Loading…
Helm Summit 2019 has ended
Amsterdam, The Netherlands
September 11–12, 2019
Click here for more information and registration​​​

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Wednesday, September 11
 

08:00

Welcome Breakfast
Wednesday September 11, 2019 08:00 - 09:00
Grote Zaal

08:00

09:00

Opening Remarks: Day 1
Wednesday September 11, 2019 09:00 - 09:15
Grote Zaal

09:25

Tame Your Microservices with Helm and Software Release Trains - Dimitris Kapanidis, Harbur Cloud Solutions
The deployment of apps in Kubernetes is simplified with the usage of Helm, but when it comes to deploying microservice architecture things can go a bit more wild as we have to manage multiple applications on potentially multiple environments.

We'll discuss the different patterns for storing the charts on Git, either as mono or multi repos. We'll go through the ways to simplify and keep DRY our charts, and lastly we'll go review the different deployment patterns with Helm, either together as software release trains, or individually as with CI/CD.

Speakers
avatar for Dimitris Kapanidis

Dimitris Kapanidis

Founder, Harbur Cloud Solutions
Dimitris is Senior Architect at Harbur Cloud Solutions, Docker Captain and Google Developer Expert. His main focus is to help companies to modernize their infrastructure and internal culture in order to accelerate their time-to-market. In his past he was responsible for the quality... Read More →



Wednesday September 11, 2019 09:25 - 09:50
IJ Zaal

09:25

Using Helm for Developing Marketplace Integrations - Néstor Salceda, Sysdig
It’s impressive to see how Kubernetes is conquering the world by storm. Several big players are offering managed Kubernetes and usually they also have a marketplace where they offer applications for installing them in your cluster with just a few clicks.

I’m one of those folks whose work consists on creating these integrations. I’m responsible for making Falco and Sysdig globally available on each cloud vendor, and yes, it may be a real nightmare if I wouldn’t have Helm.

In this talk, I will share with you how I maximized the ROI of each integration using Helm to distribute our applications on GKE, AWS, IBM or even building operators wrapping the Helm chart. I also will show you several tips and best practices based on my experience crafting these integrations.

Speakers
avatar for Néstor Salceda

Néstor Salceda

Integrations Engineer, Sysdig
Néstor is a passionate and upbeat software engineer. He loves to pick an idea, develop it and making it real. He is also a Open Source Software enthusiast and right now, he is part of Sysdig team. While he is not in front of its computers, you will find him playing in the ground... Read More →



Wednesday September 11, 2019 09:25 - 09:50
Studio

10:00

Operators and Helm: It Takes Two to Tango - Devdatta Kulkarni, CloudARK
Are Operators replacing Helm? Why do we need both? We have heard this question many times. In this talk we settle it once and for all. Operators and Helm serve different purposes. Helm is a tool that simplifies deploying Kubernetes manifests. It focuses on templatization, reusability, and standard life-cycle actions on Kubernetes manifests. Operators on the other hand focus on managing workflow actions and day 2 operations on (often) stateful applications. In fact, Helm is a very good tool to package and deploy Operators. Special care is needed when developing Helm charts for Operators. We have developed guidelines for what things to include in Operator Helm chart to streamline the management, installation, and discovery of Operators and Custom Resources. In this talk we present these guidelines through several example Operator Helm charts.

Speakers
DK

Devdatta Kulkarni

Founder, CEO, CloudARK
Prior to founding CloudARK, Devdatta worked at Rackspace where he led the team that built PaaS for OpenStack. He has earned PhD in Computer Science (Distributed Systems) from the University of Minnesota, Minneapolis. Besides CloudARK, Devdatta currently teaches courses on Cloud Computing... Read More →



Wednesday September 11, 2019 10:00 - 10:25
IJ Zaal

10:00

Get Your Helm Charts Out There! - Reinhard Nägele, codecentric AG
The new Helm Hub (https://hub.helm.sh) is the central place where anyone can register their own chart repositories for easy discoverability. This session shows how to set up your own charts repo using GitHub Pages. It illustrates how to configure CI for your charts using Kind (https://github.com/kubernetes-sigs/kind) and the chart-testing tool (https://github.com/helm/chart-testing) so you can install and test pull requests for your charts and, thus, build trust in your community that things work as expected. Finally, chart-releaser (https://github.com/helm/chart-releaser) is used to upload chart packages as GitHub releases and to create the index.yaml file for the charts repo.

Speakers
avatar for Reinhard Nägele

Reinhard Nägele

Senior IT Consultant, codecentric AG
Reinhard is a Senior IT Consultant at codecentric's Munich office. He has more than 20 years of Java development experience and also likes programming in Go, Python, or Kotlin. He is a strong proponent of automation. In recent years, he has gained substantial knowledge in infrastructure... Read More →



Wednesday September 11, 2019 10:00 - 10:25
Studio

10:25

Coffee Break
Wednesday September 11, 2019 10:25 - 10:55
Grote Zaal

10:25

Sponsor Showcase
Wednesday September 11, 2019 10:25 - 17:05
Sponsor Showcase

10:55

GitLab as Cloud Native: Complex Suite Made Simple with Helm - Jason Plum, GitLab
GitLab has dreamed of “Any Cloud, One Command” with Kubernetes’ scaling and resiliency. Helm’s complex templating capabilities has enabled us to create a user experience less daunting than deploying over 5000 lines of YAML directly.

