Config Management Camp 2023 Ghent

To see our schedule with full functionality, like timezone conversion and personal scheduling, please enable JavaScript and go here.
08:00
08:00
60min
Breakfast 1

Breakfast
FREE Coffee, Tea, Fruit Juice, Water, Croissant, and breakfast snacks

Main
ALL
09:00
09:00
15min
Opening CfgMgmtCamp 2023
Kris Buytaert, Toshaan Bharvani

Opening of CfgMgmtCamp 2023 after 2 years of absence

Main
D Aud
09:20
09:20
50min
What if Infrastructure as Code never existed?
Adam Jacob

We rewind the clock and ask ourselves: what if Infrastructure as Code never existed? What different solutions might we have come up with to the problems we faced? We’ll leave you full of possibilities about the future.

Main
D Aud
10:10
10:10
50min
Choosing an Infrastructure as Code Solution
Lee Briggs

Since infrastructure as code burst onto the scene alongside the DevOps movement, the players in the game have changed dramatically.

If you were to choose an infrastructure as code tool in 2022, you'd have more choices than ever before. So how do you choose between them? In this talk, we'll take a look at the available tools not through the laundry list of features each tool offers, but what the user experience of those tools looks like not just to you, but to your customers and your colleagues.

Main
D Aud
11:00
11:00
15min
Break

Break

Main
ALL
11:15
11:15
50min
Feature Branching is Evil
Thierry de Pauw

Feature branching is still popular due to the rise of distributed version control systems but certainly also due to OSS and GitHub. Although branch creation has become extremely easy, it comes with a certain invisible cost. Branches break the flow of the IT delivery process, impacting stability and throughput.

The session explores why teams are using feature branches, what problems are introduced by using them and what techniques exist to avoid them altogether. It explores exactly what's evil about feature branches, which is not necessarily the problems they introduce - but rather, the real reasons why teams are using them.

After the session, you'll understand a different branching strategy and how it relates to Continuous Integration.

Main
D Aud
11:15
50min
Lessons learned from 7 years of running developer platforms - platform engineering and platform as a product
Coté

You've got kubernetes up and running - finally! - but now the developers aren't using it. Many organizations have faced this when building platforms, and this talk will go over how they've built the right process, team, and culture around their developer platforms to help developers. These practices are being called "platform engineering" now, but they've been going on for over ten years, so there's a lot to draw from instead of having to learn from old mistakes.

DevOps
B. Con
12:05
12:05
5min
Combining CUE and Terraform for maximum awesomeness
Lander Van den Bulcke

Terraform is an awesome tool for managing infra state, but not everyone likes the HCL module system. CUE is an great language for abstracting away repetitive config, but is unaware of state. As luck may have it, Terraform accepts json as input, and CUE can write json as output, so we can combine the two for fun and profit!

Ignite
D Aud
12:05
50min
Mgmt Config: The Road to 0.1
James (purpleidea)

Mgmt is a real-time automation tool that is fast and safe.
As we get closer to a 0.1 release that we'll recommend as "production ready", we'll look at what we've been stuck on and what's left.

In particular the complexity of building "lambdas" for an FRP language was more difficult than I had imagined, and I'll be asking for your help to finish mgmt.

There have also been a lot of fun new concepts which have landed since the last conference, and I'll demo many of these ideas for you.

As you already know, mgmt uses a real-time, reactive programming language to model the desired state over time, and a powerful event-driven engine to apply this state.
We'll show lots of real-time demos to keep everyone entertained.
Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project.

Main
B. Con
12:10
12:10
5min
Tiny Puppet can install everything: Prove me wrong!
Alessandro Franceschi

This is not just a presentation, it's a challenge to every CFGMGMT Camp participant.
Tiny Puppet can install EVERY application on EVERY OS, both from the command line ( tp install app ) and as Puppet code ( tp::install { 'app': } ).
If it can't already do it now, it will be able do it by the end of the conference.
Ready to accept the challenge?

Ignite
D Aud
12:15
12:15
5min
Rudder users and uses - tales from a survey
Nicolas CHARLES

A quick overview of the Rudder users: their IT size, number and type of people working on configuration management, metrics about their uses and most common use cases.
To have the most extensive infos we sent a survey to our Rudder users to gather this data and we'll present here the results and insights from this survey.

Ignite
D Aud
12:20
12:20
5min
Yet Another Ansible inventory from Puppet
Felix Frank

You have written Ansible inventory scripts that use Puppet as a source.
But these tricks will make Ansible even more smooth.

Ignite
D Aud
12:25
12:25
5min
What the Nix?!
Bryan Honof

What is Nix? Why do we Nix? How do we Nix? All that and more during this chaotic 5 minute talk all about Nix. In this insanely dense and fast ignite talk, Bryan will talk about what Nix is, and why it's so remarkable.

Ignite
D Aud
12:30
12:30
5min
But is it web-scale?
Philipp Krenn

Do you still remember the infamous "web-scale" video about MongoDB?
It's been a while, so what is web-scale (not), how can it apply today, and is it still useful? Or will it always be stuck on its ironic use?

Ignite
D Aud
12:35
12:35
5min
Explain it to me like I'm a child: open source data infrastructure
Floor Drees

What does Aiven do? My son's almost 8 years old and he doesn't shy away from asking the real questions. I struggled, of course, I'm used to explaining what I do - and by extend the company or client I work for does - to either people that are in the larger Tech industry and with whom I have a shared vocabulary, or to people (family members and neighbors) for whom "IT stuff" totally suffices.

My son falls in neither of those categories. So I tried, I grabbed my sketchbook to explain to him what exactly open source software is, what managed services entail, and how I make my money.

It turned out to be a very good exercise. Find out how online games store MokertjeGaaf fulfills orders, and personalizes recommendations, by using all open source data infrastructure!

Main
D Aud
13:00
13:00
60min
Lunch 1

Lunch
The HoGent cantina offers us a nice lunch menu.
As participants of CfgMgmtCamp, you can get a discounted special menu.
Registration is required, as a voucher presented to get the discount.

  • Flemish Meat Stew and Belgian fries
  • Flemish Vegeterian Stew and Belgian fries
  • Vol-au-vent and Belgian fries
  • Meat Lasagne
  • Spinash Lasagne
Main
ALL
14:00
14:00
25min
60 days in a new startup
David Schmitt

As of Dec 1st, I'm working for a brand-new startup: https://overmind.tech/ to help build a new company providing new infrastructure insights.

