0.32 ghent2025 2025-02-03 2025-02-05 3 00:05 https://cfp.cfgmgmtcamp.org/ghent2025/schedule/ Europe/Brussels 2025-02-03T08:15:00+01:00 08:15 10:00 Foyer ghent2025-763-breakfast-and-coffee-tea-day-1 https://cfp.cfgmgmtcamp.org/ghent2025/talk/HF8XUP/ false Breakfast en Breakfast and Coffee & Tea - Day 1 2025-02-03T09:00:00+01:00 09:00 00:25 D.Aud (Main) ghent2025-764-opening-day-1 https://cfp.cfgmgmtcamp.org/ghent2025/talk/XJSFTE/ false Opening en Opening Day 1 Kris BuytaertToshaan Bharvani 2025-02-03T09:30:00+01:00 09:30 00:50 D.Aud (Main) ghent2025-752-working-configs-humanity-the-real-world-joy-and-happiness-pick-two-ish- https://cfp.cfgmgmtcamp.org/ghent2025/talk/39GGMS/ false Main Full Talk - Monday & Tuesday en Why is it that we're so good at building things that work, as long as nobody asks what "it works" means? Why is it that we're so good at shipping changes to production, as long as nobody asks what counts as "a change"? Together we'll go on a journey, touring the space of where humans meet configuration as code with a blend of stories, visions, laments, and insights. Hazel Weakly 2025-02-03T10:20:00+01:00 10:20 00:50 D.Aud (Main) ghent2025-587-opentofu-18-months-later https://cfp.cfgmgmtcamp.org/ghent2025/talk/T7JBSA/ false Main Full Talk - Monday & Tuesday en In this talk, OpenTofu cofounder Sebastian Stadil will provide an update on the project, as well as share popular tricks and tips when migrating to, or using at scale, OpenTofu! Come listen to OpenTofu cofounder Sebastian Stadil provide an update 18 months into the project: tips & tricks, statistics, and some fun behind-the-scenes stories. If time permits, there will be a feedback session as well as Q&A. Sebastian Stadil 2025-02-03T11:25:00+01:00 11:25 00:50 D.Aud (Main) ghent2025-689-it-s-all-about-the-ecosystem-bby https://cfp.cfgmgmtcamp.org/ghent2025/talk/R7CKYH/ false Open Source Full Talk - Monday & Tuesday en You may or may not remember Steve Ballmer's famous "developers, developers, developers" cheer from the late 90's, but Microsoft has known something for a very long time that some OSS companies might learn from. When a tool or product exists in order to run third-party content -- that third-party content is the *real value* of your tool because without that content, there's no reason to buy the product. Commercially supported open source projects often lose track of this real value. And all too often, they learn that hard fact after community-hostile decisions decimate their ecosystem. SaltStack learned this the hard way, so did Hashi, Chef, and others. I'd like to talk about the idea that *the ecosystem is the product* and the thing that you build and sell only exists to support it. It's a subtle but important shift in mindset that I think helps keep focus on what's really important, and I'm using it to help direct the projects that I'm working on now. Ben Ford 2025-02-03T12:15:00+01:00 12:15 00:05 D.Aud (Main) ghent2025-704-ai-for-automation-scorecard https://cfp.cfgmgmtcamp.org/ghent2025/talk/K3KEZX/ false Ignite Ignite - Monday & Tuesday en An intro to some of the AI assistance opportunities available to the discerning ops persona, and how they score for some common tasks; Do they make things simpler or harder ? Karanbir Singh 2025-02-03T12:20:00+01:00 12:20 00:05 D.Aud (Main) ghent2025-665-gitlab-unplugged-real-life-tips-and-tales https://cfp.cfgmgmtcamp.org/ghent2025/talk/BZPAHL/ false Ignite Ignite - Monday & Tuesday en Buckle up for a wild chase through the nuances of GitLab. I’ll share all the practical insights, lesser-known tips, and small wins I've stumbled upon over the last few years. We’ll cover Identity and Access Management, GitLab's User Interface and, of course, Pipelines, a.k.a. - Who gets the keys? - There's a lot of buttons! - GitLabs biggest rabbit hole: CI Whether you’re a seasoned GitLab user or just starting out, this talk promises actionable insights and time-saving techniques to enhance your GitLab experience within only 5 minutes. Jan Bundesmann 2025-02-03T12:25:00+01:00 12:25 00:05 D.Aud (Main) ghent2025-747-software-formerly-known-as-chef https://cfp.cfgmgmtcamp.org/ghent2025/talk/UGEQAF/ false Ignite Ignite - Monday & Tuesday en Let's go over what Chef has on the plate! A look at what Chef has in the kitchen. We all know and love Chef from 10 years ago, let's go over our ecosystem! From startup to enterprise, a brief history of Chef over its lifespan. A celebration for the sweet sixteen years since the initial release in January 2009. Stories of lore and the problems it's solving and how those evolve with trends and innovations over the years. Heather Thacker 2025-02-03T12:30:00+01:00 12:30 00:05 D.Aud (Main) ghent2025-674-vox-pupuli-community-update https://cfp.cfgmgmtcamp.org/ghent2025/talk/FSRVXS/ false Ignite Ignite - Monday & Tuesday en Vox Pupuli is a Puppet focused community. The goal is to unite lonely module and tooling authors to provide a home for orphaned modules and to ensure a continued development of the code base. In this ignite we will inform you about the state of Vox Pupuli. Last year we announced options to sponsor us, this year we want to update you on the funding we received! You can also watch the slides online at: https://bastelfreak.de/cfgmgmtcamp2025/ignite.html#1 /media/ghent2025/submissions/FSRVXS/blue-skies_NSUUBrB.jpg Tim Meusel 2025-02-03T12:35:00+01:00 12:35 00:05 D.Aud (Main) ghent2025-568-you-say-you-can-exit-vim-have-you-ever-tried-exiting-ed-instead- https://cfp.cfgmgmtcamp.org/ghent2025/talk/GEJCYD/ false Ignite Ignite - Monday & Tuesday en You’ve heard about `emacs` vs `vim` , or maybe `vscode` vs `jetbrains`, I’m here to tell you there’s a text editor that is on every POSIX machine none of us know. `ed`, and in this ignite talk I’ll tell you everything you need to know to use it. JJ Asghar 2025-02-03T12:40:00+01:00 12:40 00:05 D.Aud (Main) ghent2025-741-use-one-or-more-weird-tricks-to-speed-up-your-salt-master https://cfp.cfgmgmtcamp.org/ghent2025/talk/3XWFN8/ false Ignite Ignite - Monday & Tuesday en In this session we will explore the difference between single vs parallel queues as operational models for a salt master's MWorker pool. You can take from this discussion one more argument in favor of a single queue model (at least when humans are not involved), which yields a clear performance increase. We will also cover some jinja caching additions and how to disable an unneeded pillar render. Justin Findlay 2025-02-03T14:00:00+01:00 14:00 00:50 D.Aud (Main) ghent2025-750-the-future-is-a-hypergraph https://cfp.cfgmgmtcamp.org/ghent2025/talk/WRZL3U/ false Main Full Talk - Monday & Tuesday en We’ve been working with the same automation primitives since the beginning - scripts that define our infrastructure, our configuration, and that glue everything together. In this talk we break down why we think the future of how you design automation will instead be based on a hypergraph of functions. Using real examples from System Initiative, we will show you what it’s like to build automation this way today, and get you thinking about what it’s possible to do together in the future. Adam Jacob 2025-02-03T14:50:00+01:00 14:50 00:50 D.Aud (Main) ghent2025-738-the-cue-registry-versioning-now-and-beyond https://cfp.cfgmgmtcamp.org/ghent2025/talk/BV3Y8M/ false Main Full Talk - Monday & Tuesday en We show how the CUE registry allows reproducible sharing of configuration and how this registry serves as a platform for unified configuration management. The CUE Registry allows units of configurations, called modules, to be shared with other users. Just as with many modern programming languages, these modules are versioned. However, the requirements for versioning in configuration are quite different from those in programming languages. We will explain how. The Registry also serves as a platform for change management. We will run through some of the features that we support now and that we have planned for future releases. Marcel van Lohuizen 2025-02-03T16:00:00+01:00 16:00 00:50 D.Aud (Main) ghent2025-647-elevate-your-infrastructure-exploring-crossplane-s-full-potential https://cfp.cfgmgmtcamp.org/ghent2025/talk/QYFHTB/ false Main Full Talk - Monday & Tuesday en Crossplane (https://www.crossplane.io/) and its user experience has matured greatly over the years and there are now numerous layers you can interact with while designing and building your internal developer platform powered by Crossplane. Should you directly declare the cloud resources you want Crossplane to create, should you create developer friendly simplified abstractions on top, should you stick with YAML or use a more full featured high level programming language? We will explore each of these layers in further detail through live demos to understand and efficiently harness the capabilities and experience of each. This will be a broad tour through the possibilities offered by Crossplane, all of which lead to a reliable and robust control plane to manage everything in the cloud that your organization could need! Yury TsarevTobias Kässer 2025-02-03T16:50:00+01:00 16:50 00:25 D.Aud (Main) ghent2025-592-innovation-incubator-our-devops-training-blueprint https://cfp.cfgmgmtcamp.org/ghent2025/talk/3R8EQB/ false Main Short Talk - Monday & Tuesday en Join me for a chat on how we prepare trainees for roles in tech in