Despite the simplicity of “apt-get install gitlab-ee”, GitLab is not a single application. It is a massive weaving of many intertwined components. GitLab has customers with 20 through 20K users, and our charts are capable of scaling to either size with ease.

In this talk, we will share the business needs that drove us to any cloud, one command. We will describe our work to build a chart combining 13 sub-charts and 9 dependencies into something that can be configured with as little as a single command. We’ll will offer our insight & practices (particularly where deviating from Helm & Kubernetes standard practices) that will help anyone start a complex chart.

Speakers
avatar for Jason Plum

Jason Plum

Sr Distribution Engineer, GitLab
Jason Plum is a Senior Software Engineer, Distribution at GitLab, providing a large number of deployment methods for GitLab’s product. He has worked extensively to build GitLab’s cloud native Helm charts, enabling the ease of use that GitLab customers have come to expect, but... Read More →



Wednesday September 11, 2019 10:55 - 11:20
IJ Zaal

10:55

Ship It Faster, Safer & Cheaper - State of the Art of GitOps with Helm - Yusuke KUOKA, Z Lab Corporation
Let's build a highly customizable, cost-efficient, easily manageable CI & CD pipelines with Helm!

In this talk, we walk through a.) why we need CI & CD pipelines, important but unresolved problems, b.) what we would need exactly to rescue, and c.) how to build one yourself.

In the process you'll learn things like 1.) brief intro to GitOps, 2.) existing solutions, 3.) what are missing in the space, 4.) a proposed solution, 5.) theory behind it, and 6.) how Helm and its ecosystem helps.

Technologies and topics covered includes Helm, its plugins, Helmfile, Brigade, "The end of Kustomize vs Helm argument", and so on.

Through this talk, you are expected to get more confidence in the problems you have, what options are available, and how to choose one(or even build another!).

Speakers
avatar for Yusuke KUOKA

Yusuke KUOKA

Research & Development Engineer, Z Lab Corporation
Yusuke Kuoka is a R&D engineer at Z Lab Corporation, a subsidiary of Yahoo Japan!. Z Lab is leading Kubernetes adoption in Japan, and providing hundreds-clusters-scale on-prem Kubernetes-as-a-Service(KaaS) for Yahoo! Japan. He's one of developers of KaaS today. He also led the design... Read More →



Wednesday September 11, 2019 10:55 - 11:20
Studio

11:30

Helm for Anybody – Combining ChatOps and Declarative Configurations - Jonathan Striebel, Scalable Minds GmbH
ChatOps enables interactions with Helm for anybody in your team. Combined with the power of declarative configurations and CI tooling this allows changing infrastructure with confidence. In this presentation, Jonathan Striebel will show how ChatOps can balance between automation and manual control for deployments. The proposed solution, based on helmfile, git and Slack, enables everybody to control their Helm setup easily, having high automation while still preserving granular observability and control.

Speakers
avatar for Jonathan Striebel

Jonathan Striebel

Software Engineer, scalable minds GmbH
Jonathan Striebel is an experienced consultant, software engineer and speaker from scalable minds. With his DevOps attitude he teaches how to modernize large industry projects to use scalable and maintainable infrastructure stacks, or does so himself. Besides developing infrastructure... Read More →



Wednesday September 11, 2019 11:30 - 11:55
IJ Zaal

11:30

Introducing Flux Helm Operator, a GitOps Approach to Helm Operations - Stefan Prodan, Weaveworks
GitOps is a way to do Continuous Delivery, it works by using Git as a source of truth for declarative infrastructure and workloads. For Kubernetes this means using git push instead of helm install/upgrade.

Weave Flux is an open source tool that automatically ensures that the state of a cluster matches the config in git. The Flux Helm Operator provides an extension to Weave Flux that automates Helm chart releases. A chart release is described through a Kubernetes custom resource named HelmRelease. The Flux daemon synchronises these resources from git to the cluster, and the Flux Helm operator makes sure Helm charts are released as specified in the resources.

In this talk, Stefan will discuss the benefits of GitOps and how the Flux community built the Helm Operator. Stefan will demo a GitOps pipeline and perform Helm operations with git commands.

Speakers
avatar for Stefan Prodan

Stefan Prodan

DX Engineer, Weaveworks
Stefan is a Developer Experience engineer at Weaveworks and an open source contributor to cloud-native projects like Flagger, FluxCD, Helm Operator, OpenFaaS and others. He worked as a software architect and a DevOps consultant, helping companies embrace DevOps and the SRE movement... Read More →



Wednesday September 11, 2019 11:30 - 11:55
Studio

11:55

Lunch
Wednesday September 11, 2019 11:55 - 13:25
Grote Zaal

13:25

Dancing with Helm, Skaffold and Minikube! - Medya Ghazizadeh, Google
In this talk, Medya will share with you how he picked the best tools to develop a ballroom dance app. This talk will cover a real-world developer workflow using the best tools for the job: Helm, Skaffold and Minikube.


