Engineer for the future of Cloud
June 10-13, 2019
San Jose, CA

Presentations

Abby Fuller (Amazon Web Services)
Firecracker is a new open-source virtualization technology for secure, multi-tenant, low-overhead workloads. In this session, we'll talk about why we built it (and how we designed it) and how we use it as a building block for services like Lambda and Fargate. Plus, how can use it yourself!
Isobel Redelmeier (LightStep)
Learn how to leverage observability to tackle distributed system problems.
Seth Vargo (Google)
Attendees will learn techniques for securing Kubernetes secrets including encryption, KMS plugins, and tools like HashiCorp Vault, and the tradeoffs of each approach to better secure their clusters.
Nora Jones (Slack)
Beyond building platforms for testing resilience and running “gamedays”, there are key components that building code to inject failure and latency cannot detect for us: understanding the concerns, ideas, and mental models of how the system is structured for each individual, and learning about what our organizations are “good” at along the way in terms of both technical and human resilience.
If you’d like to make new professional connections and hear ideas for supporting diversity in the tech community, come to the diversity and inclusion networking lunch on Wednesday.
Streaming live video at low latency with user-interaction laid on top is hard, but it's about to get a lot easier with standards-based approaches and existing network technology.
Ruth Yakubu (Microsoft)
In this session, we will explore end-to-end serverless scenario on Microsoft Azure Functions, Azure Cosmos DB, and Event Grid.
Sébastien Goasguen (TriggerMesh)
Can you develop and maintain applications using Kubernetes? That’s the question more employers are asking these days. Take the next step in your career by becoming a Certified Kubernetes Application Developer. You get a full day of test prep from O’Reilly’s top Kubernetes trainer and the opportunity to take the exam onsite, leaving an official Certified Kubernetes Application Developer.
Can you develop and maintain applications using Kubernetes? That’s the question more employers are asking these days. Take the next step in your career by becoming a Certified Kubernetes Application Developer. You get a full day of test prep from O’Reilly’s top Kubernetes trainer and the opportunity to take the exam onsite, leaving an official Certified Kubernetes Application Developer.
Lena Hall (Microsoft)
Join Lena Hall on an adventure into the multifaceted universe of ever-changing distributed systems.
Patrick Higgins (Gremlin)
Chaos engineering provides a mechanism for us to discover vulnerabilities in our infrastructure and applications by proactively seeking it out. While this is a great starting point, its practices can also be applied broadly to holistically enhance the resilience of your organizations and products.
Tammy Butow (Gremlin)
This talk will share how you can accelerate your understanding of how your network can break (packet loss, blackhole attacks, latency injection, and packet corruption) and impact your services.
Neil Peterson (Microsoft)
This workshop will walk through methods for deploying cloud infrastructure with Terraform including through a modern CI/CD pipeline.
Alex Chen (Alibaba Cloud)
More than $30.5 Billion of goods sold in one day, through one platform, over 180 thousand brand, with Peak message request 1.72 billion per sec – we shall explore together what is the Cloud Storage infrastructure supporting this level of Data Velocity, Variety and Volume.
Maya Kaczorowski (Google)
Containers offer a fundamentally different, possibly better security model than you're used to - they enable you to patch your environment more easily, identify when you're affected by a new vulnerability, and enforce governance for what is deployed in your environment.
Ian Coldwater (Independent)
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? This deep dive and live exploit demo will explain the risks and give you practical advice about how to protect your clusters.
Liz Fong-Jones (Honeycomb)
In this talk, you'll learn about several practices core to production excellence: giving everyone a stake in production, collaborating to ensure observability, measuring with Service Level Objectives, and prioritizing improvements using risk analysis.
Sean T. Allen (Wallaroo Labs)
We can't seem to get single-process shared data access right, what chance do we have when we use distributed state?
Amanda Moran (DataStax)
This talk will focus on Apache Cassandra data modeling, how to do it right, and how to be successful with cloud-native distributed databases by avoiding common mistakes.
April Wright (Architect Security, Inc.)
This talk explores the possible ramifications of deepfakes, from privacy violations to personal and professional embarrassment to causing global thermo-nuclear war, and considers what can be done to protect ourselves and emphasize the need for remaining critical of what we see as this technology gets better and better.
Priyanka Sharma (GitLab), Sébastien Goasguen (TriggerMesh)
We will walk the audience through how they can deploy serverless functions to any cloud provider of choice breaking the shackles of vendor lock-in.
Lorenzo Fontana (InfluxData)
Understanding the eBPF ecosystem is hard, this talk is here to help understanding it while applying eBPF programs to nodes and resources of a Kubernetes cluster.