our organisation in a fun and engaging way. I'll share how we structure our three year traineeship program, taking our new colleagues from total beginners to competent professionals! Whether you're someone who is training, or getting trained - let's think about shaping the next generation of industry professionals. We'll explore training plans, learning tips, and teamwork strategies together. Don't miss how we help trainees step smoothly into their future roles as developers and system administrators. Join me for a brief, laid-back discussion on building a future where our trainees shine in their tech careers. Feu Mourek 2025-02-03T17:15:00+01:00 17:15 00:25 D.Aud (Main) ghent2025-609-a-puppet-pro-decides-to-learn-nix- https://cfp.cfgmgmtcamp.org/ghent2025/talk/YUVUTN/ false Main Short Talk - Monday & Tuesday en Configuration management is nothing new for Michael Stahnke. In this ignite talk, he’ll be looking at Nix, the functional package manager (and a bit of NixOS) from a foundational point of view and contrasting it from the theory and foundations coming from Puppet (with a few other tool comparisons thrown in). While configuration management’s role in delivering applications has changed over the years, the time is ripe to take what we’ve learned in the last 15 years - through containers, cloud native architectures and massively distributed systems - and develop a continually evolving approach. This will have some humor, some information, and some ideas about where we could head in the configuration management space given our cumulative knowledge. /media/ghent2025/submissions/YUVUTN/view__800600__xEswdqt_hfknDTv.png Michael Stahnke 2025-02-03T14:00:00+01:00 14:00 00:50 B.Con (Overflow + Main) ghent2025-606-introducing-software-configuration-management-to-a-young-agile-start-up https://cfp.cfgmgmtcamp.org/ghent2025/talk/L77FXL/ false Main Full Talk - Monday & Tuesday en Most DevOps/Agile people have never heard about Software Configuration Management (SCM). Those who have consider SCM to be either a bureaucratic obstacle or a superfluous task. After all isn't DevOps/Agile a complete development method and it doesn't (explicitly) mention SCM. That couldn't be more mistaken. All projects need to apply SCM concepts and principles to avoid that a certain amount of chaos reigns. Outside the software world it has long since been common practise to use configuration management. For many aspects software projects are no different from non-software projects. In this presentation, I would like to take things to the extreme and put forward my view on what, when and how to introduce SCM in a young, agile start-up. Just about the most informal, light-weight and fast-paced setup one could imagine. Even if your company is not a young, agile start-up maybe your needs (the what) and your priorities (the when) could/should be the same, though the implementation (the how) will probably differ. Lars Bendix 2025-02-03T14:50:00+01:00 14:50 00:50 B.Con (Overflow + Main) ghent2025-721-mgmt-config-running-in-production-and-best-practices https://cfp.cfgmgmtcamp.org/ghent2025/talk/DQUHEL/ false Main Full Talk - Monday & Tuesday en Mgmt is a real-time automation tool that is fast and safe. Is this running in production? What's taken so long? It was important for us to be better than legacy tools, not just a 1:1 replacement. I believe we've surpassed what was possible classically, and we're now using mgmt for real production workloads. We are managing routers, vm hosts, provisioning metal with automatic power-on, and so much more. I'll also dig into the new language features, and show you a bunch of common mcl patterns so you can learn to read and write effective code. As usual, I'll live demo to your hearts content! A number of blog posts on the subject are available: https://purpleidea.com/tags/mgmtconfig/ Attendees are encouraged to read some before the talk if they want a preview! James (purpleidea) 2025-02-03T16:00:00+01:00 16:00 00:50 B.Con (Overflow + Main) ghent2025-739-uyuni-the-open-source-configuration-and-infrastructure-management-solution-for-software-defined-infrastructure https://cfp.cfgmgmtcamp.org/ghent2025/talk/8ENFTR/ false Main Full Talk - Monday & Tuesday en **Uyuni is a configuration & infrastructure management tool that saves time, costs and headaches when managing and updating tens, hundreds or even thousands of machines.** With automated patch and package management, **it enables the deployment of patches and packages based on software channels and repositories that can be assigned.** Uyuni makes it easier to **onboard and manage any Linux server** connected to the network, from IoT edge devices to Kubernetes environment, no matter where it is located (private or 3rd party data center or in the public cloud). Uyuni is a single tool for **automated deployment** of hardened OS templates (bare metal/VM/container) to tens of thousands of servers and IoT devices for faster, consistent and repeatable **provisioning and configuration** without compromising speed or security. The **CVE audit** feature allows to check the status of public security patches and with **OpenSCAP** it's also possible to check for specification compliance and apply remediation right from Uyuni. /media/ghent2025/submissions/8ENFTR/uyuni-logo_j623zpP.png Pablo Suárez Hernández 2025-02-03T16:50:00+01:00 16:50 00:25 B.Con (Overflow + Main) ghent2025-622-increase-efficiency-in-eda-workloads-first-boot-automation-on-aws-with-python-and-boto3 https://cfp.cfgmgmtcamp.org/ghent2025/talk/T7NB9G/ false Open Source Short Talk - Monday & Tuesday en Born of a real world requirement from an EDA customer, this session details how you can use Python and Boto3 to modify the kernel command line parameters on first boot of an EC2 instance. This is something that according to conventional wisdom "cannot be done", and is only possible on the second boot. Yet on in a large compute environment, every second of billable runtime matters, both to keep costs down, and improve overall runtimes. With a little inventiveness and a little open source magic, is actually entirely possible to achieve this efficiency, and in this session I will show you how. James Freeman 2025-02-03T17:15:00+01:00 17:15 00:25 B.Con (Overflow + Main) ghent2025-701-from-containers-to-port-knocking-advanced-firewall-automation-with-nftables-and-rust https://cfp.cfgmgmtcamp.org/ghent2025/talk/3YX7ZF/ false Main Short Talk - Monday & Tuesday en As nftables becomes the standard for Linux packet filtering, we can efficiently automate Linux firewalls across multiple protocol layers. This session introduces a Rust-based SDK for nftables automation, covering programmatic options, practical applications, and insights from real-world implementations. Attendees will learn about nftables’ capabilities, common challenges in automation, and how lessons from Rust can apply across other languages and automation frameworks. With nftables now serving as the default packet filtering framework in modern Linux systems, the landscape of network and firewall automation is undergoing significant transformation. This session delves into the current state of programmatically directing nftables, highlighting the development of a Rust-based SDK for firewall automation. We will explore the various options available for automating nftables, discussing their capabilities and limitations. Drawing from the experience of building an SDK and an experimental network security appliance in Rust, we'll share insights on the challenges faced and lessons learned, including how these concepts can be adapted to other programming languages. The talk will feature real-world applications such as "pixel walls," container engine integrations, and authenticated port knockers, demonstrating the practical potential of nftables automation. We'll also address common pitfalls encountered in this space and provide strategies to navigate them effectively. /media/ghent2025/submissions/3YX7ZF/74997251_A0XvTrQ.png Jasper Wiegratz 2025-02-03T14:00:00+01:00 14:00 00:50 Ansible 1 (B.1.017) ghent2025-621-ansible-state-of-the-community https://cfp.cfgmgmtcamp.org/ghent2025/talk/RY9YZU/ false Ansible Full Talk - Monday & Tuesday en As one of the big events on the Ansible Community calendar, CfgMgmtCamp is an opportunity to get together and review how we're doing as a community. This talk is aimed at anyone with an interest in Ansible, as all voices are welcome in the discussion of how to shape the community in the coming year. Thanks for making the time to join the review of the Ansible Community in 2024 We will start by highlighting some wins the community has had, before digging into details of some of the larger projects. After that we will explore the Ansible Forum powered by Discourse, and see how together we've built critical mass of people, which has allowed for the community to have an even stronger voice At the end of 2024 we ran a huge survey, so let's look through what feedback you shared, and see how that helps shape up ideas for 2025 and beyond. Finally I'll explain what I hope you'll get out of Wednesday's Contributor Summit, and how this talk, and in fact, some of the other talks over the next 2 days hope to plant seeds for future discussions, so together we can continue to drive Ansible forward. John "gundalow" Barker 2025-02-03T14:50:00+01:00 