Speakers
avatar for Medya Ghazizadeh

Medya Ghazizadeh

Senior Software Engineer, Google
Medya Ghazizadeh is a Sr.Software engineer at Google. holds masters degree from DePaul University. one of the minikube maintainers.loves open source, poetry and human languages.


Wednesday September 11, 2019 13:25 - 13:50
Studio

13:25

Automated Helm Deployment Using Custom Controllers and Operators - Pauline Lallinec, Workday
This talk is presenting two ways to recover from an unsuccessful Helm release deployment, showcasing Helm automation and resilience. The talk will present both a custom Kubernetes controller, as well as leveraging a community developed Helm operator.

Speakers
avatar for Pauline Lallinec

Pauline Lallinec

Software Engineer, Workday
Pauline Lallinec is a software engineer on the public cloud engineering team at Workday, where she works on building a cloud provider-agnostic platform and CI/CD solutions for hundreds of microservices. Pauline talked about Helm, CRDs, and operators at the Dublin Docker meetup and... Read More →



Wednesday September 11, 2019 13:25 - 13:50
IJ Zaal

14:00

Kubeapps: Your One-Stop Shop to Deploy and Manage Helm Apps - Juan Ariza & Andres Martinez, VMware
In this session we will introduce Kubeapps: an open source web-based UI for deploying and managing applications in Kubernetes clusters. You can use Kubeapps to discover and deploy your favorite Helm charts in your Kubernetes cluster. We will demonstrate many of the advantages of using Kubeapps:

- Browse and discover charts from different repositories. Just as hub.helm.sh but also for private repositories.
- Deploy, inspect, upgrade and delete any Helm chart. Get notified whenever a new version is available.
- Secure authentication and authorization based on Kubernetes Role-Based Access Control. Even for Helm v2!
- Authenticate using third party OpenID Connect Providers like Google Accounts or GitHub.
- Browse and provision external services from the Service Catalog and available Service Brokers.

Speakers
avatar for Juan Ariza

Juan Ariza

Member of Technical Staff, VMware
I'm part of a team maintaining a catalog of more than 130 apps on different formats such as VMs, containers, or Helm charts. During the last year I've been focused on making this app catalog ready for production environments. I've also given several Kubernetes trainings promoting... Read More →
avatar for Andres Martinez

Andres Martinez

Software Engineer, VMware / Bitnami
Andrés Martínez is a software engineer working at VMware (previously Bitnami). For the last few years he has focused on Cloud Native applications and open source projects that help people create distributed applications and deploy them in the cloud with minimal manual intervention... Read More →



Wednesday September 11, 2019 14:00 - 14:25
IJ Zaal

14:00

Lessons Learned from Maintaining Our Own Chart Repository - Tomas Pizarro Moreno, Bitnami
With Helm charts moving to a distributed format, it's very important to let people know how they can create and maintain their own repositories and make them discoverable to the community.

Tomas will share advice about how to create and maintain your own chart repository. This presentation will answer questions such as: how to keep your charts up-to-date efficiently, how to ensure your charts work on every Kubernetes distribution, how to make your charts discoverable, and how to efficiently apply feedback from your users?

At the end of this presentation, you should have the knowledge to deploy your own Helm chart repository and an understanding of the most important things you should care about.

Speakers
avatar for Tomas Pizarro Moreno

Tomas Pizarro Moreno

Advanced Engineer, Bitnami
Tomas Pizarro is one of the main contributors to the official Helm chart repository in number of commits, additions and deletions. Apart from that, he is part of the team that maintains the Bitnami chart catalog, a repository with over 50 different up-to-date charts



Wednesday September 11, 2019 14:00 - 14:25
Studio

14:25

Coffee Break
Wednesday September 11, 2019 14:25 - 14:55
Grote Zaal

14:55

Lightning Talks: Opening Remarks
Wednesday September 11, 2019 14:55 - 14:59
Grote Zaal

14:59

--Wait For It: A Super Fast Dive into a Well-Used Flag - Taylor Thomas, Microsoft
The --wait flag is one of the most commonly used (and abused) flags for a Helm install. Come join the author of the code behind that flag for a super quick deep dive into how it works at a code level and some possible gotchas.

Speakers
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys hiking and camp... Read More →



Wednesday September 11, 2019 14:59 - 15:04
Grote Zaal

15:05

Sponsored Lightning Talk: kubectl Unfork: Maintaining Custom Changes to Upstream Charts - Marc Campbell, Founder & CTO, Replicated
Helm charts are often forked in order to make custom changes to the templated manifests. These long-lived forks require manual reconciliation with upstream updates and often end up outdated. Replicated has developed two open source Kubectl plugins for discovering outdated images and unforking Helm charts. We’ll show the audience how these tools can improve their operational workflows for managing complex chart deployments.

Speakers
avatar for Marc Campbell

Marc Campbell

Founder & CTO, Replicated



Wednesday September 11, 2019 15:05 - 15:10
Grote Zaal

15:11

Rendering Helm Templates in the Browser, with WebAssembly - Matt Butcher, Microsoft
In this lightning talk, we will explore compiling Helm client libraries (and particularly the Helm rendering engine) to WebAssembly, then importing in the browser, and render templates from a web page.