This talk is the story of my first 60 days as first employee: * onboarding (problem space, go, terraform, aws) * development environment (VS Code, remote containers, CI) * cultural foundations (collaboration, communication) * development (from prototype to demo site)

With this talk I want to give a pretty raw report on the things that happened in these two months in the hope that sharing this experience provides insights (e.g. if you're considering the step yourself) to at least entertainment of following along the ride.

DevOps
D Aud
14:00
50min
A Gentle Introduction to Nix
Bryan Honof

Do you have a colleague or friend that just can't stop talking about Nix? How it's reproducible, the future of software. Why it's so much better than the other tools out there. He just won't stop talking about it. And now, you've given in. You decided to give it a try, but where to start?

If the above is you, this talk is for you! Bryan will give his best attempt at giving a gentle introduction to Nix. After this talk, you hopefully understand Nix's values, and where to find more help if you happen to need it.

Nix
B.3.037
14:00
50min
Let's dive into Terraform provider creation
Horacio Gonzalez, Aurélie Vache

Currently when we think of Infrastructure as Code (IaC), one tool seems to stand out and has become a de-facto standard: Terraform.

With Terraform you can easily build, edit and version your whole infrastructure by using Terraform builtin providers or custom ones.

But sometimes there is no provider for the infrastructure you intend to use, not even the lone no-star repository in a lost corner of the internet, only a custom REST API. What can you do? Going back to manual operations? Create your own scripts?

In this talk Horacio and Aurélie will show you, step by step, how to go from an infrastructure API to a fully functional yet light Terraform provider. By taking as base a REST API, they will explain the basics of provider creation, give some pointers on how to do a simple yet efficient provider architecture and show you the code and the provider in action.

Will they succeed in this new mission?

Terraform
B.1.015
14:00
50min
Puppet is YAML
Martin Alfke

or: The Power of Hiera5

We sometimes see people struggling when it comes to Puppet.
Mostly this is due to time needed to learn about the details of Puppet, like Puppet Language syntax.

There are two general ways on how to manage your infrastructure using Puppet:

  1. own code
  2. YAML data
Puppet
B.2.015
14:00
25min
Rudder: What is it, and what makes it different?
Nicolas CHARLES

Rudder is an open source security and configuration management tool that focuses on compliance and continuous audit. It allows users from different teams and background to configure and extract data through both the UI and API, providing a fast feedback loop. Since its first release 10 years ago, Rudder has been used by organizations of all sizes, from small installations to large deployments of over 15,000 nodes.

In this talk, we will introduce Rudder and explain what sets it apart from similar tools. We will also discuss the current evolution of Rudder towards operational security and its impact on the product. If you are new to Rudder or interested in learning more about compliance and configuration management, this talk is for you.

Rudder
B.2.009
14:00
25min
Set Up a “Production-Ready” Kubernetes Cluster in 5 Minutes
Abhimanyu Selvan

In this live demo, we shall see how to set up a "Production-Ready Kubernetes Cluster" using an extendable framework built around Argo CD in 5 minutes. With a plethora of cloud-native solutions popping up every day, it can be pretty daunting for engineers to select the "right" tool for their technology stack, and it becomes all the more challenging to integrate them to get to day-2 operations. The hivenetes/k8s-bootstrapper project leverages Terraform and the Argo CD "App of Apps" pattern to integrate popular battle-tested open-source software and solutions that provide a production-grade out-of-box Kubernetes experience. In addition, the bootstrapper project is customizable and extendable, allowing teams to build their stack without much hassle.

DevOps
B. Con
14:00
25min
State of the Ansible Community 2023
Greg Sutcliffe

It's been some while since we met in person! In this talk, we'll look back over the last few years, take stock of where the Ansible Community is at, and talk about what might be coming for the future.

Ansible
B.1.017
14:00
50min
The Foreman Community update
Ewoud Kohl van Wijngaarden

All previous editions of this were described as "another year, another update". This time it hasn't been a year since the last one, but much more. That means there's more to cover in the "what's new" and "what changed" parts, but there should still be room to look at the future. We will also have an open discussion with the community. Come share your update.

Foreman
B.3.036
14:25
14:25
25min
10 things i learned building nomad-packs
Bram Vogelaar

The nomad team has been working very hard on making templated deploys easy for this they have released the tech preview of nomad-pack. This talk discusses some of my observations while migrating nomad job files over to nomad-pack

Nomad
B. Con
14:25
50min
Rudder: Come and hack with us
Nicolas CHARLES

This is a free slot in the Rudder room to: * come and talk with us, * get help about your uses cases with Rudder, * tell what you miss and what you like, * hack with us

Rudder
B.2.009
14:25
25min
Seamless and Automated Integration with Ansible
Sumit Jaiswal

The Ansible-enabled resource module building and scaffolding tool to generate resource modules may help you automate all of the use cases for security platforms, and it has never been simpler to enable Ansible automation for all potential vendors.

Ansible
B.1.017
14:25
25min
Technical Documentation - How Can I Write Them Better and Why Should I Care?
Hila Fish

Gathering pieces of information for a task or a project is a wasteful act and could result in duplicated work done by different people.
Onboarding, your ability to maintain code or infrastructure and systems handover - Documentation plays a crucial part in all these processes.

In this talk, I’ll show you a structured way to write technical docs, without being a technical writer - So you will deliver highly valuable information to your audience, to your best ability.
I’ll explain why should you care about these docs, how do they serve your best interests (Yes, there’s more than one!) and what a wide impact it could make on employees and even on your entire organization.

Main
D Aud
14:50
14:50
50min
Environment as Code: Moving away from Imperative Pipelines
Adarsh Shah

Cloud Native tools like Infrastructure as Code (IaC) & Helm have made managing infrastructure as well as cloud-native apps easier in a lot of ways, but there are many challenges that companies accept as the cost of adopting them. IaC is good at provisioning individual infrastructure components (a few resources together), and tools like helm are good at deploying applications, but engineering teams want an entire environment with various components like networking, platform (ec2/eks), database, k8s apps, etc. to run their business applications.

To provision and teardown an entire environment, these teams have two options. They can either hand-roll imperative pipelines to manage individual components and then manage complex dependencies between these components or create a monolith deployment for the entire environment. These approaches are inefficient and slow down feature development and innovation. They also make replicating, visualizing & understanding environments difficult. What if there were a better way?

This talk digs into these challenges and then looks at how to resolve them. We will introduce Environment as Code (EaC) which is an abstraction over cloud-native tools that provides a declarative way of defining an entire environment. It has a Control Plane that manages the state of the environment, including component dependencies, and detects drift, and enables reconciliation.

