Hear from experts at CERN, Oath, Red Hat, Workday and more.

Join the people building and operating open infrastructure at the OpenStack Summit Berlin in November. The Summit schedule features over 200 sessions organized by use cases including: artificial intelligence and machine learning, high performance computing, edge computing, network functions virtualization, container infrastructure and public, private and multi-cloud strategies.

Here we’re highlighting some of the sessions you’ll want to add to your schedule about hybrid and private cloud. Check out the entire offering here.

They didn’t stop to think if they should

Users come to you with a request for the implementation of an additional OpenStack project, configuration change, or some other request, says Sean Carlisle of Rackspace. You do the research, you draft up a plan for implementation, you get the kinks worked out, then you schedule and perform the maintenance. Things seem fine. Then one terrible day you start getting complaints about stability or performance and you realize you’ve made a huge mistake. Your users are using the new functionality in ways it was not designed for, and they want the problems fixed immediately!

A private cloud offers companies almost limitless flexibility and with that flexibility comes the dangers of going ‘off the rails’ in your environment. In this talk, Carlisle will discuss the potential pitfalls of giving in to some of these requests in an attempt to please your users, how to avoid some of these pitfalls and how to guide your users to a solution that will solve their problems and not leave you trying to fix a platform that isn’t broken.
Details here.

OpenStack Policy 101

OpenStack has had the policy file-based access control mechanism since Keystone was first introduced. Despite its maturity, developers, deployers and operators still have some confusion about what options are available and how it all ties together.

Red Hat’s Juan Osorio Robles, Harry Rybacki and Adam Young aim to clear the air by describing the following:

  • How policy works in OpenStack today with respect to developers and operators
  • The motivation behind OpenStack’s oslo.policy library and what it provides
  • How to write policies for your services incorporating oslo.policy
  • How to override a service’s default policies
  • How to use external services to evaluate policies
  • How to write oslo.policy enforcer drivers

Details  here.

Ocado Technology’s robotic warehouses and grocery delivery using OpenStack

Luis Periquito from Ocado, the world’s largest online-only supermarket based in the United Kingdom. will explain how the team uses OpenStack to power their robotic warehouses around the world. The presentation will include the challenges faced in building and deployment in their warehouses. Details here.

Towards fully automated CERN private Cloud

Since 2012, CERN has been running an Openstack private cloud with around 320,000 cores and supports not only the LHC, but also services for the whole laboratory. The team has been been scaling up the infrastructure to cover these computing needs and also increasing the service offering to include file shares, bare metal nodes and container orchestration clusters among others.

The key aspects that allowed us to scale quickly and be able to continuously adapt to user needs are automation and integration into the CERN ecosystem. Cloud architect Jose Castro Leon will review the tools that allows his team to offload most of the heavy-lifting tasks, further delegate administrative operations and react on monitoring alarms. It includes solutions for simplify project, resource management and support operations based on Mistral and Rundeck.

He’ll also look into ongoing work on services like Kubernetes jobs, Vitrage and Watcher that will increase even further the automation provided. Details here.

Workday Private Cloud: Operational and Scaling challenges of growing from 50,000 to 300,000

Workday is a leader in enterprise human resources software-as-a-service (SaaS) solution and has been active in the OpenStack community for many years. Driven by the demand of rapid customer growth and increased security needs, Workday’s OpenStack cloud has grown from a 600-server fleet in 2016 to 4,600 servers by the end of 2018. They’re planning on 45 OpenStack clusters hosting more than 22,000 virtual machines, dispersed across five data centers in different geographical regions using 2PB of memory. A panel that includes Edgar Magana, Imtiaz Chowdhury, Howard Abrams and Sergio de Carvalho will detail how they did it. Details here.

OpenStack, Edge and AI: Creating the Digital Textile Factory at Oerlikon Manmade Fibers

The mass manufacturing of woven textiles began during with the first industrial revolution in the 1700s. Today, the textile industry is experiencing the fourth industrial revolution, a transformation marked by connectivity and emerging technologies such as robotics, artificial intelligence and Industrial Internet of Things (IIoT).

After the keynote, come to this fireside chat with TechCrunch journalist Frederic Lardinois and Oerlikon’s Mario Arcidiacono offer details on this exciting use case. Details here.

Oath Case Study: Zero Trust Security With Athenz

Oath has developed and open sourced a service authentication and role-based authorization system called Athenz to address zero trust principles, including situations where authenticated clients require explicit authorization to be allowed to perform actions, and authorization needs to always be limited to the least privilege required. Come hear from James Penick and Mujibur Wahab how the team is using Athenz to bootstrap instances deployed in both private and public clouds with service identities in the form of short-lived x.509 certificates that allow one service to securely communicate with another. At Oath, every OpenStack instance is powered by Athenz identities at scale. The pair will also discuss Athenz and its integration with OpenStack for RBAC and identity provisioning. Details here.
See you at the OSF Summit in Berlin, November 15-18 2018! Register here.

// CC BY NC