14:50 00:50 Ansible 1 (B.1.017) ghent2025-591-using-sops-to-manage-secrets-in-ansible https://cfp.cfgmgmtcamp.org/ghent2025/talk/HSDKVH/ false Ansible Full Talk - Monday & Tuesday en [SOPS (Secrets OPerationS)](https://github.com/getsops/sops) is a tool for managing encrypted secrets for DevOps. This talk compares it to other solutions and shows how it can be used to manage secrets in Ansible. In this talk I will give an introduction to SOPS, then show how it compares to other secret managment solutions that can be used in Ansible (Ansible Vault, HashiCorp Vault, BitWarden, etc.), talk for which situations / team sizes I think SOPS is suitable, and will showcase using SOPS with the community.sops Ansible collection to solve some practical problems in Ansible. Talk slides and demo files: https://github.com/felixfontein/cfgmgmtcamp-2025-talk Felix Fontein 2025-02-03T16:00:00+01:00 16:00 00:50 Ansible 1 (B.1.017) ghent2025-602-making-os-compliance-bearable https://cfp.cfgmgmtcamp.org/ghent2025/talk/RTV7UM/ false Ansible Full Talk - Monday & Tuesday en An overview and demonstration to how through the use of Ansible and goss the open-source project [Ansible-Lockdown](https://github.com/ansible-lockdown) can help you achieve industry recognised security baselines [Centre For Internet Security](https://www.cisecurity.org/cis-benchmarks) and [DoD STiG](https://public.cyber.mil/stigs/) to assist you on your journey to achieving compliance. Why compliance matters? - Industry, government, regulatory, requirements How we do achieve? - We have to bring systems it compliance and validate it What do we do? We use ansible-lockdown /media/ghent2025/submissions/RTV7UM/1000067524_o1VMa2j.jpg Mark Bolwell 2025-02-03T16:50:00+01:00 16:50 00:50 Ansible 1 (B.1.017) ghent2025-612-simplifying-container-orchestration-with-ansible-and-podman https://cfp.cfgmgmtcamp.org/ghent2025/talk/CFRTJF/ false Ansible Full Talk - Monday & Tuesday en As organizations increasingly adopt containerization, Kubernetes has become the de facto standard for orchestrating clusters. However, for many teams, the complexity and overhead of managing a Kubernetes cluster can be daunting. In this talk, we'll explore an alternative approach to container orchestration that leverages Ansible's automation capabilities and Podman's container manager. We'll discuss how to use Ansible to define and manage containerized applications and services. We'll also dive into the world of Podman, a powerful, lightweight alternative to Docker that provides an easier and more secure way to run containers. Fabio Alessandro "Fale" Locati 2025-02-03T14:00:00+01:00 14:00 00:25 Ansible 2 (B.1.014) ghent2025-719-automating-aws-cloud-services-with-ansible https://cfp.cfgmgmtcamp.org/ghent2025/talk/UGQHAP/ false Ansible Short Talk - Monday & Tuesday en This presentation covers automating AWS services with Ansible, focusing on key modules and recommended practices for managing resources like EC2 and S3. It highlights recent updates and invites community collaboration. Come join us and see how Ansible can make AWS automation easy and reliable! In this presentation, we’ll explore how to automate AWS cloud services using Ansible, focusing on the amazon.aws and community.aws collections. We’ll cover key modules for managing AWS resources like EC2, S3, RDS, and IAM, and share recommended practices for efficient resource management, security, and compliance. We’ll also highlight recent updates and new features in these collections, and discuss upcoming improvements that will enhance AWS automation. Attendees will learn how to get involved and contribute to this work by participating in the Ansible community and providing feedback. Join us to discover how Ansible can automate your AWS infrastructure and streamline your cloud operations. Alina Buzachis 2025-02-03T14:25:00+01:00 14:25 00:25 Ansible 2 (B.1.014) ghent2025-610-streamlining-the-ansible-creator-experience-with-the-new-and-improved-ansible-development-tools https://cfp.cfgmgmtcamp.org/ghent2025/talk/EDFRP8/ false Ansible Short Talk - Monday & Tuesday en Introduction to Ansible development tools (ADT) and why is it required? What is included in ADT? Enhanced capabilities of Ansible VS Code extension Working with Ansible development container Scaffolding with Ansible plugins for Red Hat Developer Hub (RHDH) Ganesh B Nalawade 2025-02-03T14:50:00+01:00 14:50 00:50 Ansible 2 (B.1.014) ghent2025-684-beyond-copy-paste-using-ansible-development-tools-for-robust-automation-content https://cfp.cfgmgmtcamp.org/ghent2025/talk/GK8THR/ false Ansible Full Talk - Monday & Tuesday en As we all know, infrastructure automation has evolved beyond simple scripting, yet many organizations still rely on copying and pasting tasks from online sources into Ansible playbooks. While it seems expedient and "works on my machine", this approach introduces technical debt, reduces maintainability, and increases security risks. This session will demonstrate how Ansible Development Tools provide an intuitive and integrated experience for authoring automation content as an alternative to ad-hoc practices with disconnected tooling. During this talk, we'll take a look at tools like the VSCode extension, ansible-creator, ansible-lint, and navigator, as well as Ansible development environments. We'll examine how automation developers can seamlessly author reliable, idempotent playbooks that are tested, validated, and documented. We'll also show how to use the same tools and practices to generate, test, and build Ansible collections to distribute and share your automation content. By embracing Ansible development tools, organizations can avoid playbooks that increase the risk of deployment failure and move towards robust automation content that has predictable results, scales reliably across environments, and gives teams confidence to rapidly iterate and roll out improvements in production environments. Part 1: Streamlining the Ansible creator experience with the new and improved Ansible Development tools *Part 2: How to write Ansible Content* THIS TALK Part 3: Beyond copy-paste: Using Ansible Development Tools for Robust Automation Content /media/ghent2025/submissions/GK8THR/IMG_8045_TJXo2g9.jpg Sorin Sbarnea 2025-02-03T16:00:00+01:00 16:00 00:50 Ansible 2 (B.1.014) ghent2025-576-running-ansible-icinga-and-request-tracker-to-have-event-driven-automated-infrastructure-management https://cfp.cfgmgmtcamp.org/ghent2025/talk/7QPPY3/ false Ansible Full Talk - Monday & Tuesday en This talk show how you can use Ansible and Icinga to manage your infrastructure, having event driven and request driven infrastructure. This setup allows you to use Ansible and Request Tracker to drive new hardware adoption and automate internal requests for resources. In the same way Ansible and Icinga are used to auto remediate know incidents as to reduce human interventions and reduce the on-call support. Toshaan Bharvani 2025-02-03T16:50:00+01:00 16:50 00:50 Ansible 2 (B.1.014) ghent2025-584-comparing-ansible-development-environment-implementations https://cfp.cfgmgmtcamp.org/ghent2025/talk/3FHRGQ/ false Ansible Full Talk - Monday & Tuesday en Why would you want to develop Ansible in a container or a cloud? How could this help your development workflow or interaction with your team? This session aims to navigate through the concept of an Ansible Development Environment, exploring what it entails and how to effectively manage and distribute these environments, whether locally, across teams, or within cloud infrastructure. We will cover: - Introduction to Ansible Development Environments - Key Technologies and Tools - For instance: Dev Containers, DevPod, Eclipse Che or Coder - Best Practices for Managing and Distributing Development Environments - Motivation and Use Cases - Live Demos - Problem-Solution Mapping: What tool fits certain use cases? Niklas Werker 2025-02-03T14:00:00+01:00 14:00 00:25 Pulp (B.1.029) ghent2025-734-what-s-new-in-pulp- https://cfp.cfgmgmtcamp.org/ghent2025/talk/XS3EQP/ false Pulp Short Talk - Monday & Tuesday en It's been a year since we last met on CfgMgmtCamp. In this talk we want to take a short tour to outline the most important user visible changes. To this end we want to highlight specifically our revamped Website where all documentation for the project are now united. Also we are proud to finally present a GUI. Matthias Dellweg 2025-02-03T14:25:00+01:00 14:25 00:25 Pulp (B.1.029) ghent2025-728-reflections-on-2-years-of-operating-pulp https://cfp.cfgmgmtcamp.org/ghent2025/talk/KHRMTB/ false Pulp Short Talk - Monday & Tuesday en Pulp is an open source project that makes it easy for developers to fetch, upload, and distribute Software Packages on-prem or in the cloud. In this session I will share what my team has learned while operating Pulp over the last 2 years. I will also discuss what changes we want to make in Pulp 4 as a result of this experience. Dennis Kliban 2025-02-03T14:50:00+01:00 14:50 00:50 Pulp (B.1.029) ghent2025-680-state-of-deb-support-in-katello https://cfp.cfgmgmtcamp.org/ghent2025/talk/TTSDUC/ false Katello Full Talk - Monday & Tuesday en What's new and what's todo. We will show what has happened regarding APT content-management in Katello, e.g. 