Key Takeaways:

  • Challenges adopting Cloud Native tools like Infrastructure as Code, Helm, etc.
  • What is Environment as Code?
  • How can Environment as Code help resolve those challenges?
Main
B. Con
14:50
50min
Installing OpenShift through Foreman
Jan Bundesmann

Who understands how to install CoreOS, can also install OpenShift 4. You can provision CoreOS-Hosts using Foreman. In this talk I explain the route and the obstacles with provisioning CoreOS and how to use this deploy an OpenShift cluster.

Foreman
B.3.036
14:50
25min
Nickel + Terraform = ❤️
Viktor Kleen

Nickel is a new configuration language being developed at Tweag. We are
developing tools and libraries for writing Terraform deployments in Nickel. Our
aim is improved modularity and reusability of infrastructure as code projects
by leveraging Nickel's gradual typing and expressive record merging.

Main
B.3.037
14:50
50min
Securing the Puppet ecosystem
Craig Gumbley

We’re improving the security posture of the entire Puppet ecosystem, from scanning Forge modules for malware, to changing Puppet code to make it harder to write vulnerable code, to providing guidance on writing secure Puppet code yourself.

Puppet
B.2.015
14:50
50min
Unknown unknowns and how to know them
Dylan Ratcliffe

Observability tools are brilliant for the applications that we deal with every day. But when things go wrong in an area we don’t know well we find ourselves looking at a bunch of numbers we don’t understand. In this talk, I’ll dive into how these unknown unknowns always crop up at the worst possible time, why we can’t defeat them, and how we can learn to deal with them much, much more effectively.

Observability
D Aud
14:50
50min
Using HashiCorp Configuration Language (HCL) to implement business policies in code.
Murad

Designing a scalable and robust Risk Engine using HashiCorp Configuration Language (HCL)

MgmtConfig
B.1.015
15:15
15:40
15:40
15min
Break

Break

Main
ALL
15:55
15:55
50min
DSL, HCL, TF, LSP, and what's behind these acronyms
Radek Simko, Daniel Banck

This talk will cover HCL (HashiCorp Configuration Language) and how it evolved over the last years to become the fastest-growing language on GitHub in 2022. HCL powers Terraform, Packer, and many more infrastructure as code tools. We'll look at how a DSL, such as HCL, can be authored comfortably with the help of a language server in an LSP (Language Server Protocol) aware editor (such as VS Code or Sublime Text).

Terraform
B.1.015
15:55
50min
How Vox Pupuli built their Continuous Integration
Ewoud Kohl van Wijngaarden

Vox Pupuli manages 175+ Puppet modules and heavily relies on GitHub Actions to do so. During this talk we'll go over how that's built, maintained and used.

Puppet
B.2.015
15:55
25min
How do we make Rudder secure?
Alexis Mousset

Rudder is used in critical contexts and the focus on its security has increased over the years, along with the threats. This talk will give an overview of how security topics are handled by the Rudder team, how they have evolved over time and what are our plans to handle current challenges. We will expose:

  • our recent features and architectural changes improving software security, especially in terms of node/server communication, user authentication and attack surface limitation.
  • our process to handle vulnerabilities reported or discovered in Rudder.
  • our efforts for software supply chain securitization, in particular regarding dependencies management and build infrastructure (dedicated signature server, ephemeral build environments, etc.)
  • and finally how we try to steer the dev culture towards security topics awareness, through integration of security assessments to our specification processes, and regular training and discussions.
Rudder
B.2.009
15:55
50min
Live Patching & Foreman - how it fits together
Bernhard Suttner

Apply patches and critical updates to your Linux kernel without rebooting your system. Maximize uptime and perform critical security updates and major bug fixes. In this talk I will show how this technology can be combined and used with Foreman.

Foreman
B.3.036
15:55
50min
Open Policy Agent: security for cloud natives and everyone else
Philipp Krenn

One of the emerging standards for cloud (native) security is OPA, the Open Policy Agent; an open source standard under the Cloud Native Computing Foundation.

Security
B. Con
15:55
50min
Power to the people: combine imperative with declarative aspects
Ringo De Smet

On a regular basis, articles and tweets pass by discussing whether some specific tool is imperative or declarative. It’s no surprise that Pulumi is often the tool being debated.

This talk will explain why the right combination of imperative and declarative implementation aspects on your tool(s) deliver the power you need to solve your problems.
Ringo will analyse the following tools and pinpoint which parts of them are imperative and declarative:

  • an older tool (Chef)
  • two current tools (Pulumi, Helm)
  • a recent one from another domain (Dagger)

To wrap up, Ringo will reason why the introduction of imperative programming languages in our tooling solves our most pressing need: integration!

Pulumi
D Aud
15:55
50min
Writing Ansible automation content made easy with Ansible developer tools
Ganesh B Nalawade

Ansible ecosystem continues to grow and mature. Recent enhancements include Ansible Content Collections, automation execution environments, and an increasing list of integrations using plugins and modules. It is more important than ever that both new and experienced content creators have access to tools that help them write better content faster. This talk will cover how you can use the newly created Ansible developer tools like ansible-navigator, ansible-builder and VSCode Ansible extension to write and build automation content following good practices at a much faster speed.

Ansible
B.1.017
16:45
16:45
25min
Building Immutable Systems with Puppet
Garrett Honeycutt

Sharing how to use Puppet with an immutable image model for running VM's. This talk will discuss why you might want to adopt the immutable image model and how to use Puppet to build those images. Real world examples with lessons learned.

Puppet
B.2.015
16:45
50min
Efficient Kubernetes scaling using Karpenter
Marko Bevc

Kubernetes doesn’t come with a built-in node autoscaling out of the box and as many other things it leaves it to the platform team to implement the appropriate strategy. Efficient node autoscaling is essential for ensuring that Kubernetes clusters can handle dynamic workloads and environments. In this talk, I will cover how Karpenter (an open-source node provisioning project) can be used to automate and manage Kubernetes nodes lifecycle by trying to make smarter decisions when it comes to right sizing your compute. It should result in improved resource utilization, reduced costs, and the ability to quickly and easily scale up or down based on workload demands compared to similar battle tested solutions. So does this really addresses all the scaling problems, what are still the gaps and how does it work in practice? I’ll also run a live demo to show how to use it and what to expect.

Container
B. Con
16:45
50min
Looking at security with cat eyes
Brenno de Winter

The OpenKAT-project is a series of integrated projects started to fill in the gap between technical checks, compliance questions, automated warning and non repudiation of the information gathered and presented.

OpenKAT takes a radical different approach on security while not discarding what we have built during the last decades. Just like a cat you see more while looking at the same information just by interpreting it differently. KAT (cat in Dutch) delivers information on vulnerabilities in a forensic accurate manners, monitors environments and more over proves how things change over time.