Finally, we will explore using WASI (WebAssembly Interface) as the compilation target, and see the requirements for importing the built libraries in different WebAssembly runtimes, outside of the browser, allowing us to import and use the same native Helm libraries that Go programs would use, but in WASI-compatible runtimes and programming languages.

Speakers
avatar for Matt Butcher

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Developer at Microsoft, where he leads the team of open source developers that manage Helm, CNAB, Brigade, Porter, and several other projects. Matt has a Ph.D. in philosophy, and is the author of eight technical books. He’s also the co-author... Read More →


Wednesday September 11, 2019 15:11 - 15:16
Grote Zaal

15:17

Sponsored Lightning Talk: Ihor Dvoretskyi, Developer Advocate, Cloud Native Computing Foundation
Speakers
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate, Cloud Native Computing Foundation
Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation, focused on Kubernetes-related efforts in the open source community.Ihor is a co-founder and co-lead of the Kubernetes Product Management Special Interest Group (SIG-PM), focused on enhancing Kubernetes as... Read More →


Wednesday September 11, 2019 15:17 - 15:22
Grote Zaal

15:23

A Framework for Community Chart Templating - Grant Miller, Replicated Inc
Community Helm chart maintainers need to balance the needs of advanced cluster operators with the needs of new Helm users. These needs are in conflict when it comes to determining what attributes should be templated in the upstream Helm chart. This talk will highlight those needs, the conflicts created and propose a decision framework for determining what should be included upstream. Generally, application level config should always be templated to expose those options to users while Kubernetes specific, runtime config should be limited to the most common configuration changes that are needed to deploy the application.

Speakers
GM

Grant Miller

CEO, Replicated Inc
Grant is founder and CEO at Replicated, where he has helped hundreds of companies deploy and consume Kubernetes based applications. Additionally, Grant is a core contributor to the EnterpriseReady OSS project. Replicated is a platform for cloud-native applications to distribute “modern... Read More →



Wednesday September 11, 2019 15:23 - 15:28
Grote Zaal

15:29

Sponsored Lightning Talk: Speeding Up Our Developer's Feedback Loop with Helm - Eldad Assis, DevOps Architect, JFrog
To achieve the vision of Liquid Software, speedy developer feedback is an absolute must! This becomes over challenging when the test environment grows to be made up of multiple products and many microservices. In this talk, I'll share with you an overview of how JFrog has built a full K8s/Helm-based CI/CD pipeline and enable developers to get continuous feedback by automating private, multi-service, integrated environments.


Speakers
avatar for Eldad Assis

Eldad Assis

DevOps Architect, JFrog
I'm a DevOps Architect at JFrog with about 20 years of experience doing software and infrastructure development.On a mission to help solve real world software problems. For developers and operations. Any size!



Wednesday September 11, 2019 15:29 - 15:34
Grote Zaal

15:35

Securing Banzai Cloud Bank Vault - Nidhi Kaushal, Athena Health & Alexander van der Pol, Oracle
Everyone has secrets. When adding a central secrets manager to a shared Kubernetes platform, any service should be able to count on it that their secrets cannot be accessed by other services. In this presentation, we will demonstrate how to set up Kubernetes secrets and policies, and configure Banzai-vault to ensure everyone's secrets are safe, while using the same secrets manager.

We will give a quick overview of the various elements which play a role in setting up the configuration in of Banzai-vault, including setting up Kubernetes service-accounts, roles, rolebindings and more.

Speakers
NK

Nidhi Kaushal

Snr.Developer, Athena Health
Nidhi Kaushal is a Senior Engineer at Athena-Health. She began her career at Oracle, where she worked on many aspects of Service Cloud. When Oracle started using Kubernetes, she quickly became an expert. Now, at Athena-Health, she's building a new platform, which interacts with A... Read More →
avatar for Alexander van der Pol

Alexander van der Pol

Snr. Developer, Oracle
Alexander van der Pol is a senior Developer at Oracle. He started out as a Maths teacher, but soon found his passion to be software development. As an early Docker and Kubernetes adopter, he gathered tons of experience with the platform. Now he's working on several Microservices using... Read More →



Wednesday September 11, 2019 15:35 - 15:40
Grote Zaal

15:41

Sponsored Lightning Talk: A Note of Thanks to the Helm Community - Matt Fisher, Software Engineer; Matt Butcher, Principle Software Engineer; & Taylor Thomas, Senior Software Engineer, Microsoft
Speakers
avatar for Matt Fisher

Matt Fisher

Software Engineer, Microsoft
Matt is a core maintainer of the Helm project, and a Software Engineer at Microsoft. Off hours, Matt enjoys spending time camping, woodworking and spending time with his family.
avatar for Matt Butcher

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Developer at Microsoft, where he leads the team of open source developers that manage Helm, CNAB, Brigade, Porter, and several other projects. Matt has a Ph.D. in philosophy, and is the author of eight technical books. He’s also the co-author... Read More →
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys hiking and camp... Read More →


Wednesday September 11, 2019 15:41 - 15:46
Grote Zaal

15:47

The Helm Broker - Complete Service Management in Your K8s Cluster - Piotr Kopczynski, SAP
Helm is a great way to install and manage the life cycle of complex Kubernetes applications. Combined with the OSB API specification, it enables really loosely-coupled Service Management in a K8s cluster. Together, Helm and the OSB API specification make a solution called the Helm Broker.