'Structured APT'. And give an outlook on what will be done next, e.g. Errata for Debian/Ubuntu. Katello is already quite capable of managing Debian and Ubuntu content. Our goal is to have feature parity with RPM content-management in Katello (e.g. Errata), while also giving space to features unique to APT-repositories (e.g. APT repo structure). The talk is meant to be a base for further discussion on what you, the community, is keen to see implemented next and maybe give reason to why it has not been implemented, yet. Features we will definitely talk about are: * Structured APT content * Debian/Ubuntu "Errata" Markus BucherQuirin Pamp 2025-02-03T16:00:00+01:00 16:00 00:50 Pulp (B.1.029) ghent2025-608-introduction-to-katello https://cfp.cfgmgmtcamp.org/ghent2025/talk/JTEHTH/ false Katello Full Talk - Monday & Tuesday en Katello adds a suite of content management tools to Foreman. Content distribution & mirroring, patching, lifecycle management, and access management are all included. In this presentation, I will give an introduction to Katello and demonstrate new features that have come out recently. This presentation will focus first on Katello basics: repositories, lifecycle environments, and content views. We'll discuss concepts that apply to each of the supported content types: yum/RPM, debian, container, python, ansible-collection, ostree, and generic files. Afterwards, we'll discuss how Katello can help you get your synced content deployed onto machines. We'll cover topics like host registration, patching, and kickstart provisioning with synced content. Smart proxies will be discussed as well in case the content needs to be distributed to machines across different geographical regions. At the end, I will show how a Katello user could tie the presentation materials together to create a production-ready environment. The demo will cover scenarios like quickly applying emergency patches (incremental update), caching content on the local network, and deploying custom software to hosts via Ansible. /media/ghent2025/submissions/JTEHTH/katello_43aus0c.png Ian Ballou 2025-02-03T16:50:00+01:00 16:50 00:50 Pulp (B.1.029) ghent2025-607-the-present-and-future-of-katello-s-container-registry https://cfp.cfgmgmtcamp.org/ghent2025/talk/VBP93V/ false Katello Full Talk - Monday & Tuesday en Katello provides patching, lifecycle management, and more to Foreman. While most users use Katello to keep EL and Debian machines up to date, did you know that it also has a container registry? Come to this presentation to learn how to use the container registry and what features are coming in the near future. Katello can be a great way to manage container content in your data center. Sync container repositories locally to reduce internet bandwidth, snapshot them to avoid surprise upstream image re-tagging, and distribute them across different geographical locations via smart proxies. As of recent releases, you can even push your custom built images to the Katello container registry as well. We have a couple exciting container-related features coming in the future too: OCI Flatpak support and bootc (image mode) host support. This presentation will include a demo of existing container registry functionality plus a sneak-preview of these features if they have code merged by the conference. /media/ghent2025/submissions/VBP93V/katello_YyTVFm3.png Ian Ballou 2025-02-03T14:00:00+01:00 14:00 00:50 Tofu / Cloud (B.3.013) ghent2025-712-writing-a-terraform-opentofu-provider-mvp-for-dummies https://cfp.cfgmgmtcamp.org/ghent2025/talk/N8GY3W/ false OpenTofu Full Talk - Monday & Tuesday en When it comes into infrastructure deployment, Terraform/OpenTofu has become a go-to tool for many engineers. A variety of providers enables the usage of a broad range of hyperscalers and applications. Even though most integrations might already be available by now, there are still some missing spots in the landscape. With some Golang basics and the Terraform SDK, you can craft a provider Minimum Viable Product in a couple of hours - let a me (a lousy developer) show you how! /media/ghent2025/submissions/N8GY3W/cover_eT0MnOh.png Christian Stankowic 2025-02-03T14:50:00+01:00 14:50 00:25 Tofu / Cloud (B.3.013) ghent2025-754-breaking-new-ground-with-opentofu-exclusive-features https://cfp.cfgmgmtcamp.org/ghent2025/talk/PMPARV/ false OpenTofu Short Talk - Monday & Tuesday en The OpenTofu community continues to roll out features that elevate the IaC experience beyond expectations. This talk dives into the unique and much-awaited capabilities exclusive to OpenTofu, designed to address real-world challenges and enhance flexibility, security, and efficiency in IaC workflows.Discover how State Encryption ensures sensitive data is protected natively, without the need for external solutions. Explore the game-changing Static Evaluation, enabling unparalleled flexibility by decoupling backend configurations from runtime execution. Learn how the Exclude directive simplifies resource management by letting you ignore specific resources during deployment. Dive into Per-Provider Configuration, a feature that allows you to customize behaviors for each provider in your stack, ensuring optimal performance.Join us to get these features in action, and to get a sneak peek at an upcoming addition designed to further cement OpenTofu’s position as a leader in the IaC space. Ronny Orot 2025-02-03T16:00:00+01:00 16:00 00:25 Tofu / Cloud (B.3.013) ghent2025-642-boosting-terragrunt-performance-in-atlantis-with-run-all-and-provider-caching-a-practical-configuration-example https://cfp.cfgmgmtcamp.org/ghent2025/talk/RXSRKK/ false OpenTofu Full Talk - Monday & Tuesday en In this talk, I’ll share how we built a custom workflow to harness Terragrunt’s run-all feature in Atlantis, allowing us to run Terraform across multiple, interdependent stacks in parallel. I’ll walk you through the challenges we faced, the bugs we tackled, and the lessons we learned so you don’t have to reinvent the wheel. Our setup relies on Terraform and GitLab, but it’s easy to adapt for OpenTofu or other version control and CI/CD tools. If you’re looking to streamline Terragrunt-based infrastructure workflows without the headaches, this talk is for you! Knowledge of terraform or tofu is **required**. You must have an idea of what terragrunt run-all is and what is used for. Knowledge of Atlantis is not required. In this talk, I’ll walk you through how we leveraged Terragrunt’s powerful run-all feature within Atlantis and built a custom workflow to do it. I’ll also share the key lessons we learned along the way, so you can build your own workflow without facing the same challenges we did. While our setup is based on Terraform for Infrastructure-as-Code (IaC) and GitLab for repositories with integrated CI/CD pipelines, the principles are easy to adapt to OpenTofu (IaC), and other repository and CI/CD solutions. Atlantis is a well-known tool for running Terraform CI/CD pipelines, and Terragrunt is widely used to orchestrate and scale Terraform code. Terragrunt’s run-all feature enables Terraform to run in parallel across multiple stacks, handling inter-stack dependencies. Although Atlantis offers a basic custom workflow to run Terragrunt on Terraform, we couldn’t find a ready-made solution that allowed us to use the run-all feature. This gap presented both a challenge and an opportunity, so we dove in. It wasn’t exactly smooth sailing, especially when certain bugs in Atlantis caused additional hurdles. But after plenty of troubleshooting, we made it work, and I’m here to share our journey—mistakes and all—so you don’t have to make the same ones. /media/ghent2025/submissions/RXSRKK/Run-All-2_4Hy0oLD.png Marco Marongiu 2025-02-03T14:00:00+01:00 14:00 00:25 Puppet 1 (B.1.015) ghent2025-758-state-of-puppet https://cfp.cfgmgmtcamp.org/ghent2025/talk/3BC7QX/ false Puppet Short Talk - Monday & Tuesday en In this talk well discuss what's happened in the open source product releases from Puppet to developer tools recently and what direction we're thinking.. did anyone say Puppet 9? We will also look at an overview of the state of community and where we think we can focus working better together. David Sandilands 2025-02-03T14:25:00+01:00 14:25 00:25 Puppet 1 (B.1.015) ghent2025-585-testing-puppet-code-with-voxbox https://cfp.cfgmgmtcamp.org/ghent2025/talk/WHTKEC/ false Puppet Short Talk - Monday & Tuesday en Testing Puppet code can be a hassle, but voxbox is here to save the day! Testing Puppet code can be a hassle, but voxbox is here to save the day! Voxbox is a complete testing environment in a container, with all the good gems from Vox Pupuli. Active maintained and ready to run locally or in your CI. It also has jq and yamllint on board. I will showcase how it is build, how it is used and how it can be integrated into gitlab-ci. Robert Waffen 2025-02-03T14:50:00+01:00 14:50 00:25 Puppet 1 (B.1.015) ghent2025-663-bolt-dynamic-inventory-making-puppet-easy https://cfp.cfgmgmtcamp.org/ghent2025/talk/GYKK3P/ false Puppet Short Talk - Monday & Tuesday en It is very common now for developers to code and test their applications on VMs, either locally hosted or on the cloud. As individuals have editor preferences (nvim, vscode, etc), so they have hypervisor. Once you create a bolt inventory file listing the server or servers, then bolt can easily configure those servers using custom puppet code. Instead of manually creating the bolt inventory, it is easy to create a dynamic inventory plugin--if it doesn't already exist--to suit your particular use case. This talk illustrates how we setup our own local dynamic inventory plugins to help with our automated development and testing. Gavin Didrichsen 2025-02-03T15:15:00+01:00 15:15 00:25 Puppet 1 (B.1.015) ghent2025-770-overview-of-the-new-openvox-build-pipeline https://cfp.cfgmgmtcamp.org/ghent2025/talk/7HXT7V/ false Puppet Short Talk - Monday & Tuesday en Description: Most of us remember how long it took for Puppet to get Debian 12 packages. The build pipeline was long and complex and used a lot of internal tooling that had to be updated manually. In current news though, the new OpenVox build pipeline has been totally revamped and simplified and adding support for RHEL 10 took about 10 minutes. Most of that was spent waiting for the build to complete. Nick would like to explain how it works and what we still have left to do. Nick Burgan 2025-02-03T16:00:00+01:00 16:00 00:50 Puppet 1 (B.1.015) ghent2025-675-doing-mass-puppet-enterprise-upgrades-in-highly-restricted-environments https://cfp.cfgmgmtcamp.org/ghent2025/talk/9NUL9E/ false Puppet Full Talk - Monday & Tuesday en How do you upgrade 3000 individual PE environments? 