks you through the tools to make the transition easier, providing a holistic view of how to fit everything together to make Kubernetes easier for teams. You'll leave with what you need to get your teams started with or improve your team’s productivity on Kubernetes.
11:35am-12:15pm (40m) Monitoring, Observability, and Performance
eBPF-powered distributed Kubernetes performance analysis
Lorenzo Fontana (Sysdig)
The extended Berkeley Packet Filter (eBPF) ecosystem can be hard to wrap your mind around. Lorenzo Fontana is here to help you understand it while applying eBPF programs to nodes and resources of a Kubernetes cluster.
1:25pm-2:05pm (40m) Monitoring, Observability, and Performance
Clarity and confidence: Observability on the New York Times games team
Darren McCleary (The New York Times)
The mantra with Git is "commit early, commit often." With deep insight into your applications, you can deploy early and deploy often. Darren McCleary explores how the New York Times games team fearlessly pushes changes to production and monitors its impact for 400,000+ crossword subscribers and how the team rapidly drills into issues when they occur.
2:20pm-3:00pm (40m) Monitoring, Observability, and Performance
Observability for developers: How to get from here to there
Christine Yen (Honeycomb)
Observability may be the hot new thing, but for many devs, it's unclear how to gracefully get from where they are now (searching across logs or using canned APM tools) to debugging production with ease. Christine Yen makes the case that observability can be more valuable to devs than ops, and she lays out a series of practical steps to up-level a team's ability to ask questions of production.
3:50pm-4:30pm (40m) Monitoring, Observability, and Performance
Serving billions of Instagram users efficiently
Guilin Chen (Facebook), Shobhit Kanaujia (Facebook)
Instagram is widely used across the world and serves billions of users every day. Guilin Chen and Shobhit Kanaujia pull back the curtain on how Facebook operates Instagram efficiently at scale.
4:45pm-5:25pm (40m) Monitoring, Observability, and Performance
Extracting signal: Fast traffic analysis and smart aggregation in global edge networks
Shannon Weyrick (NS1), Clare Gollnick (NS1)
Many platforms require a deep understanding of client traffic. But efficiently divining the desired signal from the continuous stream of traffic in at-scale edge networks is an enormous challenge. Shannon Weyrick and Clare Gollnick discuss strategy and technology for analysis and aggregation at the edge, plus centralized collection, all based on real-world use cases.
11:35am-12:15pm (40m) Building Resilient Systems
Before, during, and after chaos: Creating foresight through a cyclic approach
Nora Jones (Slack)
There are key components of chaos engineering beyond building platforms for testing resilience and running game days, which can't be detected by your code. Nora Jones shares three phases to focus individualized attention and forethought on when considering chaos experiments, with a special focus on the time before and after the experiment.
1:25pm-2:05pm (40m) Building Resilient Systems
How Stripe invests in technical infrastructure
Will Larson (Stripe)
Will Larson explores how Stripe has evolved its approach to prioritizing technical infrastructure as the company grew from two founders to millions of users and 1,300+ employees.
2:20pm-3:00pm (40m) Building Resilient Systems
This should be faster; what's going on?
Andre Henry (Venmo)
Software and applications run on a real physical network. Trying to deliver packets across the data center or around the world can pose unique challenges depending on the application and performance requirements because modern networks are a complicated mix of technologies. André Henry explores the sources of latency on the network and explains how to mitigate them.
3:50pm-4:30pm (40m) Building Resilient Systems
Chaos breeding confidence: Broader implications of chaos engineering
Patrick Higgins (Gremlin)
Chaos engineering provides a mechanism for us to discover vulnerabilities in our infrastructure and applications by proactively seeking it out. While this is a great starting point, Patrick Higgins shares how you can apply its practices to holistically enhance the resilience of your organizations and products.
4:45pm-5:25pm (40m) Building Resilient Systems
Everything is a little bit broken; or, The illusion of control
Heidi Waterhouse (LaunchDarkly)
Heidi Waterhouse explains how to handle uncertainty by adding in error budgets, layered access, and other accommodations for failure and for designing your systems for function over form or purity.