The OpenKAT project was started by the Ministry of Health, Welfare and Sport.

D Aud
16:45
50min
Recording Ansible building Ansible with Ansible and testing it with Ansible
David Moreau-Simard

Ansible has thousands of modules, plugins, roles and collections that can be leveraged to automate (almost) anything anywhere.

Could we use Ansible to build Ansible ? Why not ?

What could go wrong ? ¯\(ツ)

Ansible
B.1.017
16:45
25min
Terraform Practices - The Good, the Bad, and the Ugly / Terraform Practices to Enable Infrastructure Scaling
Hila Fish

Terraform is a GREAT tool, but like a lot of other things in life, it has its pitfalls and bad practices.

Since you are working with Terraform, you probably went through its documentation, which can tell you what resources can be used - BUT do you always have a clear path towards using these resources? How should modules be constructed? How should you structure your Terraform code in general?

In this talk, I’ll cover the good, the bad, and the ugly when it comes to Terraform. I will show practices for working with Terraform that were put together with a lot of blood, sweat, and tears, so you’ll ultimately have a go-to approach and a paved way for working with Terraform, whether it’s an existing codebase or a new functionality altogether, and also hopefully make you think about the big picture and utilize Terraform in a broader context rather than just an “infrastructure as code" tool.

OR:

How do you make the most of Terraform when scaling your infrastructure as your organization grows? In this talk, Hila will cover useful best practices, pitfalls to avoid and major obstacles to anticipate so that you can scale them across many teams, avoid refactoring, and get a flying start now -- AND optimize for the future.

Terraform
B.1.015
16:45
50min
pulp_deb past, present, and future -- Tell us what pulp_deb development should focus on next
Quirin Pamp, Tobias Grigo

The pulp_deb plugin is entering a new phase of the software lifecycle, and we want you to tell us what the plugin development should focus on! We will provide an update on the latest features and how we got here, but the focus will be on where we plan to go next.

Topics will include the new optimize sync mode, work to expand the test coverage for improved reliability and maintainability, open community submissions, as well as remaining unsolved design challenges.

You will also get to meet Tobias Grigo, our latest plugin maintainer.

Pulp
B.3.036
17:10
17:10
50min
Lessons Learned from Writing Thousands of Lines of IaC
Sefi Genis

Immutable architecture is the backbone of infrastructure as code, to ensure production environments cannot be changed during runtime. While this has the benefits of its inherent safety measures, this can also be restrictive, all while creating new challenges for security. Immutable concepts are much more effective when it comes to securing cloud-native environments and infrastructure, which is becoming an increasingly more complex task.

This talk will focus on some of the fundamentals of immutable architecture, best practices, and recommended design patterns to work around its limitations and enhance security, as well as what you most certainly should not be doing when running immutable architecture both from an infrastructure and security perspective.

This will be demonstrated through a real-world example of deploying a single-tenant SaaS in an automated pipeline, typical challenges encountered, and what was learned on the way, through a Terraform, Kubernetes, and step functions example.

B.1.015
17:35
17:35
25min
Case study: how we redesigned new Foreman host detail page
Maria Svirikova

Initially, there was a call from users to improve our product’s user experience. In light of our ever-growing UX debt, we started working. Fortunately, we weren’t alone in our fight. Our continuous engagement with users and the entire community on multiple levels allowed us to overcome challenges as well as our (sometimes wild) assumptions. In this talk, we will take a look at the path we took and how even you can influence our next projects.

Foreman
B.3.036
17:35
25min
Have you hardened your Kubernetes infrastructure?
Hardik Vyas

Kubernetes adoption is reaching sky-high, it has a large and rapidly growing ecosystem not just limited to the IT industry but also in industries like automobile, pharmaceutical, financial, etc to increase automation and reduce IT cost. With the increased reliance of individuals and businesses on Kubernetes and at such a tremendous scale, a simple misconfiguration, inadequate restrictions or safeguards in place to the Kubernetes infrastructure put the enterprise at risk and can cause operational dysfunction and exploit security. Companies adopting Kubernetes are taking a preventable yet big risk if they are not looking at mitigating the risks that come with it. The more reliant we become on Kubernetes, the more critical it is to keep the environment safe and secure.

In this talk we will discuss the security challenges associated with setting up and securing a Kubernetes cluster. It includes strategies for system administrators, DevSecOps, developers and security professionals, helping them avoid common misconfigurations and implement recommended hardening measures and mitigations when deploying Kubernetes. Kubernetes clusters can be complex to secure and are often abused in compromises that exploit their misconfigurations. We will focus on below specific security configurations that can help build more secure Kubernetes clusters.

  • Container and Pod security
  • Network separation and hardening
  • Authentication and authorization
  • Audit Logging and Threat Detection

Post this talk, the audience will be able to understand the particular security risks related to Kubernetes and how one can prevent or mitigate them.

Security
B. Con
08:00
08:00
60min
Breakfast 2

Breakfast
FREE Coffee, Tea, Fruit Juice, Water, Croissant, and breakfast snacks

Main
ALL
09:00
09:00
15min
Opening of YAMLCamp 2023
Toshaan Bharvani, Kris Buytaert

The opening of YAMLCamp 2023, after 2 years of YAML engineering from the basement

Main
D Aud
09:20
09:20
50min
CUE: a Glimpse into the Future of Configuration Engineering
Marcel van Lohuizen

Configuration has become the number one complexity problem to solve. Every part of your tech stack—databases, apps, schemas, services, workflows, policy, models, networking—must be configured. We show how CUE can help unify these silos.

Main
D Aud
10:00
10:10
10:10
50min
10+ years experience of IDPs (Internal Developer Platform) to enable fast growing companies
Ulf Månsson

Will talk about experience of IDPs at 3 different companies, how it can help companies grow rapidly by delivering more features with better quality by creating IDPs and standardise. The talk will cover the build block of IDPs both from technical and process perspectives to support developers to focus on deliver features.

DevOps
D Aud
11:15
11:15
50min
Kubernetes & The Myth of Cloud Portability
Federico Fregosi

Engineers at small and large companies are deploying their applications using managed Kubernetes services in the cloud because they are convinced it will enable them to migrate their workloads across providers easily. However, in reality, most container platforms are not feature-complete. So, the move comes with a series of external concerns that can make it problematic: e.g. monitoring, identity management, data gravity, deployment pipelines, dependent services, and many more!
In this talk, we’ll follow the migration journey of a demo application from AWS to GCP and we will identify a series of practical software development and system architecture best practices that you can follow to increase the level of portability of your Kube application.
Furthermore, we will consider configuration and components in the Kubernetes ecosystem that you can deploy to significantly simplify any platform lock-in constraints.