Using that guy, you can automate credentials injection and prepare many helm chart configurations upfront. Additionally, you gain an extra security layer which prevents your instance from being removed when it is still in use by external applications.

Speakers
avatar for Piotr Kopczynski

Piotr Kopczynski

Product Owner, SAP
I work @SAP in an open-source project called Kyma (https://kyma-project.io/). I’m a product owner responsible for the Service Management capability. I believe that using the Open Service Broker API specification and K8s Service Catalog is the way to go with unified access to Services... Read More →



Wednesday September 11, 2019 15:47 - 15:52
Grote Zaal

15:53

How to Achieve Production Readiness? Stories From the Trenches - Javier Salmerón García, Bitnami
As part of my job, I work on a wide variety of infrastructure Helm Charts, including many of the official ones, following best practices to continuously improve its functionality and reliability. Using the official Postgres chart, this talk will show real-life examples of the evolution over time of a chart from implementing basic configuration to becoming production ready and the lessons learned along the way. This talk will cover:

- What were the essential changes?
- How to make infrastructure charts actually usable?
- How could we prove that our PostgreSQL was production ready?

Speakers
avatar for Javier Salmeron

Javier Salmeron

Advanced Engineer, Bitnami
Javier has a PhD in Computer Engineering. Has worked for several years in both researching and teaching the application of cloud-native technologies to High Performance Computing. He currently works as an engineer at Bitnami, where he packages applications ready to be deployed in... Read More →


Wednesday September 11, 2019 15:53 - 15:58
Grote Zaal

16:00

Building Ephemeral Environments for Developers - Jeff Knurek, Travel Audience GmbH
A key aspect of a microservice architecture is to make sure individual services work in isolation. But as a developer its also important to make sure the service works in the full system. Providing developers a way to run a multi-service environment on their own machine is challenging.

In trying to overcome this problem, we've looked for a way for engineers to be able to test pre-production code. Making use of Helm charts and defaulting to production configuration gets us part way there. Also important is being able to extend upon tools like Telepresence/Ksync for debugging in k8s. But while these great tools are available, what is lacking is the "easy to use", single command that gives a developer their own self-contained system. We're going to discuss Armador, an open source solution that makes installing multiple Helm charts a breeze.

Speakers
avatar for Jeff Knurek

Jeff Knurek

Continuous Delivery Engineer, travel audience GmbH
Jeff Knurek is a Continuous Delivery Engineer at travel audience GmbH in Berlin, Germany. He spends his time piecing together all the moving parts in a kubernetes, data-driven, travel advertising platform (or trying to fit those adjectives in one sentence). After starting off working... Read More →



Wednesday September 11, 2019 16:00 - 16:05
Grote Zaal

16:05

 
Thursday, September 12
 

08:00

Welcome Breakfast
Thursday September 12, 2019 08:00 - 09:00
Grote Zaal

08:00

08:00

Sponsor Showcase
Thursday September 12, 2019 08:00 - 16:05
Sponsor Showcase

09:00

Opening Remarks: Day 2
Thursday September 12, 2019 09:00 - 09:15
Grote Zaal

09:25

Library Charts: New to Helm 3 - Martin Hickey, IBM
One of the challenges with Helm in prior versions was the lack of a solid reuse pattern for chart definitions. While the concept of helper templates could be used in Helm v2 to mitigate this problem, Helm v3 has added support for a new class called "library charts" which allow for sharing and reuse across all the templates in a chart or sub-chart.

In this talk you will get clear answers to questions like "What is a library chart?", "How do I use a library chart?" and "What are the use cases for library charts?". In this session, I will focus on practical guidance that will help you improve chart development by chart definition reuse. I hope I can show you the advantages of using them through this technical deep dive and demo.


Speakers
avatar for Martin Hickey

Martin Hickey

Senior Software Engineer, IBM
Martin works on the Open Technology team at IBM focusing on open source software. He is a regular contributor to open source and a core maintainer for Helm. He has also contributed previously to the OpenStack and Elastic communities. Martin enjoys speaking at conferences and meet-ups... Read More →



Thursday September 12, 2019 09:25 - 09:50
Studio

09:25

Helm 3: Navigating to Distant Shores - Jessica Deen, Microsoft
Adjusting your spyglass & looking out over the water, you can see how useful a package manager like Helm is. Perhaps you’ve used it to manage the fractal complexity of packages on your Kubernetes clusters (without losing track of versions stashed in the hold), or maybe you’re new to Helm altogether but you’re unsure of where to begin since Helm 3 is different from its predecessor. Even though Helm 3 is different; you’re ready to get started on this exciting voyage as soon as you have some idea of what’s port & what’s starboard!