3000 environments that you don't manage and others own. 3000 environments without SSH access. Come with me on a "funny" journey and learn how we made this possible and how the PE upgrade process differs from Open Source. Lets do a deep dive into PE 2019->2021->2023 Upgrades and our open source tooling that made this possible. You can also watch the slides online at: https://bastelfreak.de/cfgmgmtcamp2025/pe.html#1 /media/ghent2025/submissions/9NUL9E/8bit-vpci_head_g5ETr4m.png Tim Meusel 2025-02-03T16:50:00+01:00 16:50 00:50 Puppet 1 (B.1.015) ghent2025-740-compliance-as-code-building-an-open-source-compliance-backend-for-puppet https://cfp.cfgmgmtcamp.org/ghent2025/talk/NXJTDG/ false Puppet Full Talk - Monday & Tuesday en Managing compliance in infrastructure as code environments is essential but can be daunting. Enter `compliance_engine`, a new open-source Ruby gem designed to streamline the mapping of compliance standards to Puppet code. Building on the foundation of SIMP's `compliance_markup`, this reimagined backend prioritizes performance, flexibility, and maintainability. In this session, we’ll explore the evolution from `compliance_markup` to `compliance_engine`, highlighting the architectural improvements that make it faster and easier to use. We’ll dive into real-world examples, demonstrating how the gem simplifies the enforcement of compliance policies, reduces complexity, and supports emerging standards. Attendees will gain insights into the challenges of implementing compliance as code and learn how `compliance_engine` can transform their approach to regulatory compliance in Puppet environments. Steven PritchardKendall Moore 2025-02-03T14:25:00+01:00 14:25 00:25 Puppet 2 (B.1.011) ghent2025-660-can-you-help-me-upgrade-to-puppet-8- https://cfp.cfgmgmtcamp.org/ghent2025/talk/UQHFN8/ false Puppet Short Talk - Monday & Tuesday en With each generation of Puppet, we have worked hard to improve upon it and increase its ease of use, however with this comes the unfortunate need to upgrade and change and Puppet 7 to Puppet 8 has shown to be a particularly challenging one, so let's talk about how we can make it easier. From removing legacy facts, to updating Rubocop rules, From updating your dependencies to..... well you'll have to listen to the talk to find out. We will take you through a step-by-step process to ensuring that your modules are fully up to date and ready for the Puppet version bump. David G Swan 2025-02-03T14:50:00+01:00 14:50 00:50 Puppet 2 (B.1.011) ghent2025-657-scaling-puppet-beyond-scalability-or-how-to-manage-100k-nodes https://cfp.cfgmgmtcamp.org/ghent2025/talk/LAFEVQ/ false Puppet Full Talk - Monday & Tuesday en How to setup a Puppet Environment which manages more than 100k nodes? What kind of requirements or limitations do we have to take care about? How to support all internal tenants and projects? How to roll out global changes? This talk will provide insights in high volume Puppet setup and why we need a fully automated base infrastructure and how we can achieve this Large companies usually have several datacenters with many servers (physical or VM). Besides this it is well known that an Enterprise organisation is a collection of small to medium size kingdoms and every emperor wants to be right in their decisions in any cases. How to ensure compliance and security in such an environment? How to ensure that global changes are adopted fast. Who is responsible for which part and how can we put all the parts together. Martin Alfke 2025-02-03T16:00:00+01:00 16:00 00:25 Puppet 2 (B.1.011) ghent2025-702-the-puppet-report-processor-and-customising-your-data https://cfp.cfgmgmtcamp.org/ghent2025/talk/KDMN38/ false Puppet Short Talk - Monday & Tuesday en The Puppet Report Processor is a component in Open Source Puppet that collects data about nodes during Puppet runs and processes the information into reports. Puppet can send this data to dashboards, but sometimes, customized handling of this data is needed. Writing a custom report processor allows you to tailor reports for specific use cases, such as logging specific metrics, integrating with other monitoring tools, or alerting based on custom-defined conditions. Custom processors enable deeper, more targeted insights into your infrastructure. /media/ghent2025/submissions/KDMN38/puppet_ix7m2Jj.png Greg HardyBronach Falls 2025-02-03T16:25:00+01:00 16:25 00:25 Puppet 2 (B.1.011) ghent2025-727-how-we-use-choria-orchestration-in-an-enterprise-setting https://cfp.cfgmgmtcamp.org/ghent2025/talk/W7WAZG/ false Puppet Short Talk - Monday & Tuesday en A real life view into how an enterprise company uses Choria for orchestration and what we had to build around it. This talk gives the basics of Choria along with infrastructure considerations such as running only from Jenkins and code considerations including control repo organization, org specific stdlib and interacting with other teams. Garrett Honeycutt 2025-02-03T16:50:00+01:00 16:50 00:25 Puppet 2 (B.1.011) ghent2025-658-hdm-release-3 https://cfp.cfgmgmtcamp.org/ghent2025/talk/FCSFJP/ false Puppet Short Talk - Monday & Tuesday en What is new in HDM Release 3? Hiera Data Manager (HDM) is a web UI, which provides insight into your Hiera Data. One can easily check, which values are set in which layer and recognize, why a node receives which configuration data. With the newest release we added some new features, which I would like to present. Martin Alfke 2025-02-03T17:15:00+01:00 17:15 00:25 Puppet 2 (B.1.011) ghent2025-628-1001-ways-of-assigning-a-class-to-a-node https://cfp.cfgmgmtcamp.org/ghent2025/talk/TCKR7P/ false Puppet Short Talk - Monday & Tuesday en Overview of possibilities to assign classes to nodes The Puppet tutorial assembles configuration aus snippets in manifests/site.pp node default { include apache } . There are more possibilities than advertised by Puppet: * External Node Classifier * Roles und Profiles * Hiera Chainloading as Array or Hash * Puppet Enterprise Console/Foreman Host Groups We will get a quick intro to each of them, an explanation on how to shoot yourself in the knee with these and a field report of ways that have proven to cause less pain. Marcus Poller 2025-02-03T14:00:00+01:00 14:00 00:50 Niks (B.1.036) ghent2025-755-the-environments-inside-your-containers https://cfp.cfgmgmtcamp.org/ghent2025/talk/ZRFZV7/ false Nix Full Talk - Monday & Tuesday en The Dockerfile is widely used to create container images, but it's fraught with problems like a lack of reproducibility, gaps in security, and sub-optimal dependency management. These problems lead to large image sizes, unpredictable build processes, and a lot of management challenges. In this talk we will address these problems and show how Flox can change the standard way we build container images to make it more secure and simpler. Through practical examples we will look at how companies use Flox to empower their developers to create efficient, reliable, and secure container images. And why stop there, when Flox provides a way to improve your whole SDLC! This presentation will be useful for both advanced container users and new ones, since at Flox we focus heavily on providing the best DX while not compromising security Rok Garbas 2025-02-03T14:50:00+01:00 14:50 00:25 Niks (B.1.036) ghent2025-729-system-manager-unleashing-nix-on-almost-any-distro https://cfp.cfgmgmtcamp.org/ghent2025/talk/7ZNWBM/ false Nix Short Talk - Monday & Tuesday en Nix offers an alternative to the well-known container-based deployment flow, and can offer several benefits compared to those container-based deployments. However, it's not immediately obvious how you would use nix to deploy services on machines running Linux distributions other than the nix-native NixOS. To address this, we developed a tool called system-manager, which allows you to manage certain aspects of the system configuration of a Linux system using nix, while leaving others to be managed using the usual tools of the underlying distribution. In this talk I'll present the tool and the problem that it tries to solve, and