Container
D Aud
11:15
50min
Terraforming with Ansible
Tim Appnel, Walter Bentley

Ansible and Terraform are two very powerful but unique open source IT tools that are often compared in competitive discussions. Evaluating these tools for your use isn’t a simple comparison, since there’s no one "right" way to automate or one automation tool to use—just as there is not only one way to solve a problem. The two tools are better together and can work in harmony to create a better experience for developers and operations teams.

This talk will discuss how using Terraform and Ansible can create powerful workflows and introduce you to the Ansible content and tools to help make this possible.

Ansible
B. Con
12:10
12:10
5min
Adding language support in editors using Language server protocol
Ganesh B Nalawade

Adding features like auto complete, go to definition, or documentation on hover for a language takes significant effort. Traditionally this work had to be repeated for each development tool, as each tool provides different APIs for implementing the same feature. So it meant for each IDE a separate implementation is required for a given language.

In comes language server protocol which was developed by Microsoft Visual Studio Code and standardised in collaboration with RedHat and Codenvy. LSP is an open, JSON-RPC based protocol for use between source code editors or IDEs and servers that provide programming-specific features. The goal of the protocol is to allow programming language support to be implemented and distributed independently of any given editor or IDE.

Thus a single language implementation can provide features for different IDE’s that understands language server protocol.
This talk will cover about what is LSP and how is is used to support Ansible language for different editors

Ignite
D Aud
12:15
12:15
5min
Configure once, profit forever
Mathieu Tortuyaux

Ignition is a one-time provisioning software, single binary, running from the initramfs and with a simple configuration.

DevOps
D Aud
12:25
12:25
5min
Overengineering your personal website
Bram Vogelaar

Let's be honest, whether consciously or not we all do it. In this talk we'll discuss how far down the rabbit whole one can go, while serving only a single static html page.

From the humble beginnings as a markdown file to actual website and several layers of monitoring and automation. We ll discuss the architecture behind my personal website that also doubles as the vehicle that i use to learn new tools and techniques. So don't be surprised to come across an application deployed using waypoint onto a vm build using packer that resides in a fully terraformed AWS environment

Ignite
D Aud
12:30
12:30
5min
Using Nix to generate Docker images
Yvan Sraka

In this ignite talk, I will expose quickly the benefits of not writing Dockerfiles but rather using Nix expressions to generate Docker images.

Ignite
D Aud
13:00
13:00
60min
Lunch 2

Lunch
The HoGent cantina offers us a nice lunch menu.
As participants of CfgMgmtCamp, you can get a discounted special menu.
Registration is required, as a voucher presented to get the discount.

  • Meatballs in Tomato Sauce with Mashed Potatoes, peas and carrots
  • Vegetarian balls in Tomato Sauce with Mashed Potatoes, peas and carrots
  • Vol-au-vent and Belgian fries
  • Meat Lasagne
  • Spinash Lasagne
Main
ALL
14:00
14:00
50min
Empower everyone to manage Infrastructure with GitLab and Terraform
Timo Furrer

Small teams often require dedicated resources and tools to manage their own infrastructure. How can we make infrastructure management accessible to everyone?

In this talk, we’ll discover what GitLab offers to make managing Infrastructure as Code a breeze. GitLabs Terraform features empower everyone on the team to make and review infrastructure changes. GitLab provides a backend for Terraform state management and CI/CD templates to deploy changes effortlessly without needing to access the target platform.
Finally, we’ll look into how we can use the GitLab Terraform Provider to manage the lifecycle of various GitLab resources, like users, groups and projects.

Terraform
B. Con
14:00
50min
Practical introduction to OpenTelemetry tracing By Nicolas Frankel
Nicolas Fränkel

Tracking a request’s flow across different components in distributed systems is essential. With the rise of microservices, their importance has risen to critical levels. Some proprietary tools for tracking have been used already: Jaeger and Zipkin naturally come to mind.

Observability is built on three pillars: logging, metrics, and tracing. OpenTelemetry is a joint effort to bring an open standard to them. Jaeger and Zipkin joined the effort so that they are now OpenTelemetry compatible.

In this talk, I’ll describe the above in more detail and showcase a (simple) use case to demo how you could benefit from OpenTelemetry in your distributed architecture.

Observability
B.1.015
14:00
25min
Pulp, now and looking ahead
Tanya Tereshchenko

It's been at least 2 years since we met f2f!
In this session, I'd like to give a quick overview of key features and changes to the Pulp project in the last couple of years.
We'll also take a look at the future plans, and, hopefully, hear from you!
Do you miss anything? Are our plans in line with your needs? What can we improve?

Pulp
B.3.036
14:00
50min
Securing the software supply chain for Infra management tools
Alexis Mousset

Infrastructure management tools have a special place among software regarding security, as they usually run ubiquitously, with high privileges and a relatively high attack surface. This makes them targets of choice, especially in the current context of increased threats on software supply chains.

What are our (new) responsibilities as software editors in an open source ecosystem? They include a precise identification and authentication of all software components (to provide a Software Bill of Material) and constraints on the build process and software distribution models.

This talk will give an overview of the current state of the rapidly evolving software supply chain standards and tooling (e.g. SLSA, SBOMs, etc.). It will also explore more concrete items, focused on dependencies management in open source ecosystems and our experience with Rudder.

Security
B.3.037
14:00
25min
State of the CFEngine
Nick Anderson

It's been 3 years since the last state of the CFEngine. Join us for a quick overview of what's new in CFEngine since last time. Last time 3.15.0 was new, this time 3.15.x has reached the end of the road, 3.18.x is mid-life, and 3.21.x is the new hotness.

CFEngine
B.2.009
14:00
25min
When Your Open Source Tool Turns to the Dark Side
Dotan Horovits

Imagine waking up one morning to find out that your beloved open source database, which lies at the heart of your system, is being relicensed. What does that mean? Can you still use it as before? Could the new license be infectious and require you to open source your own business logic?

This doom’s day nightmare scenario isn’t hypothetical. It is, in fact, very real, for databases and other OSS, with several examples over the past year alone.

On this talk Horovits will review some of the less known risks of open source, and share his lessons learned from Elasticsearch’s recent relicensing move, as well as other case studies from the past year. If you use OSS, you’ll learn how to safeguard yourself. If you’re in the process of evaluating a new OSS, you’ll learn to look beyond the license and consider additional criteria. If you're debating open-sourcing a project, you'll gain important perspectives to consider.

Main
D Aud
14:00
50min
Why Open Source brings more value to business?
Tim Meusel

Why should companies use open source Puppet modules?