Heidi Waterhouse (LaunchDarkly)
We handle uncertainty by adding in error budgets, layered access, and other accommodations for failure and for designing our systems for function over form or purity.
Join us in the Expo Hall for drinks and food at the Velocity Expo Hall Reception. This will be your first opportunity to network with other attendees, so don’t miss out.
Many platforms - especially those with multiple points of global presence - require a deep understanding of client traffic. But efficiently divining the desired signal from the continuous stream of traffic in at-scale edge networks is an enormous challenge. We discuss strategy and technology for analysis and aggregation at the edge, plus centralized collection, all based on real world use cases.
William Pressly (Verizon Digital Media Services)
Designed for those interested in developing more performant applications at the edge of the network, the tutorial will provide an overview of Verizon Digital Media’s Function-As-A-Service platform, which will enable developers to run code at the network edge for richer, more personalized user experiences at ultra-low latency. Attendees will then participate in a FaaS hackathon using our platform.
Russ Miles (ChaosIQ)
In this course Russ Miles, CEO of ChaosIQ, will dive into Chaos Engineering so that you can build confidence in your systems behaviour and identify weaknesses before they happen!
In this course Russ Miles, CEO of ChaosIQ, will dive into Chaos Engineering so that you can build confidence in your systems behaviour and identify weaknesses before they happen!
Patrick Meenan (Cloudflare)
Learn how HTTP/2 prioritization is effectively broken in most deployments as well as how to detect, debug and fix the issues.
Jessica Kerr (Atomist)
Jess argues that most programming careers aren't about writing software: they're about changing it. With this distinction, we can say some things about reuse, delivery, quality, and how to grow as a programmer.
Michael Kehoe (LinkedIn)
This is going to be a get-up-and-running tutorial on what is eBPF, how it works, how to use it and how to program against it. There will be a set of labs to accompany the tutorial and plenty of pre-read material to get everyone up-to-speed.
Nivia Henry (Spotify)
Machine Learning bias comes from our lack of understanding our own. This session puts that into focus and offers practical solutions to mitigate such biases.
Learn how to use threat modeling as technique to integrate security in the DevOps workflow, introduce "threat modeling as code" and build a security culture in your organization.
Learn how to use threat modeling as technique to integrate security in the DevOps workflow, introduce "threat modeling as code" and build a security culture in your organization.
Beth Long (New Relic)
We fret about how to break system knowledge out of "knowledge silos" -- the expert individuals with a deep intuitive understanding of our complex systems. Those experts represent both a vulnerability and a strength, and understanding them as a key mechanism in our larger systems will help us harness their power and protect against fragility.
Tim Bonci (Vistaprint)
We're going to automate all the things, reduce toil, make our systems smarter and recover automatically, except sometimes you're automating a house of cards built on the back of individual people and a well-meaning solution can fail to address the true problems in the system.
Daniel Hochman (Lyft), Jose Nino (Lyft)
Learn how Lyft migrated from a legacy monolithic application to over 300 microservices while keeping drivers, passengers, and developers happy.
Will Larson (Stripe)
Learn how Stripe has evolved their approach to prioritizing technical infrastructure as they grew from two founders to millions of users and 1,300+ employees.
David Aronchick (Microsoft)
Using Kubernetes and Kubeflow, we will show how every company, no matter how technical, can use sophisticated machine learning solutions to transform their businesses, while taking advantage of the reliability and portability that Cloud Native Applications can provide.
John Voorhees (Primitive)
Using Virtual Reality to connect developers in a spatial representation of code.
Mehant Baid (Dropbox)
This talk will cover the challenges we faced while running Edgestore - a low latency, distributed data store at Dropbox that serves 10 million requests per second. We will share the technical and cultural changes we adopted that enabled us to consistently hit our service level objectives.
Dave Hahn (Netflix)
Netflix — as a service and a system — goes through an enormous amount of change all the time. The overwhelming majority of these changes go well and unnoticed; a notable few don't. What systems & practices does Netflix use to prepare for those inevitable few? This talk begins with a story.
Kat Fitzgerald (Zebra Technologies)
Building and maintaining a secure Kubernetes environment
Zack Bloom (Cloudflare)
The technology invented for web browsers is a much better way of running serverless code than traditional processes and containers, let me show you why.
Julie Horvath (Apple)
Details to come.
More keynotes to come.
More keynotes to come.
Phillip Wittrock (Google)
Attendees will learn the fundamentals behind Kubernetes APIs and build their own Kubernetes extension API.
Jérôme Petazzoni (ENIX SAS)
Kubernetes has the reputation of being hard to set up and operate. Many cloud and service providers make it easier by offering managed clusters. But even then, the day-to-day maintenance and exploitation of Kubernetes require specialized skills. In this hands-on tutorial, you will learn how to set up, operate, and maintain production Kubernetes clusters.