11:35am-12:15pm (40m) Building Secure Systems
Intro to Kubernetes security; or, Taming the Great Spaghetti Monster
Kat Fitzgerald (Uber ATG)
Kat Fitzgerald walks you through building and maintaining a secure Kubernetes environment.
1:25pm-2:05pm (40m) Building Secure Systems
X.509 certificate management with Vault
Christie Koehler (HashiCorp)
Vault provides a central place to secure, store, and control access to tokens, passwords, certificates, and encryption keys. Applications don’t keep secrets, and secrets are often shared among different applications. Christie Koehler looks at practical public key certificate management with Vault, which uses a dynamic secrets approach.
2:20pm-3:00pm (40m) Containers, Kubernetes, and Microservices
Containers can actually improve your security story
Maya Kaczorowski (Google)
Maya Kaczorowski explores how containers offer a fundamentally different, possibly better, security model than you're used to. They enable you to patch your environment more easily, identify when you're affected by a new vulnerability, and enforce governance for what is deployed in your environment.
3:50pm-4:30pm (40m) Building Secure Systems
Crafty requests: Deep dive into a Kubernetes CVE
Ian Coldwater (Independent)
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? Ian Coldwater takes a deep dive into the exploit to explain the risks and gives you practical advice about how to protect your clusters.
4:45pm-5:25pm (40m) Building Secure Systems
Securing services using SSO
Shraya Ramani (Buzzfeed)
As BuzzFeed transitioned to microservices, it needed to secure a growing number of internal tools. BuzzFeed's first solution was an open source auth service deployed in front of each app, but this approach had a number of scaling issues. Shraya Ramani discusses SSO, BuzzFeed's open source, homegrown, centralized solution which elegantly solved this problem.
11:00am-11:45am (45m) Overcoming Obstacles: Lessons in Resilience
Service mesh: A new pattern, not a new technology
Vendors are trying to frame mesh as a new technology. However, just microservices are a pattern, not a specific technology, a service mesh is a new way to deploy features that were previously the domain of API management. Marco Palladino discusses the architectural pattern of the service mesh, the reasons for its emergence, and the technical requirements for meshes.
1:25pm-2:10pm (45m) Overcoming Obstacles: Lessons in Resilience
How did things go right: Learning more from incidents
Ryan Kitchens (Netflix)
Join Ryan Kitchens for an introduction to Safety-II concepts that will help move the industry forward, increasing the opportunity for learning from success with some fundamental and practical ways that get us from "Why did things go wrong?" to "How did things go right?"
2:20pm-3:05pm (45m) Overcoming Obstacles: Lessons in Resilience
Use of self-healing techniques and failure injections to build a reliable service at Adobe
Nicolas Brousse (Adobe), Oleksii Mykhailov (Adobe)
Nicolas Brousse and Oleksii Mykhailov found a distributed infrastructure that leverages public cloud providers and a private cloud with open infrastructure can deliver dynamic advertising content with low latency, preserving its high availability in an award-winning paper. Join them as they present their techniques and demonstrate how to design an ad-serving service that is resilient to failure.
3:50pm-4:35pm (45m) Overcoming Obstacles: Lessons in Resilience
Two hearts, one mind: Delivering the same platform to SaaS and on-premises
Renee Orser (NS1)
NS1 first developed and operated a SaaS DNS platform, then shifted to releasing versioned software for on-prem use of its DNS products. Renee Orser shares the many lessons learned, including the relationship between system architecture and organizational design, while the team managed the challenges brought by diversification of a single platform across a suite of deployment models.
4:50pm-5:35pm (45m) Overcoming Obstacles: Lessons in Resilience
In search of domain-driven design
As one of the key drivers, an architect must be able to answer to any questions coming from developers, business analysts, and even Scrum Masters. Anuar Nurmakanov shares a journey using DDD and the many problems they faced. He shows what an architect can do to influence a team to start and keep using DDD even if facing obstacles and problems. Real life experience from the trenches.