In this demo-fueled session, we’ll take you through differences from the Helm of yore, tips for a successful rollout or upgrade, & opportunities to shape the project’s future. The cloud native waters can be choppy, but a technical deep dive powered by open source tooling will steer you in the right direction!

Speakers
avatar for Jessica Deen

Jessica Deen

Senior Cloud Advocate, Microsoft
Jessica is a Cloud Developer Advocate for Microsoft focusing on Azure, Containers, OSS, and DevOps. Prior to joining Microsoft, she spent over a decade as an IT Consultant / Systems Administrator for various corporate and enterprise environments, catering to end users and IT professionals... Read More →


Thursday September 12, 2019 09:25 - 10:25
IJ Zaal

10:00

At the Helm without a Steering Wheel – Your Chart as a Kubernetes Operator - Daniel Messer, Red Hat
Since their inception Helm Charts have become the go-to solution for Day-1 operations of applications on Kubernetes. Today users are increasingly looking for Day-2 management when running their apps that are getting more complex by the day. Ideally they would be controlled and managed in the same goal-seeking, resilient way as Kubernetes itself.
Enter Operators: an application-specific workload manager that can turn your chart into a native Kubernetes object. With the Operator SDK you can now run your Helm chart without changes as an Kubernetes Operator and catch two birds with one stone: eliminate the need for tiller and get declarative configuration with constant lifecycle management.

Speakers
avatar for Daniel Messer

Daniel Messer

Senior Product Manager, Red Hat
Daniel is a Senior Product Manager for OpenShift at Red Hat working on the Operator Framework. He's been using Kubernetes and Containers since their inception and in his 10 years of IT careers so far he worked as a Developer, PreSales Consultant, Solution Architect and now as Technical... Read More →



Thursday September 12, 2019 10:00 - 10:25
Studio

10:25

Coffee Break
Thursday September 12, 2019 10:25 - 10:55
Grote Zaal

10:55

More Charts, More Problems. Lets Talk Bringing Sanity - Shikha Srivastava & Kirti Apte, IBM
Now that you have an application running in Kubernetes, what will your next steps be? Can you deploy this application to any cloud? If someone else wishes to install your helm chart would you have all necessary resources to deploy it successfully? Do you have a certification process to ensure your helm chart is enterprise ready? Creating a helm chart to deploy your application is just the first step, but now you need a process to ensure that the helm chart follows guidelines established by your enterprise and future versions of the chart are created efficiently as part of your CI/CD pipeline. In this presentation, you will learn about effective ways to create, organize and maintain enterprise grade helm charts. We will also discuss how our CI/CD pipeline is implemented using custom linter, verification test cases to make sure only certified charts are promoted into production.

Speakers
avatar for Shikha Srivastava

Shikha Srivastava

Senior Technical Staff Member, IBM
Shikha is a Senior Technical Staff Member (STSM) & a Master Inventor at IBM. She is a lead architect at IBM Cloud Private where she brings her expertise in architecture, design, leadership towards collaboratively creating innovative pragmatic solutions that leads to enabling Hybrid... Read More →
avatar for Kirti Apte

Kirti Apte

Senior Software Engineer, IBM
Kirti is Senior Software Engineer at IBM. She is a technical lead for IBM Cloud Private Enterprise Catalog which is responsible to containerize, deploy and manage IBM and non-IBM middleware. She brings her expertise in architecture, design, and leadership to create consumable hybrid... Read More →



Thursday September 12, 2019 10:55 - 11:20
Studio

10:55

Hacking Helm - Paul Czarkowski, Pivotal
Helm is the best way to build, package, and run Kubernetes manifests. However it has been considered by some as a fairly insecure way to deploy software, mostly due to its server component Tiller. Let’s put that to the test and hack (and then protect from those hacks) Helm.

Paul and Scott will talk about the architecture behind Helm (v2) and how it is seen as particularly vulnerable to hacks designed to either gather information about deployed applications and even access the Kubernetes cluster itself. They will then demonstrate several hacks in growing sophistication that do exactly that and show how to protect yourself from those attacks and use Helm as securely as possible. They will finish with the relevant changes coming in Helm 3, and whether or not removing Tiller really is the killer security feature of Helm 3 that people think it is.

Speakers
avatar for Paul Czarkowski

Paul Czarkowski

Developer Advocate, Pivotal
Paul Czarkowski is a recovering Systems Administrator who has run infrastructure for longer than he cares to admit. After cutting his teeth in the ISP and Gaming industries Paul changed his focus to using (and contributing to) Open Source Software to improve the Operability of complex... Read More →



Thursday September 12, 2019 10:55 - 11:55
IJ Zaal

11:30

From ChartMuseum to Harbor - Josh Dolitsky, Blood Orange
The ChartMuseum project was originally created for advanced chart repository use cases - things such as chart uploads, pluggable storage, and multi-tenancy. However, as more requirements piled up over time, it became increasingly clear to the Helm maintainers that the entire repository system was insufficient.

After many meetings, a decision was finally made that Helm would adopt the OCI Distribution Spec for the next generation of chart repos - the same API that Docker uses whenever you run a "docker pull" / "docker push".

Meanwhile, Project Harbor was focusing efforts on building a robust, cloud-native registry. Harbor is built atop the Docker Distribution project, which is essentially the reference implementation for OCI Distribution.