Why should they contribute to open source projects and even publish home-grown modules?

Many companies like to use open source software but prefer to keep their own code in-house. They think their business is more secure if they keep their code private. But that's not true!
This talk will focus on all the aspects about open source (with a focus on Puppet modules) in companies, how it increases the security about the platforms, brings you happier engineers and reduced onboarding time for new hires!

Puppet
B.2.015
14:25
14:25
25min
How to maintain a diverse team
Feu Mourek

Maintaining a good balance in a diverse team can be difficult, but it is definitiely worth the effort. I would like to share with you what I have learned to make working together with our differences more easy, fun and productive.

DevOps
D Aud
14:25
50min
Own Your Content; Software repositories in multi-user / multi-tenant / multi-cloud environments with Pulp
Matthias Dellweg

Pulp allows you to manage content of different types, but what if you need a whole group of people to manage Pulp? What if you want to host a content service on top of your Pulp installation?
In this talk we will give an overview of RBAC (role based access control) concepts in Pulp, as well as introduce domains and how you can operate in multi-tenant environments.

Pulp
B.3.036
14:50
14:50
50min
A journey from Configuration Management to Security of IT systems
Nicolas CHARLES

Configuration Management is nearly ubiquituous and a solved problem. It allows system administrator and developpers to excel at their job and many uses cases which would hardly be feasible without it.
Most notably, the main features of configuration management, continuous configuration and compliance are enabler for hardening of systems by security team, and to reach and maintain an improved Security Posture.

This talk will present how and why Rudder is evolving to incorporate operational security into its core features while strenghtening the fundamentals of configuration management. We'll show the impacts on the product, mainly on the compliance aspect with integration of compliance information from other sources and making the compliance queryable using GraphQL, and what it changes on the software principle.

Main
D Aud
14:50
50min
Building an Ansible AAP cluster - Design and implementation
Ton Kersten

Designing an Ansible Automation Platform cluster is not as easy as it looks. Specifically when everything is spread over the globe and should be high available.

Ansible
B.1.017
14:50
50min
Cloud Native Dependencies
Vernin Olivier

In today’s Cloud Native world, dependencies are everywhere. We not only think about Software dependencies like some random shiny Java library but we must keep up on the Helm chart used to deploy and configure the monitoring system. We need to track that container image used to run our CI environment. We must update our documentation each time requirements change.

Too often those dependencies come as a whole, they imply change management before landing on Git repositories, and too often they get ignored or pushed back until it’s too late.

In a world full of Open source everywhere, teams are both producers and consumers of changes. As producers, they are responsible for delivering the best product.
As consumers, they need to leverage as fast as possible what the ecosystem has to offer.

When it comes to automating changes, using a declarative dependency management tool can be handy to automate processes that are team specific. But not everything has to be team specific. Quite the opposite, Let’s identify together those minor changes that will improve the overall deliver-ability of the ecosystem so it benefits both producers and consumers of change.

DevOps
B. Con
14:50
25min
Configuring Prometheus targets with relabeling
Julien Pivotto

Prometheus has options to relabel targets in order to dynamically change its configuration. That relabeling feature has seen some major improvements in the last few years. Let's see how you can simplify your Prometheus configuration or make it more flexible and fine-grained thanks to the target relabeling.

Observability
B.1.015
14:50
25min
Demystifying Code signing and its role in DevSecOps
Gaurav Kamathe

The Solarwinds hack made headlines by directly attacking the software supply chain. To mitigate such attacks in the future we need an automated approach to digitally signing and checking software components that verify the origins and authenticity of the software. The purpose of this talk is to introduce the audience to Code signing, its role in DevSecOps and get familiar with the sigstore project.

Security
B.3.037
14:50
25min
Something is rotten in the state of Denmark
Ben Ford

Most Puppet users have had the experience of evaluating modules on the Puppet Forge. Maybe you have too. Maybe you were comparing a handful that all claimed to meet your needs, or maybe you were just determining whether a specific module met your standards for deploying into your production environment. With tools like puppet-lint and the PDK, it's fairly straightforward to evaluate code quality. But what about the health of the project itself? Is it actively maintained? Are Forge releases kept up to date? What are the chances that the latest release was compromised with a hidden bitcoin miner?

How do you answer those sorts of questions? You probably
- Skimmed the module's README for signs of the author's diligence.
- Poked through the issue list and pull requests on the repository hosting the module source to see how responsive the maintainers were to community collaboration.
- Checked the changelog for consistency.
- Maybe you even checked the commit history to see if there were unreleased fixes, or compared tags against the published version(s).

Wouldn't it be nice to automate some of this due diligence? That's what denmark does. The Shakespeare quote refers to corruption at the top of a political hierarchy making its way down through the entire state. In the context of this tool, it means that often we can detect concerns with a project by sniffing around the edges and seeing if anything rolling downhill stinks.

Puppet
B.2.015
14:50
50min
Using Ansible modules in CFEngine
Vratislav Podzimek

Learn about how CFEngine can leverage Ansible modules for new promise types extending the policy language and functionality.

CFEngine
B.2.009
15:15
15:15
25min
Puppet-lint check for vulnerable exec strings
Gavin Patton

Puppet code that uses exec resources that execute interpolated string commands are often vulnerable to shell execution. This new lint check identifies many of these. This talk runs through the check and how it works, how to run the check and how to integrate it into your own CI testing. It will talk about future Forge integrations. And it will go through the process of writing a puppet-lint plugin to encourage others to write more.

Puppet
B.2.015
15:15
25min
Secure your content management and distribution with Pulp
Ina Panova

Can this piece of content be trusted? Or does it meet my acceptance criteria?
These are the questions of the utmost importance.

One of the primary problems one must solve in the nowadays tricky world is to validate that content is authentic, not tampered or maliciously manipulated, and is coming from the correct trusted source.
Pulp manages and distributes content. Content, however, can come from external and different sources.

In this talk, let’s take a look at how the ability to add and store additional trusted metadata in Pulp alongside content can serve in the content attestation and verification.

Pulp
B.3.036
15:40
15:40
15min
Break
ALL
15:55
15:55
50min
An introduction to CFEngine Build
Ole Herman Schumacher Elgesem, Lars Erik Wik

CFEngine Build enables users to share / reuse / manage modules for CFEngine. All parts of it are open source; the website, the CLI, the modules themself. Come with us on a journey as we look at how it works, the architecture/technology, how it was developed, and what you can do with CFEngine Build.

CFEngine
B.2.009
15:55
50min
Build and operate internal developer platforms with Ansible
Ricardo Carrillo Cruz

Learn how to use Ansible ecosystem projects, like Ansible core, collections and AWX to build and operate internal developer platforms.