11:35am-12:15pm (40m)
50 shades of serverless security (sponsored by Oracle Cloud Infrastructure)
Karthik Gaekwad (Oracle Cloud Infrastructure ), James Wickett (Verica)
Karthik Gaekwad and James Wickett walk you through security strategies and pitfalls with a serverless lens. You'll leave with a solid understanding of how to approach security conversations about serverless applications in the enterprise.
1:25pm-2:05pm (40m) Sponsored
Continuous load testing: A journey to performance at scale (sponsored by Tricentis)
Kevin Dunne (Tricentis)
Applications are subject to intense scrutiny over their performance with research showing more than one-third of users will leave an app and never return if performance is not satisfactory. Whether you're just getting stated with your journey or looking to take your performance testing to the next level, you won't want to miss Kevin Dunne highlighting all of the latest tips and tricks.
2:20pm-3:00pm (40m) Sponsored
Overcoming tomorrow's operational challenges with AIOps (sponsored by Moogsoft)
Richard Whitehead (Moogsoft)
Artificial intelligence for IT operations (AIOps) breaks the traditional, bottom-up, rules-driven approach to incident management. Using AIOps, you can improve customer service, lower operational costs, and boost productivity. Richard Whitehead explores how AIOps is capable of delivering continuous service assurance.
3:50pm-4:30pm (40m) Sponsored
Kick-starting a culture of observability and data-driven DevOps (sponsored by SignalFx)
Rajesh Raman (SignalFx)
Rajesh Raman dives deep into the practice of observability, demonstrating how a more analytics-driven approach to metrics, traces, and other monitoring signals improves observability. You'll learn a framework for kick-starting a culture of observability in your organization, informed by Rajesh's experience building and deploying observability tools at SignalFx.
11:35am-12:15pm (40m) Sponsored
The telemetry data revolution at Microsoft (sponsored by Microsoft)
Yoni Leibowitz (Microsoft ), Sasha Rosenbaum (Microsoft)
Interested in becoming more data driven and empowering your peers and coworkers with insights and data? Yoni Leibowitz and Sasha Rosenbaum share how Microsoft has been constantly transforming its engineering, support, finance, and marketing work via new tech for data-driven decisions.
1:25pm-2:05pm (40m) Sponsored
25 billion transactions and counting: How Dell manages application performance at scale (sponsored by Riverbed)
Jon Hodgson (Riverbed), Jeremy Tupa (Dell), Marcelo Soares (Dell)
The scale of cloud native environments can be overwhelming. How do you employ cutting-edge technology to ensure the best app performance for customers executing thousands or even billions of transactions a day? Jon Hodgson, Jeremy Tupa, and Marcelo Soares share practical advice you can apply to your own environment, whether large or small.
2:20pm-3:00pm (40m) Sponsored
Identity is the new security perimeter (sponsored by Aporeto)
Dimitri Stiliadis (Aporeto)
Application delivery now spans a range of technologies and deployment models: virtual machines (VMs), containers, serverless functions. Protecting these environments efficiently and minimizing errors is challenging unless your security is based on application identity and verifiable policies. Dimitri Stiliadis explains how to achieve robust security with end-to-end auth n, auth z, and encryption.
9:00am-9:05am (5m)
Wednesday opening welcome
Nikki McDonald (O’Reilly Media), James Turnbull (Microsoft), Ines Sombra (Fastly)
Program chairs Nikki McDonald, James Turnbull, and Ines Sombra open the first day of keynotes.
9:05am-9:25am (20m)
Building a cloud ecosystem at Apple
Julie Horvath (Apple)
Julie Horvath walks you through what Apple's team has learned throughout building and scaling cloud infrastructure services like elastic compute, Spark as a service, data storage, queues, and search and how Apple's knowledge can benefit other teams who are just getting started.