In Helm 3, the obvious successor to ChartMuseum will be Project Harbor. This talk will cover the move to OCI and how to use Harbor to serve charts.

Speakers
avatar for Josh Dolitsky

Josh Dolitsky

Founder & Chief Engineer, bloodorange.io



Thursday September 12, 2019 11:30 - 11:55
Studio

11:55

Lunch
Thursday September 12, 2019 11:55 - 13:25
Grote Zaal

13:25

Securing Helm 3 - Matthew Fisher, Microsoft
Providing a secure end-to-end deployment pipeline is important when running Kubernetes in production. It’s important to understand each component of the deployment pipeline to better understand how to secure your cluster from certain attack scenarios.

Helm 3 removed a very significant piece of the architecture called Tiller. Many users are excited about the removal of Tiller, but it's left questions about how the security story changes for Helm 3.

In this session, we'll dive deep into Helm 3's architecture, what changed, and how the removal of Tiller affects Helm's security model. We'll also share best practices for securing Helm 3 in different operational contexts.

Speakers
avatar for Matt Fisher

Matt Fisher

Software Engineer, Microsoft
Matt is a core maintainer of the Helm project, and a Software Engineer at Microsoft. Off hours, Matt enjoys spending time camping, woodworking and spending time with his family.



Thursday September 12, 2019 13:25 - 13:50
Studio

13:25

GitOps Continuous Delivery with Helm Operator - Kingdon Barrett, University of Notre Dame & Stefan Prodan, WeaveWorks
Helm Operator is an open-source Continuous Delivery solution for deploying Helm charts, and an integrated part of Weave Flux. The Flux operator watches a Git repository for changes to YAML manifest files, pulls updates from the repo, and syncs changes into your cluster's etcd, via Kubernetes API, from any commits that have been made to the git repo.

Helm-operator extends this approach to manage helm charts, adding a "HelmRelease" CRD which is monitored and controlled by the helm-operator. Each HelmRelease resource maps a Helm chart source to a deployed Helm release, through an instrumented, automated Helm Client, the helm-operator.

We will cover the basics of setting up Helm Operator, Tiller with TLS, using Flux, and of course basics of Helm Operator. Learn how Helm Operator and its HelmRelease custom resource can better enable your Helm usage, with automated and continuous releases.

Speakers
avatar for Kingdon Barrett

Kingdon Barrett

Application Developer Professional, University of Notre Dame
Kingdon is a Ruby on Rails app dev at University of Notre Dame's Office of Information Technology. He is also a PaaS and cluster enthusiast, and a developer on Team Hephy, the Deis Workflow fork. Kingdon is a graduate of the Rochester Institute of Technology's Computing and Information... Read More →
avatar for Stefan Prodan

Stefan Prodan

DX Engineer, Weaveworks
Stefan is a Developer Experience engineer at Weaveworks and an open source contributor to cloud-native projects like Flagger, FluxCD, Helm Operator, OpenFaaS and others. He worked as a software architect and a DevOps consultant, helping companies embrace DevOps and the SRE movement... Read More →



Thursday September 12, 2019 13:25 - 14:25
IJ Zaal

14:00

Increasing Reliability via Helm Pre-Release Checks - Bridget Kromhout, Microsoft
Ever had to clean up from a failed Helm release because you didn't have the right RBAC? Let’s take an in-depth look at how you can effectively detect and mitigate release failures using a variety of methods including checking resource schema validity with kubeval, ensuring conformance to policy with conftest, and verifying role-based access control with kubectl can-i. We’ll increase our release confidence with better guarantees against the unexpected!

Speakers

Thursday September 12, 2019 14:00 - 14:25
Studio

14:35

ErrTooMuchHelm = fmt.Errorf("A Maintainer's Story About Helping with Helm") - Taylor Thomas, Microsoft & Martin Hickey, IBM
As Helm becomes more commonplace in many people's workflows, the community continues to expand. The Helm community has always been a welcoming place, but sometimes it seems hard to jump in and help, especially with how large it has become. Come join me as I walk through some enlightening (and entertaining) mistakes and success to illustrate how to best contribute to Helm. We will discover the various ways you can participate in the community – from documentation to writing code and everything in between. To finish, we will discuss some possible improvements for the future.

Speakers
avatar for Martin Hickey

Martin Hickey

Senior Software Engineer, IBM
Martin works on the Open Technology team at IBM focusing on open source software. He is a regular contributor to open source and a core maintainer for Helm. He has also contributed previously to the OpenStack and Elastic communities. Martin enjoys speaking at conferences and meet-ups... Read More →
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Azure Kubernetes Service at Microsoft. He has been involved with containers and Kubernetes platforms at Intel and Nike and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys hiking and camp... Read More →


Thursday September 12, 2019 14:35 - 15:00
Studio

14:35

Registry Workshop - Josh Dolitsky, Blood Orange
The new Helm 3 repository system will move to use registries, powered by the OCI Distribution Spec. Let's dive deep into the world of using registries to store Helm charts.

We will look into how to migrate charts from existing repositories, and the new set of subcommands related to registry upload and authentication. Attendees will start a simple Docker registry and package/upload/download charts.