Ansible
B.1.017
15:55
25min
Content Content Everywhere
Dennis Kliban

Pulp (https://pulpproject.org) enables users to organize and distribute software. This talk will be geared towards administrators of Pulp that are interested in any of the following three scenarios: replicating a Pulp instance in an internet connected location, replicating a Pulp instance in an air gapped environment, and preparing their Pulp instance for disaster recovery.

Pulp
B.3.036
15:55
50min
Continuous Delivery for Micro-Service and Composable Architectures
Angel Rivera

Digital transformation initiatives drive teams and organizations to transition their technology architectures to more modern concepts such as microservices, APIs and serverless frameworks. The distributed nature of these composed architectures are surfacing significant obstacles in developing continuous delivery strategies that orchestrate and support effective CI/CD practices. In this talk, Angel will discuss some challenges associated with CI/CD and composed architectures. He will also offer some strategies on how to understand and potentially solve common challenges teams face.

DevOps
B. Con
15:55
50min
Cross OS security hardening - the practical stuff
Florian Heigl

In 2020 I was able to share a look at a security hardening policy built for Linux systems.
It was built it using
rudder.io, but my focus of the talk was more on 'strategy items'.

This talk picks up on feedback received and will focus on the technical side, covering actual policy items that should make sense for most.

The talk should serve people who want to harden their systems just as well as those who just want to hear some ideas. It will be sufficient to have understanding of templating and a general feeling that security matters and image sprawl is best left in the early 2000s.

Security
B.3.037
15:55
50min
From Monitoring to Observability: eBPF Chaos
Michael Friedrich

Collecting Observability data with eBPF aims to help Dev, Ops, and SREs to debug and troubleshoot incidents. Data requires storage, visualization, and verification: Do the Service Level Objectives (SLOs) match, dashboards visualize useful data correlation, network service maps make sense, and what about security policies?

Simulating a production incident is challenging. Chaos engineering enables teams to break things in a controlled environment and verify alerts, SLOs, and data accuracy. Which data retention cycle is best, and which dashboards reduce the mean-time-to-response? Anomaly detection and forecasting would be great too.

This talk dives into the learning steps with eBPF and discusses traditional metrics monitoring and future Observability data collection, storage and visualization. Learn from hands-on examples with chaos experiments that attempt to break eBPF probes, data collection, and policies in unexpected ways … and bring new perspectives into cloud-native reliability.

Observability
B.1.015
15:55
25min
Layering Control Repos to Empower Multiple Teams
Garrett Honeycutt

Do you work in a large organization with multiple teams? Service owners have different priorities than Infrastructure and Security teams and likely different change management processes, too. Do you have local forks of Forge modules? Is upgrading a module difficult because various teams have to agree and test? This talk discusses how layering control repositories can be used in conjunction with CI/CD to solve these issues while reducing risk in your deployments.

Puppet
B.2.015
15:55
50min
eBPF superpowers: a dynamic kernel
Raphaël Pinson

From KubeCon to ContainerDays, eBPF is trendy in the Cloud Native world. What is eBPF, and why is it revolutionary, and what can it bring to you specifically?

Through concrete examples applied to observability, networking, and security, this talk will explain the principles of eBPF and its concrete advantages to connect and secure Cloud Native applications.

Main
D Aud
16:20
16:20
25min
Firewall Builder for Puppet
Massimiliano Adamo & Pete Pedersen

Firewall Builder is an easy firewall configurator for Linux

Puppet
B.2.015
16:45
16:45
50min
Automating a multi-cluster Thanos setup using Terraform
Lander Van den Bulcke

Deploying a Thanos setup across multiple Kubernetes clusters has quite some moving parts: all the Thanos components themselves, cloud storage buckets, Prometheus instances, Alertmanagers, TLS certificates for the GRPc connections, ... Managing all that can be a chore, but Terraform is an excellent candidate to automate away the complexity. By combining Terraform, K8s operators and a few special tricks, this talk will introduce a way of working where adding a new k8s cluster to your setup is just a matter of applying a terraform module.

Terraform
B.1.015
16:45
50min
Dev to Production with Self-Service Automation
Mandi Walls

Managing the components of a software project via tickets and requests is time consuming. It wastes developer time to make a request and wait for the outcome. At the same time, centralized platforms governed by SRE or Platform Engineering teams require specialized knowledge and account access.

DevOps
D Aud
16:45
50min
Event-Driven Ansible: Advancing your automation
Ricardo Carrillo Cruz

Red Hat recommends a “start small, think big” approach to automation. Event-Driven Ansible can help you get to the next level of sophistication when it comes to automating your digital landscape. Learn about this new pattern for Ansible, and see how it can help you solve problems more quickly and eliminate basic but important tasks so you can focus on your key priorities and deliverables.

In this session we will:
- Explain Event-Driven Ansible
- Describe the architecture and relation between its components
- Walk you through example automatic remediation use cases
- Show you some getting started tips for writing Ansible Rulebooks

And much more! Join us in this session to understand how to advance on your automation journey with event driven automation. Deliver IT services faster and more efficiently, as you carve out time to work more normal business hours and even sleep more.

Ansible
B.1.017
16:45
50min
Maintaining over 70 Ansible modules: 7 years later
Evgeni Golov

The Foreman community maintains a collection of over 70 Ansible modules for interaction with the Foreman API and the various plugin APIs. At cfgmgmtcamp 2020 we talked about the first four years of that journey and promised you quite a lot for the future.

Today we want to talk what those three years allowed us to achieve, how priorities shifted and what else happened.
Including:

  • Three major releases: 1.0.0 (2020), 2.0.0 (2021), 3.0.0 (2021) 🥳
  • 27 releases in total (since 0.4.0)
  • Over 1.2 million downloads on Galaxy
  • 21 new roles
  • redhat.satellite collection
  • theforeman.operations collection

And of course we will also talk about what we think is next!

Ansible
B.3.036
16:45
50min
Making your project documentation flow
Don Naro

This talk is about mindsets and techniques for working as a content developer as part of a devOps team. Content developers combine technical writing with CI/CD tooling to create pipelines that connect cross-functional teams and enable them to share knowledge and expertise in an impactful way. What's more content developers play a vital role in lowering the barrier to entry for users and tell a complete user story via documentation.

DevOps
B. Con
16:45
50min
Writing Modules for CFEngine Build
Nick Anderson

CFEngine Build, the new website and tooling to facilitate sharing and consuming CFEngine related content was released in 2020. During this talk The Agent is In, we will live on the edge and write and publish a new module for CFEngine build live. Join us to see if Nick will be able to keep his promise.