show you what it can already do today to help you build and deploy services using nix. From there we will look at the future and discuss some potential future directions in which we could take the project. Ramses 2025-02-03T15:15:00+01:00 15:15 00:25 Niks (B.1.036) ghent2025-688-declarative-multi-host-abstractions-with-nix https://cfp.cfgmgmtcamp.org/ghent2025/talk/TH3FAJ/ false Nix Short Talk - Monday & Tuesday en The _module system_ is a powerful Nix DSL for writing high-level abstractions. In this talk, I'll give you an introduction to the module system, showcasing its wide range of use cases: Starting from simple development shells, over dotfile and system management, all the way to multi-host abstractions. Nix derivations (aka build recipes) allow you to declaratively specify builds and configuration, making them forever repeatable for everybody. The purely functional Nix language is used to write such derivations, which is done extensively for Nixpkgs, one of the largest and most active package repositories. However, the Nix language is very bare-bones, it's really just a lambda calculus with syntactic sugar. The so-called _module system_, a Nix DSL, is well-known to enable creating higher-level abstractions, forming the basis of NixOS. In this talk, I'll give you an introduction to the module system, showcasing its wide range of use cases: Starting from simple development shells, over dotfile and system management, all the way to multi-host abstractions. Slides available here: https://github.com/tweag/cmc2025 infinisil / Silvan Mosberger 2025-02-03T16:00:00+01:00 16:00 00:25 Niks (B.1.036) ghent2025-668-one-command-nixos-setup-for-turing-pi-cluster-boards https://cfp.cfgmgmtcamp.org/ghent2025/talk/DNPT93/ false Nix Short Talk - Monday & Tuesday en During this talk, I will walk you through the process of deploying NixOS on the nodes of a Turing Pi cluster board. More specifically, we will deploy NixOS with a single command. The Turing Pi is a Mini ITX cluster board that supports up to four compute modules interconnected by a network. It is compatible with Raspberry Pi 4 compute modules, Nvidia Jetson compute modules, and Turing Machines' own Turing RK1 compute modules. The Turing Pi also includes a baseboard management controller (BMC) with open-source firmware, which can be managed through a web UI and a custom CLI tool called TPI. In this talk, we’ll explore how to deploy NixOS on a Turing Pi cluster board using four Raspberry Pi 4 compute modules, all with a single command, by leveraging the TPI. Wout Swinkels 2025-02-03T16:25:00+01:00 16:25 00:25 Niks (B.1.036) ghent2025-698-nix-all-the-things https://cfp.cfgmgmtcamp.org/ghent2025/talk/PWFLR7/ false Nix Short Talk - Monday & Tuesday en Declarative systems work better when they encompass more of their domain. Nix is a general configuration language with the power to bridge multiple domains. This talk will focus briefly on a couple of projects to explore how Nix can be used, and lays out a vision for functional DevOps, to provide a unified experience for - **build**: a brief analysis of the Nix architecture - **operating system** configuration: principles behind NixOS - **process managers**: Nix processmgmt and Nix RFC 163 services - **continuous integration**: Hercules CI - **deployment of distributed systems**: NixOps4 Robert Hensing 2025-02-03T14:00:00+01:00 14:00 00:25 Foreman (B.1.031) ghent2025-644-foreman-community-updates https://cfp.cfgmgmtcamp.org/ghent2025/talk/8ZCRRN/ false Foreman Short Talk - Monday & Tuesday en Over the past year, Foreman has seen significant updates that enhance its flexibility, performance, and support for modern infrastructure needs. In this session, we’ll walk through the key changes and new features, including enhancements in host provisioning, Secure Boot support, the integration of GitHub Actions (GHA) into Foreman, and expanded IPv6 capabilities, which is currently in the refinement stage. We will also cover the upgrade from PatternFly 4 to PatternFly 5, the Ruby 3 upgrade, and the Rails 7 upgrade. Additionally, we will highlight the Foreman Birthday event, the introduction of popular use-case demos, and improvements to the documentation and the docs team. This talk will provide insights into how these updates improve Foreman’s functionality and address evolving user needs, helping administrators manage their environments with greater ease and security. Nofar 2025-02-03T14:25:00+01:00 14:25 00:25 Foreman (B.1.031) ghent2025-673-managing-hosts-with-foreman-in-ipv6-world https://cfp.cfgmgmtcamp.org/ghent2025/talk/SQFYHD/ false Foreman Short Talk - Monday & Tuesday en We will discuss the state of multiple host management aspects in IPv6 world Let's talk about provisioning, facts, remote execution and inventory for hosts that run on IPv6 only and dual-stacked networks. Shimon Shtein 2025-02-03T14:50:00+01:00 14:50 00:50 Foreman (B.1.031) ghent2025-603-delivering-foreman-getting-code-from-developers-to-users https://cfp.cfgmgmtcamp.org/ghent2025/talk/QF73PQ/ false Foreman Short Talk - Monday & Tuesday en Foreman is a large application and getting it our users reliably requires effort. During this talk we'll go through how software gets from developers to users by using exciting things like processes and procedures. Writing code is nice, but it's useless until users get their hands on it. Foreman developers have been writing code since 2009 and users have gotten their hands on it. Foreman's release team has the not so glorious task to make sure they do. For the past decade there's been a time based release schedule. Lessons were learned, processes designed, procedures written. We'll walk through the various stages of the release cycle, why we have them and how we make sure we stick to the schedule. Ewoud Kohl van Wijngaarden 2025-02-03T15:15:00+01:00 15:15 00:25 Foreman (B.1.031) ghent2025-768-foreman-ama https://cfp.cfgmgmtcamp.org/ghent2025/talk/8DFG7U/ false Foreman Short Talk - Monday & Tuesday en Foreman AMA Nofar 2025-02-03T16:00:00+01:00 16:00 00:50 Foreman (B.1.031) ghent2025-654-secure-boot-for-arbitrary-operating-systems-with-foreman https://cfp.cfgmgmtcamp.org/ghent2025/talk/7DMX87/ false Foreman Full Talk - Monday & Tuesday en Secure Boot is part of UEFI, which uses cryptographic mechanisms to ensure the authenticity of the software loaded and executed by the firmware. Foreman will support provisioning of Secure Boot enabled hosts for any supported Linux operating system in near future. In our presentation we want to give an insight into how Secure Boot works in general, which changes were necessary in Foreman to support Secure Boot for all operating systems, and how provisioning of a Secure Boot enabled host actually works. Markus ReisnerJan Löser 2025-02-03T16:50:00+01:00 16:50 00:50 Foreman (B.1.031) ghent2025-649-upgrading-custom-applications-from-el8-to-el9-by-writing-own-leapp-actors https://cfp.cfgmgmtcamp.org/ghent2025/talk/XH77AU/ false Foreman Full Talk - Monday & Tuesday en To upgrade the operating system underneath an application, everybody should just redeploy said application on a new system, which thanks to automation is both easy and fast. After recovering from the shock of reading "just", "easy" and "fast" in once sentence, we have to realize that a fresh deployment is not always the easiest/fastest path forward, or maybe not even possible at all. This is where distributions come to help us by offering support for major upgrades "in place". For Enterprise Linux such upgrades are done by [Leapp](https://leapp.readthedocs.io/), which is both a framework to orchestrate complex upgrades and a collection of helpers (so called actors) for upgrading Enterprise Linux setups with common applications installed. However, "common applications" might not include the one *you* are developing and have deployed on-premises at many customers. In this talk we will show how we developed the custom actors required for upgrading [Foreman](https://theforeman.org) from EL8 to EL9, which challenges we faced and which shortcuts we took. [Slides with speaker notes (press S)](https://evgeni.github.io/talks/cfgmgmtcamp2025-Upgrading_custom_applications_from_EL8_to_EL9_by_writing_own_Leapp_actors.html) Evgeni Golov 2025-02-03T14:00:00+01:00 14:00 00:50 Kube (B.3.032) ghent2025-565-kubernetes-from-scratch-the-hard-way https://cfp.cfgmgmtcamp.org/ghent2025/talk/CR8UGL/ false Kubernetes Full Talk - Monday & Tuesday en To understand the inner workings of Kubernetes and to prepare for the K8s certification exams, I decided to create a K8s cluster from scratch, the hard way, on premises (“de meterkast”) on virtual machines all using Alpine Linux. This talk is how I tried to do it, how I succeeded, failed and added a CEPH cluster and ETCD cluster along the way. It includes a lot of technical details, but if there is one thing that you should learn during this talk, it’s not about K8s at all: Containers are not VMs! Alain van Hoof 2025-02-03T14:50:00+01:00 14:50 00:50 Kube (B.3.032) ghent2025-703-no-drama-config-management-at-million-core-scale https://cfp.cfgmgmtcamp.org/ghent2025/talk/UXZJYV/ false Kubernetes Full Talk - Monday & Tuesday en Getting to multi mllion cores of managed infrastructure, with no drama. Stories from the trenches of how Red Hat scales our managed OpenShift services in hybrid cloud with