Speakers
avatar for Josh Dolitsky

Josh Dolitsky

Founder & Chief Engineer, bloodorange.io


Thursday September 12, 2019 14:35 - 15:35
IJ Zaal

15:10

ytt: An Alternative to Text Templating of YAML Configuration in Helm - Nima Kaviani, IBM & Dmitriy Kalinin, Pivotal
Helm currently uses go/template package to perform text templating which ultimately results in various problems such as wrong indentation, incorrect escaping, etc. ytt (https://get-ytt.io) on the other hand, understands YAML structures (maps, lists, scalars, etc.) and can more effectively template YAML documents than plain text templating tools. Furthermore ytt uses a Pythonic language that is already familiar to most users, making it easier to write imperative logic. By replacing the go/template engine with ytt, we think users have a better experience with templating YAML configuration.

Speakers
NK

Nima Kaviani

senior software engineer, IBM
Nima Kaviani is a senior cloud engineer with IBM. He is a contributor to Knative and Cloud Foundry's Eirini. Prior to that Nima was the contributor to Cloud Foundry's Diego for over two years. Nima holds a PhD in computer science and tweets and blogs about Serverless, Kubernetes... Read More →
avatar for Dmitriy Kalinin

Dmitriy Kalinin

Software Engineer, Pivotal
Dmitriy Kalinin works at Pivotal on Cloud Foundry, Kubernetes, and Knative projects. Most recently Dmitriy has been working with Nima Kaviani on few tools (ytt, kapp, etc.) open sourced in https://github.com/k14s... Read More →



Thursday September 12, 2019 15:10 - 15:35
Studio

15:35

Coffee Break
Thursday September 12, 2019 15:35 - 16:05
Grote Zaal

16:05

Day 2 Operations of Helm Charts - Dex Horthy, Replicated, Inc
Helm install is just the beginning. Once a chart is installed, we need to know when new versions are available, review the change and assess the risk (is it a major, minor or patch?), assess the priority (is this a security patch?), and then deploy and test the update. This talk proposes a workflow and shows an OSS framework built on the Replicated Ship project that helps reduce the manual work (toil) involved with updating and operationalizing charts. We’ll see that with a little work up front, operators can greatly reduce the cost and toil involved in Day 2 Operations of Helm.

Speakers
avatar for Dex Horthy

Dex Horthy

Core Engineer, Replicated, Inc
Dex is a core engineer at Replicated, where he has helped hundreds of companies deploy and consume Kubernetes based applications. Additionally, Dex is a core contributor to several OSS projects including Replicated Ship. Replicated is a platform for cloud-native applications to distribute... Read More →



Thursday September 12, 2019 16:05 - 16:30
Studio

16:05

Dev and Run Small Projects on K8s with GitOps and Jenkins-X - Gerd Aschemann, Independent
Even small projects can be effectively developed and operated on Kubernetes. Jenkins-X provides an opinionated framework to set up and run a development environment for the team. By means of Helm-based GitOps even production can be managed by a small team in a secure way with little overhead.
DukeCon (http://dukecon.org) is an open source project to organize developer conferences, e.g., Javaland. The project is driven by a small group of volunteers in their spare time, with little support by full time operators of the respective conference.
The talk shows how the project was migrated from VMs with Docker to k8s. Operations tasks were simplified and streamlined. Development took advantage of excellent tools and more flexibility. Quality was improved by shorter feedback loops. Continuous deployment became feasible through fully automated testing and rollout.

Speakers
GA

Gerd Aschemann

Software Architect, Freelancer
Gerd Aschemann is always working at the verge of development and operations. As a freelance software architect he extends the technology stack of his customers introducing a well-suited architecture with appropriate tools and components. During the last years he has accompanied some... Read More →



Thursday September 12, 2019 16:05 - 17:05
IJ Zaal

16:40

Case Study: Managing Secrets and Charts at CERN - Spyros Trigazis & Ricardo Rocha, CERN
Declarative deployments, secret management and containerized workloads are in high demand in the CERN community. At the CERN's on-premise kubernetes clusters, a diverse range of workloads are running from data analysis to traditional IT services. Helm Charts is in an increasingly popular pattern to package application with business logic and many members of the CERN community start to adopt it. In this talk, we will describe a user facing plugin to manage secrets in git using an external key manager service, codenamed barbican. Additionally, we will describe the charts we are using to manage our private cloud, storage plugins and data analysis software.

Speakers
ST

Spyros Trigazis

Computing Engineer, CERN
Spyros Trigazis is a computing engineer and a member of the CERN Cloud infrastructure team which provides computing resources to the High Energy Physics community. He has been contributing to open source projects like Fedora, Kubernetes and OpenStack.
avatar for Ricardo Rocha

Ricardo Rocha

Computing Engineer, CERN
Ricardo is a software engineer at CERN currently part of the CERN cloud team, focusing primarily on networking and container based deployments. Previously he helped develop and deploy several components of the Worldwide LHC Computing Grid, a network of ~200 collaborating sites around... Read More →


Thursday September 12, 2019 16:40 - 17:05
Studio