Kubernetes has the reputation of being hard to set up and operate. Many cloud and service providers make it easier by offering managed clusters. But even then, the day-to-day maintenance and exploitation of Kubernetes require specialized skills. In this hands-on tutorial, you will learn how to set up, operate, and maintain production Kubernetes clusters.
Aaron Schlesinger (Microsoft)
In this talk, I’ll show several case studies on why and how it’s hard for app developers to adopt Kubernetes. I’ll then show tools that make the transition easier and wrap up with a holistic view of how to fit everything together to make Kubernetes easier for teams. The audience will leave with what they need to get their teams onto, or improve their team’s productivity on Kubernetes.
Kyle Anderson (Yelp)
Are we building the right abstraction layers? How would we know? Let's look at the past, present and future of the abstraction layers we have built as an industry and see if we can build some opinions.
Alex Elman (Indeed)
A site-wide outage was used as an opportunity build resilience, improve reliability, and make lasting improvements to our engineering culture.
Liz Rice (Aqua Security)
Kube-hunter is an open source penetration testing tool for checking the security of your Kubernetes cluster. In this talk we'll explore how kube-hunter finds problems and mis-configurations, and some lessons you can learn for securing your cluster as a result.
Laura Maguire (The Ohio State University)
DevOps squads coordinate in almost every aspect of their work but this talk will explore how high performing teams responding to service outages demonstrate sophisticated, nuanced practices that ease the cognitive burden of coping with complex, time pressured incidents.
Join other attendees during lunch at Velocity to share ideas, talk about the issues of the day, and maybe solve a few problems. If you aren’t sure which topic to pick, don’t worry—it's not a long-term commitment. Try two or three, and settle on a different one tomorrow.
Join other attendees during lunch at Velocity to share ideas, talk about the issues of the day, and maybe solve a few problems. If you aren’t sure which topic to pick, don’t worry—it's not a long-term commitment. Try two or three, and settle on a different one tomorrow.
Ryan Kitchens (Netflix), Lorin Hochstein (Netflix), Nora Jones (Slack)
This incident management workshop will explore effective approaches and techniques that help us dive deep and build capacity to encounter failure and manage the consequences of failure successfully.
Uma Chingunde (Stripe)
Talk focusing on career planning and strategy for mid-career technologists
Ignite is happening at Velocity on Tuesday, June 11. Join us for a fun, high-energy evening of five-minute talks—all aspiring to live up to the Ignite motto: Enlighten us, but make it quick.
Christine Yen (Honeycomb)
Observability may be the hot new thing, but for many devs, it's unclear how to gracefully get from where they are now (searching across logs or using canned APM tools) to debugging production with ease. This talk will make the case that observability can be *more* valuable to devs than ops, and will lay out a series of practical steps to uplevel a team's ability to ask questions of production.
Jeremy Rickard (Microsoft), Carolyn Van Slyck (Microsoft)
We will introduce the Cloud Native Application Bundle (CNAB) specification and teach participants how they can author bundles using Porter to deploy complicated modern applications, with load balancer creation, certificate management, application deployment and persistent storage.
Ryan Neal (Netlify)
AWS lambda and Golang are really powerful, but difficult to use. We use the two process over 20 million events every hour. I'll go through a template project that will let you deploy a function and talk through some of gotchas that come from my experience running it in production.
James Heimbuck (SendGrid)
The good, bad and ugly of how Sendgrid is incorporating Product Management practices into planning and execution within their DevOps and Platform teams to cut off scope creep, never ending projects and realizing value for internal teams.
By leveraging recent technologies, such as XDP/eBPF, network, infrastructure, and operations engineers can prepare for DDoS battles by dropping traffic early.
Gustavo Franco (Google)
This talks takes new SRE leaders and individual contributors through what it takes to be a part of or start their second team and beyond. A lot has been said about the SRE profession, how to start an SRE team, how to scale a single team in place, etc. How to move from a single SRE team to an SRE organization which requires several teams has been largely uncovered elsewhere.
Alex Rasmussen (Bits on Disk)
In this talk, we'll explore different categorical solutions to the problem of schema evolution - what happens when the structure of your structured data or API payload changes - and the tradeoffs associated with each solution.
Shraya Ramani (Buzzfeed Inc.,)
As BuzzFeed transitioned to microservices it needed to secure a growing number of internal tools. Our first solution was an open source auth service deployed in front of each app, but this approach had a number of scaling issues. The talk will discuss sso, our open-source, homegrown, centralized solution which elegantly solved this problem.