CFEngine
B.2.009
17:35
17:35
25min
Autobuild Pulumi on GCP
Riccardo Carlesso

Ever wondered how to automate "pulumi up" on a Cloud infrastructure?
This talk will walk you through it an automated pipeline with * Pulumi (python code) * Cloud Build
and will demo an infrastuctural build and a change to it.

pulumi #python #gcp #cloudbuild

Pulumi
B.1.015
17:35
50min
Building Your Platform Product on Multi-Cluster Kubernetes
Colin Humphreys

Multi-cluster topologies are a key part of Kubernetes: organisations gain many benefits using multiple clusters, such as increased scale, bespoke APIs, blast radius reduction and more. However, multi-cluster deployments also increase complexity.

This talk will examine how we can use open-source technologies to create a platform from multiple Kubernetes clusters and manage this complexity. We will explore creating a bespoke API tailored to the needs of your organisation, and mapping this high-level API to low-level resources across clusters. We will also cover how to avoid the trap of treating many clusters like one cluster, and how to leverage the benefits of multiple clusters. The talk will include a demo of Kratix, an open-source framework for delivering Platform-as-a-product.

DevOps
D Aud
17:35
25min
Freedom in isolation with vClusters
Daniel Paulus

On a rainy Monday morning the new Team Lead requested test environments for their latest proof of concepts.

While searching for a solution to provide teams with sort lived environments we have looked at several solutions, from namespaces on a shared cluster, all the way to fully fledged Terraform managed environments.

While you can provision Kubernetes clusters for all teams, our current setup does not make that easy. As the Platform Team we like to keep our focus on operating the primary systems and not drown in requests for new environments.

In this talk I'll show how we finally solved the requests from the teams by utilizing the CNCF vClusters project to give freedom to dev teams while not breaking the bank with hundreds of clusters.

Container
B. Con
08:00
08:00
60min
Breakfast 3

Breakfast
FREE Coffee, Tea, Fruit Juice, Water, Croissant, and breakfast snacks

Main
ALL
09:00
09:00
540min
Ansible Contributor Summit 2023.02
Carol Chen

The Ansible Contributor Summit is a full day working session especially for community contributors to interact with one another, as well as with Ansible development teams (Core, AWX, Galaxy etc.). We will discuss important issues affecting the Ansible contributor community to help shape the future of Ansible, with a focus on improving collaboration with our contributors.

Ansible
B.1.017
09:00
240min
Bring solutions to life with the Pulumi Automation API
Ringo De Smet

In a world where the boundary between applications and infrastructure becomes thinner by the day, how do you link your application services to infrastructure provisioning?

In this workshop, we will simulate the case of a service provider who needs to set up a tenant when a new customer signs up. We will use the Pulumi Automation API to embed Pulumi as part of the solution.

Every participant can tailor the workshop in such a way it applies to their own company (or employer).

Pulumi
B.2.009
09:00
540min
CFEngine community room - Discussion and help with policy writing and module development
Ole Herman Schumacher Elgesem, Nick Anderson

Come by our fringe event / room for a chat with the CFEngine team. You can ask questions, suggest features, get free tech support, or sit down to work on your next module.

CFEngine
B.3.037
09:00
240min
Cilium Workshop: Kubernetes networking with eBPF
Raphaël Pinson

Container workloads and their orchestrations brings new challenges for networking and observability.

With micro-services architectures increasing the amount of east-west traffic, transient IPs making it harder to correlate network information with workload identity, and application logic split into a multitude of components, traditional SDN approaches are reaching their limit.

Leveraging the eBPF kernel technology, Ciliium is a CNCF project which implements a performant and highly scalable CNI plugin and the while providing metadata-rich observability of the network traffic.

Container
B.2.015
09:00
240min
Continuous Delivery with Terraform Workshop
Angel Rivera

DevOps adoptions usually includes an evolution of processes and tool chains that enable these teams to function optimally. Modern day computing and infrastructure management is definitely shifting away from “ClickOps” management and adopting the Infrastructure as Code (IaC) way of doing business. IaC enables teams to easily define, deploy and maintain compute infrastructures in the form of code. It also provides the ability to effortlessly scale, version and audit infrastructure resources.

In this workshop, attendees will gain a basic understanding of Infrastructure as Code (IaC). They’ll be introduced to the core principles of IaC and have the opportunity to reinforce what they’ve learned in a hands on workshop featuring industry known tools such as Terraform. The workshop will demonstrate specifying, deploying and destroying a Kubernetes cluster via code. The participants will leave with a hands-on experience and understanding of what it takes to manage Infrastructure as Code using continuous delivery concepts.

Terraform
B.1.015
09:00
540min
Mgmt Hacking Day
James (purpleidea)

The main author of https://github.com/purpleidea/mgmt/ will be around to hack on mgmt and you can help us get it closer to 1.0 =D

MgmtConfig
B.3.026
09:00
540min
Puppet Community Day
Ben Ford

Puppet's Community Day is a space for community and contributors to engage directly with each other and collaboratively learn and make some magic. Do you have a burgeoning project you want to workshop and get feedback and ideas on? Do you want get the first glimpses at changes coming in the Puppet 8 and beyond platforms? Or maybe you'd just like to help shape the next year of the Puppet community.

Puppet
B.3.036
13:00
13:00
60min
Lunch 3

Lunch
The HoGent cantina offers us a nice lunch menu.
As participants of CfgMgmtCamp, you can get a discounted special menu.
Registration is required, as a voucher presented to get the discount.

  • Boeuf (beef) Stroganoff with white rice
  • Veggie Stroganoff with white rice
  • Vol-au-vent and Belgian fries
  • Meat Lasagne
  • Spinash Lasagne
Main
ALL
14:00
14:00
240min
Ansible Workshop Afternoon Breakout
Carol Chen

Breakout Room for Ansible on Day3

Ansible
B.1.015
14:00
240min
Share approved setups with Pulumi Packages
Ringo De Smet

How can you provide a self-service model to infrastructure for your developers, but still have all the operational and security concerns fulfilled? Pulumi Packages to the rescue!

Developers can work together with operations and security people to build out infrastructure components which have all the functional and non-functional requirements integrated. As they are software components, these can be put under source control, unit tested and properly versioned.

Not all teams in a company use or prefer the same language. Pulumi Packages allow for components to be implemented in a single language but still consumed from any of the programming languages supported by Pulumi.

Ringo will shortly explain Pulumi’s architecture, so everyone understands the process. We then start to build the components, create all the SDKs for the Pulumi supported languages and consume at least one component from another language to see all the pieces at work.

Pulumi
B.2.009