9:25am-9:30am (5m) Sponsored
Which edge do you need: Managing multiple edges to deliver the next industrial revolution (sponsored by Verizon Digital Media Services)
Dave Andrews (Verizon Digital Media Services)
Dave Andrews sheds light on how the edge landscape has been—and is still—evolving with a look at the new class of low-latency/high-bandwidth application domains and how Verizon Digital Media Services is helping to deliver this to its customers.
9:30am-9:50am (20m)
From puzzles to products
Jessica Kerr (Atomist)
Jess Kerr argues that most programming careers aren't about writing software; they're about changing it. With this distinction, she'll share some things about reuse, delivery, quality, and how to grow as a programmer.
9:50am-9:55am (5m)
Community projects inform enterprise products (sponsored by Microsoft Azure)
Lachlan Evenson (Microsoft), Bridget Kromhout (Microsoft)
Lachlan Evenson and Bridget Kromhout discuss Microsoft's journey to build Kubernetes policy controller Gatekeeper in the open and explain how the tool helped inform how an enterprise offering on Azure. Join in for pragmatic tips on how to effectively contribute to and use open source tools.
9:55am-10:15am (20m)
Keynote by Nora Jones
Nora Jones (Slack)
Details to come.
10:15am-10:35am (20m)
The SRE I aspire to be
Yaniv Aknin (Google Cloud)
Yaniv Aknin dives into the secret sauce for a successful SRE organization: high-quality measurements of reliability. He explains why measuring reliability is crucial (and why it’s so hard), shares a couple of tips for getting it right, and explores why it’s the key differentiator between SRE and DevOps.
10:35am-10:55am (20m)
Channel into the universe of eventually perfect distributed systems
Lena Hall (Microsoft)
Lena Hall takes you on an adventure into the multifaceted universe of ever-changing distributed systems.
7:30am-8:00am (30m)
Plenary
11:00am-11:35am (35m)
Break: Morning Break (sponsored by Verizon Digital Media Services)
12:15pm-1:25pm (1h 10m)
Lunch (sponsored by Oracle Infrastructure) and Wednesday Topic Tables
Join other attendees during lunch at Velocity to share ideas, talk about the issues of the day, and maybe solve a few problems. If you aren’t sure which topic to pick, don’t worry—it's not a long-term commitment. Try two or three, and settle on a different one tomorrow.
12:15pm-1:25pm (1h 10m)
Better Together Diversity Networking Lunch
If you’d like to make new professional connections and hear ideas for supporting diversity in the tech community, come to the diversity and inclusion networking lunch on Wednesday.
3:00pm-3:50pm (50m)
Break: Afternoon Break (sponsored by Microsoft)
5:25pm-6:35pm (1h 10m)
Expo Hall Reception
Join us in the Expo Hall for drinks and food at the Velocity Expo Hall Reception. This will be your first opportunity to network with other attendees, so don’t miss out.
8:00am-9:00am (1h)
Break: Morning Coffee
8:15am-8:45am (30m)
Wednesday Speed Networking
Jumpstart your networking at Velocity by coming to Speed Networking before the keynotes begin. Bring your business cards and prepare a minute of chitchat about yourself, your projects, and your interests.
8:45am-9:00am (15m)
Plenary: space saver
6:30am-7:30am (1h)
The O'Reilly 5K Fun Run/Walk
Join us for the O'Reilly 5K Fun Run/Walk! You don’t have to be a serious runner. We encourage you to go at your own pace and stop to take in views of San Jose.
2:05pm-2:20pm (15m)
Break: (session transition)
4:30pm-4:45pm (15m)
Break: (session transition)
6:45pm-9:00pm (2h 15m)
Night at The Tech (cosponsored by NS1 and O'Reilly)
Join us at The Tech to enjoy the best of local food, drink, and entertainment and have a chance to win amazing prizes. Attendees of both Velocity and Software Architecture are invited, so you'll have the opportunity to network with everyone.