Koushik Kulkarni (Vuclip)
Data platform design and development to address modern day business demands using tools and technologies available on Google Cloud Platform.
Ory Segal (PureSec)
Learn the challenges of securing cloud-native serverless applications from attacks. We will demonstrate a live attack against a realistic serverless application, see how it can be protected and designed in a resilient way, and cover the key risks and mitigations techniques for protecting serverless applications.
Guilin Chen (Facebook), Sherry Xiao (Instagram)
Instagram is widely used across the world and serves billions of users everyday, we will provide a behind the scenes peek at how we operate instagram efficiently at scale.
Amy Chen (VMware)
By aligning identity, resource limits, and your application’s security posture, cluster operators can get more organizational mileage out of Kubernetes namespaces.
Alex Qin (Code Cooperative)
Alex used to believe that code had no gender or race. That "good code" was good code and talented developers would always succeed in the meritocracy of the tech industry. This talk tells the true story of how repeated experiences of sexual discrimination and harassment led Alex to hack her appearance by shaving her head to change the way she was perceived as a programmer.
Jenny Liao (Google)
Explore the key concepts behind microservices before guiding you through applying the concepts to evaluate and build systems of your own.
Heather Martin (Discover)
Ent infrastructure is unpredictable and being agile means working harder and faster to complete project after project to keep the business moving forward. You do very little to improve the solutions you provide to your customers and this model just doesn't scale. In this talk we will describe the journey of moving from a project to a product mindset to transform how we deliver infrastructure
Charity Majors (Honeycomb)
The only environment that matters is production; for the good of humanity, ditch the rest.
Andre Henry (Venmo)
What are the sources of latency on the network and how can they be mitigated.
Meet the Experts sessions give you a chance to meet face-to-face in a small group setting with expert Velocity presenters. Discuss the speakers' areas of expertise, give feedback about their sessions, or ask questions. Seating is limited.
O’Reilly Author Book Signings will be held in the O’Reilly booth on Wednesday and Thursday. This is a great opportunity for you to meet our authors and speakers.
Nikki McDonald (O’Reilly Media), Ines Sombra (Fastly), James Turnbull (Microsoft)
Program Chairs, Nikki McDonald, Ines Sombra, and James Turnbull open the second day of keynotes.
Jumpstart your networking at Velocity by coming to Speed Networking before the keynotes begin. Bring your business cards and prepare a minute of chit-chat about yourself, your projects, and your interests.
Renee Orser (NS1)
NS1 first developed and operated a SaaS DNS platform, later shifting to also releasing versioned software for on-prem usage of their DNS products. Many systemic lessons, including the intrinsic relationship between system architecture and organizational design, surfaced while the team managed the challenges brought by diversification of a single platform across a suite of deployment models.
This talk will present the techniques used in our award-winning paper and will demonstrate how to design an ad serving service that is resilient to failure.
Join a group of fellow attendees for dinner on Tuesday night at the Velocity Dine-Around. This event is not sponsored, so you're responsible for paying your portion of the bill.
Kate Kuchin (VMware)
In this presentation we'll go over what Kubernetes audit logging is, how to configure it on your cluster, and how to make sense of the data once you have it configured.
Meet the Experts sessions give you a chance to meet face-to-face in a small group setting with expert Velocity presenters. Discuss the speakers' areas of expertise, give feedback about their sessions, or ask questions. Seating is limited.
O’Reilly Author Book Signings will be held in the O’Reilly booth on Wednesday and Thursday. This is a great opportunity for you to meet our authors and speakers.
Nikki McDonald (O’Reilly Media), James Turnbull (Microsoft), Ines Sombra (Fastly)
Program Chairs, Nikki McDonald, James Turnbull, and Ines Sombra open the first day of keynotes.
Jumpstart your networking at Velocity by coming to Speed Networking before the keynotes begin. Bring your business cards and prepare a minute of chit-chat about yourself, your projects, and your interests.
Emily Freeman (Microsoft), Nicole Forsgren (DORA)
You’ll walk away from this gameshow — I mean talk — with a smile on your face, a deeper understanding the ins and outs of technical advocacy and how Developer Relations benefits you as an engineer.
Christie Koehler (HashiCorp)
In this presentation, we’ll look at practical public key certificate management with Vault, which uses a dynamic secrets approach.
Andrew Harvey (Microsoft)
Many technical leaders find themselves in leadership without any formal training – what if we used our understanding of distributed systems to understand our team and how to scale it.
Jonathan Maltz (Nuna Inc)
Leading a project requires reorienting your priorities in new and sometimes unintuitive ways; this talk will cover how your responsibilities change when you start leading a project, and how you can successfully adapt to that change.