Automation and Config Management. And Automation that manages Automation. And automation that manages automation that manages automation. The Red Hat Hybrid Cloud Management group builds and runs a large fleet of OpenShift clusters delivered as a fully managed offering across AWS, Azure and GCP. Building this service, with a view to maximise customer value, with a small team forced us to think about automation from the ground up - and to think of it in terms of working in turn with an audience of operators. This talk will dive into lessons we learnt and stories of how we learnt them, while building a service for SRE's and DevSecOps and Developers around the world. Karanbir Singh 2025-02-03T16:00:00+01:00 16:00 00:25 Kube (B.3.032) ghent2025-620-simplifying-kubernetes-monitoring-with-icinga https://cfp.cfgmgmtcamp.org/ghent2025/talk/AH78JZ/ false Kubernetes Short Talk - Monday & Tuesday en Monitoring Kubernetes doesn’t have to be complicated. In this talk, I’ll introduce a new module we’re developing for Icinga, currently in beta, that simplifies Kubernetes monitoring in the same way Icinga has for traditional infrastructure. We’ll explore how this module makes it easier to monitor your clusters’ health and performance, allowing you to identify issues early. Whether you’re new to Kubernetes or managing large-scale clusters, this session will provide a preview of what’s to come and how it can streamline your monitoring processes. Feedback and insights are welcome as we refine the tool. Kubernetes offers powerful orchestration capabilities, but monitoring its dynamic environment can be tricky. In this session, we’ll dive into the development of a new module for Icinga that simplifies Kubernetes monitoring, making it more accessible for users who are familiar with traditional IT infrastructure setups. While the module is still in the beta phase, I’ll walk through its current features, show how it integrates with your existing Icinga setup, and discuss future enhancements. We’ll look at practical examples of monitoring critical aspects like node health, pod status, and resource utilization, all through Icinga’s familiar interface. Blerim Sheqa 2025-02-03T16:25:00+01:00 16:25 00:25 Kube (B.3.032) ghent2025-760-got-a-secret-can-you-keep-it-mastering-secret-management-in-kubernetes https://cfp.cfgmgmtcamp.org/ghent2025/talk/HS8ELE/ false Kubernetes Short Talk - Monday & Tuesday en Managing secrets in Kubernetes can be a complex and overwhelming process, especially with the wide range of available options. This talk, designed for intermediate users, aims to demystify the process by providing a practical roadmap drawn from my own journey. I will explore common challenges and share insights from transitioning through various approaches, from Kubernetes' built-in secrets to external tools like Sealed Secrets, CSI Secrets Store, and External Secrets. Through real-world examples and lessons learned, attendees will leave with actionable strategies to manage secrets more securely and efficiently in their Kubernetes environments, while contributing to stronger community practices and more resilient applications. Engin Diri 2025-02-03T16:50:00+01:00 16:50 00:50 Kube (B.3.032) ghent2025-715-continuous-delivery-on-multi-architecture-kubernetes-clusters-with-argocd https://cfp.cfgmgmtcamp.org/ghent2025/talk/L7WJRN/ false Kubernetes Full Talk - Monday & Tuesday en Kubernetes is the most popular container orchestration platform out there, and for anyone who wants to do GitOps on Kubernetes, ArgoCD is a leading open source project in this space. This presentation will walk you through the management of multi-architecture applications for Kubernetes with ArgoCD. In this presentation, we will run through the process of managing container applications on hybrid arm64 and x86 Kubernetes clusters using ArgoCD for GitOps, including: * Why add arm64 compute nodes to your Kubernetes clusters? * Tooling to build and manage multi-arch containers * Continuous integration and delivery patterns * Workload placement and orchestration in Kubernetes Dave Neary 2025-02-04T08:15:00+01:00 08:15 10:00 Foyer ghent2025-766-breakfast-and-coffee-tea-day-2 https://cfp.cfgmgmtcamp.org/ghent2025/talk/8P88WY/ false Breakfast en Breakfast and Coffee & Tea - Day 1 2025-02-04T09:00:00+01:00 09:00 00:15 D.Aud (Main) ghent2025-765-opening-day-2 https://cfp.cfgmgmtcamp.org/ghent2025/talk/ZHGUM7/ false Opening en Opening Day 2 Toshaan BharvaniKris Buytaert 2025-02-04T09:20:00+01:00 09:20 00:50 D.Aud (Main) ghent2025-723-how-we-troubleshoot-difficult-problems-cognition-and-understanding-causality-in-distributed-software-systems https://cfp.cfgmgmtcamp.org/ghent2025/talk/EYDVJG/ false Main Full Talk - Monday & Tuesday en Troubleshooting can be one of the most difficult aspects of software operations. There are several reasons for this. One is that our views of the systems we run are often mediated through limited forms of observability. At their best, such tools tend to show us only state, not how systems got into a state. Another problem is that issues can be intermittent, and difficult to reproduce. Many of the most challenging issues involve systems that are not broken, merely slow or consuming excessive resources. There is uncertainty, and, often, there is a lot of pressure to get things resolved quickly. Much of the time, we don't really understand the system end-to-end when we begin an investigation. So how do we do this work? This talk will dive into what we know about how the best troubleshooters succeed at their work, combining what we know from cognitive science research on 'cognition in the wild' in a variety of domains with my own research on troubleshooting activities in software. Laura Nolan 2025-02-04T10:10:00+01:00 10:10 00:50 D.Aud (Main) ghent2025-652-from-bottleneck-to-enabler-pulling-infrastructure-coding-out-of-the-value-stream https://cfp.cfgmgmtcamp.org/ghent2025/talk/AVUFQQ/ false Main Full Talk - Monday & Tuesday en Drawing on principles from Lean thinking, value stream mapping, and Team Topologies, this talk explores how to change the way we design and build Infrastructure as Code to accelerate development rather than create bottlenecks. Infrastructure-as-code and cloud technologies ought to make software delivery effortless, but for many teams environments are still bottlenecks. Development teams wait for environments, clean up after each other, and depend on infrastructure teams for basic changes. Meanwhile, infrastructure teams are caught in an endless cycle of maintenance and minor updates instead of driving platform innovation. Drawing on principles from Lean thinking, value stream mapping, and Team Topologies, this talk explores why traditional infrastructure code practices create delivery bottlenecks rather than accelerate development. You'll learn practical patterns for: Separating environment provisioning from infrastructure evolution Enabling development teams to self-serve environments Freeing infrastructure teams to focus on meaningful platform improvements Leave with concrete strategies to transform your infrastructure from a bottleneck into an enabler of rapid, reliable software delivery. /media/ghent2025/submissions/AVUFQQ/kief-at-goto-narrow_5kkpBkb.jpg Kief Morris 2025-02-04T11:20:00+01:00 11:20 00:50 D.Aud (Main) ghent2025-757-pkl-ing-your-config-makes-it-last-longer https://cfp.cfgmgmtcamp.org/ghent2025/talk/W7QSQG/ false Main Full Talk - Monday & Tuesday en Configuration language [Pkl](https://pkl-lang.org) can be used for all of your configuration, large or small. Whether defining a collection of services in an Infrastructure-as-Code way, or just configuring your local machine, Pkl can make all of it DRYer, safer, and more ergonomic. This talk demonstrates how Pkl’s very strong validation system, flexible output renderers, and best-in-class editor support make Pkl a truly generic configuration language. You will see why Pkl is consistently the better (safer, more ergonomic, more comprehensible) alternative to templating. Finally, you will see how configuring your whole technology stack at once leads to even DRYer and safer configurations. Philip Hölzenspies 2025-02-04T12:10:00+01:00 12:10 00:05 D.Aud (Main) ghent2025-572-how-did-i-end-up-here- https://cfp.cfgmgmtcamp.org/ghent2025/talk/YEHSQU/ false Ignite Ignite - Monday & Tuesday en How did I end up here?.. I don't know really, but we can look back at what happened together, the chances I got, and how I navigated them. It feels like yesterday when I was still tinkering with hardware, designing my own PCBs, writing firmware, blowing up resistors... And then, all of a sudden, I started writing web applications... Then I discovered DevOps, and infrastructure... And now, I'm working on cool stuff I couldn't have imagined I'd be doing 2 years ago. My professional career started in 2019, starting my embedded hardware and software consulting company, creatively named “BRYAN HONOF GCV”. It doesn't feel like it's been that long, but it has been almost 5 years since then, and _a lot_ has changed. I'd like to take you on the journey of a young and starting professional. Looking at the good, the bad, and the ugly. But most importantly, inspire you to follow your ideas, and not lose yourself in the process. Bryan Honof 2025-02-04T12:15:00+01:00 12:15 00:05 D.Aud (Main) ghent2025-656-most-useful-development-tool-for-ansible-content-that-is-rarely-used-is-even-better-for-the-teams https://cfp.cfgmgmtcamp.org/ghent2025/talk/S9ZRBD/ false Ignite Ignite - Monday & Tuesday en ARA (ARA Records Ansible) is an Ansible development tool that makes it much easier to understand, troubleshoot and debug Ansible content during development process. This tool can also help you to collaborate with your team members on Ansible content development. This talk will cover the following topics: - What is ARA and how it works - How to set up ARA in your environment - How to use ARA to understand, troubleshoot and debug Ansible content - How to use ARA to collaborate with your team members on Ansible content development - How to integrate ARA into your CI/CD pipeline - How to use ARA to track changes in your Ansible content This talk is designed for Ansible content developers of all levels. Whether you are a seasoned expert or just starting with Ansible, https://kksat.github.io/s/ara-ansible Kirill Satarin 2025-02-04T12:20:00+01:00 12:20 00:05 D.Aud (Main) ghent2025-624-positive-psychology-with-ansible https://cfp.cfgmgmtcamp.org/ghent2025/talk/BSUMTD/ false Ignite Ignite - Monday & Tuesday en Already successfully presented at both the London Ansible MeetUp and AnsibleFest 2021, this newly revised session (adapted to the exciting Ignite format) aims to promote interest and excitement in the field of positive psychology, and demonstrate how you don't need to work in this field to benefit from it. In fact, the design of Ansible directly supports positive psychology, and in this session I will demonstrate how. James Freeman 2025-02-04T12:25:00+01:00 12:25 00:05 D.Aud (Main) ghent2025-745-against-yaml-jinja https://cfp.cfgmgmtcamp.org/ghent2025/talk/FKWD8R/ false Ignite Ignite - Monday & Tuesday en Yaml can be a good compromise between free form text and the rigidity of a markup language depending on the schema imposed. Jinja imitates python's strong, implicit typing but as a template imposed on yaml, it's both structureless and fundamentally at conflict with a whitespace-sensitive language such as yaml. Allowing users to dynamically assemble source data in production means they can't test before that point. Can we shift invariant parts of config left into CI while keeping CI fixed while production continues to grow? Justin Findlay 2025-02-04T12:30:00+01:00 12:30 00:05 D.Aud (Main) ghent2025-643-increasing-the-security-of-downloading-resources-from-the-internet https://cfp.cfgmgmtcamp.org/ghent2025/talk/MX9C8H/ false Ignite Ignite - Monday & Tuesday en Resources are often downloaded from the internet, also in automation scripts. It is often impossible or cumbersome to validate the downloads integrity and authenticity. At Asfaload, we want to propose a solution we think is both practical and efficient. We have developed [Asfald](https://github.com/asfaload/asfald), a tool that can be used to download resources from the internet, like curl would do, but it additionally validates checksums of files downloaded. It downloads checksums files from a mirror we maintain of checksums files published alongside the resource to be downloaded (currently in Github releases, but other publishing means can be easily supported). Our next step is to cover files authenticity, i.e. ensuring the file downloaded was published by the maintainer of the repo it is downloaded from. Raphaël Bauduin 2025-02-04T12:35:00+01:00 12:35 00:05 D.Aud (Main) ghent2025-667-let-red-be-red-and-green-be-green https://cfp.cfgmgmtcamp.org/ghent2025/talk/X8HNKZ/ false Ignite Ignite - Monday & Tuesday en Re-kicking failed pipelines and workflows can become tedious particularly when these are transient failures, impacting performance and costing resources. In this talk we will show you how you can improve the reliability of your pipelines, through the use of an automated workflow re-starter which will automatically trigger a rerun of your workflows in Github Actions. CI/CD pipelines are the backbone of your development and deployment process, however they can suffer from inefficiencies and transient failures leading to your team wasting valuable time. This talk provides a deep dive into the art of workflow restarting, a reliable approach to improving your pipelines,take back control over your pipelines and keep them running smoothly. Attendees will gain a clear understanding of how to configure and implement the workflow restarter for better performance of there pipelines. Whether it's a failed test or job, this restarter is configurable to your GitHub CI/CD pipeline. Dana Doherty 2025-02-04T12:40:00+01:00 12:40 00:05 D.Aud (Main) ghent2025-718-puppet-evolution-key-changes-and-modernization-tips https://cfp.cfgmgmtcamp.org/ghent2025/talk/GBP8QF/ false Ignite Ignite - Monday & Tuesday en A lot of people ask me about what's changed in Puppet since older versions 4 or 3 or older so this whistlestop ignite will look to highlight how Puppet has changed and give some quick tips what to look for and modernize David Sandilands 2025-02-04T14:00:00+01:00 14:00 00:25 D.Aud (Main) ghent2025-566-it-s-your-own-damn-fault-why-great-people-don-t-want-to-work-with-you https://cfp.cfgmgmtcamp.org/ghent2025/talk/FGLTVM/ false Main Short Talk - Monday & Tuesday en "People don't want to work anymore! "We can't find good employees!" "We'd totally want better gender parity, but we just don't get applications from women!" If quotes like this bounce around in your organisation, it's doing something wrong. Horribly wrong. For at least 30 years, the open source software community — and organisations that emulate its tried-and-true practices — demonstrate what you need to do in order to attract good people. And yet, there's a million things that companies can (and do!) stuff up. Many hiring organisations cheerfully run around with a double-barrelled shotgun pressed firmly against their feet, and happily pull the trigger again and again. In this talk, I cover some of the more-than-typical footguns that organisations employ, and what *your* team can do to be better. Florian Haas 2025-02-04T14:25:00+01:00 14:25 00:25 D.Aud (Main) ghent2025-692-oss-is-not-the-same-as-source-available https://cfp.cfgmgmtcamp.org/ghent2025/talk/UWREUC/ false Main Short Talk - Monday & Tuesday en Using open source projects to bootstrap will help you bring your product to market faster, right? We all know that idea, and countless startups have proven it true. But it’s what you do afterwards that really matters. Being a good open source citizen is more than just chucking your source code at a GitHub repository (or worse, only part of your source code!) and expecting to reap the benefits of an open source community forever. A true open source company invites collaboration and actively participates. Its engineers and product managers engage with pull requests and issues and help steward feature growth that actually matters to the users. It communicates openly with its community about statuses and roadmaps, even when the news isn’t super rosy. And it contributes fixes upstream to the projects it uses. This isn’t just idealism. Ignoring community leads to stagnation and a poor market fit. I’m sure we’ve all seen examples of that. This talk will explore how companies can genuinely contribute to the open source community, building real connections and creating lasting impact together with their users. Nick Burgan 2025-02-04T14:50:00+01:00 14:50 00:50 D.Aud (Main) ghent2025-671-the-confusing-case-of-cloud-app-domicilicity https://cfp.cfgmgmtcamp.org/ghent2025/talk/MRSBVF/ false Main Full Talk - Monday & Tuesday en We're nearly two decades into cloud. Where have all the apps gone? You'd think it'd be simple to answer that question: probably all in the cloud, right? It turns out the answer is elusive. I've tried for years! It could be as much as 70%, or as low as 30%. Maybe. Those numbers could be hokum. These are apps you manage and write, you should know where they tend to live. This talk will go over my latest investigations into this mystery with no goal other than gather up the clues and wire them up with red crazy board string. I'll then speculate how that newly updated crazy board can drive how you think about what about it, if anything. I'll pull together recent research, analysis, surveys, and all that to try to answer the quandary. An audience survey would be fun too. /media/ghent2025/submissions/MRSBVF/IMG_7877.jpg_gvI8w78.png Coté 2025-02-04T16:00:00+01:00 16:00 00:50 D.Aud (Main) ghent2025-762-from-deming-to-devops https://cfp.cfgmgmtcamp.org/ghent2025/talk/LLMUHC/ false Main Full Talk - Monday & Tuesday en Years before Eli Goldratt would publish his Theory of Constraints, William Edwards (Ed) Deming was applying statistical analysis and physics to fix problems with productivity. In this session, John Willis, co-author of ‘The DevOps Handbook’, and author of ‘Demings Journey to Profound Knowledge,’ will introduce you to Deming’s life and research, and show you how his work still heavily influences DevOps and Platform Engineering today. From the real-life Rosie the Riveter to a hacker writing US cybersecurity law, Deming’s ingenuity and system of thinking, the System of Profound Knowledge, changed how we think in the modern world. John Willis 2025-02-04T16:50:00+01:00 16:50 00:50 D.Aud (Main) ghent2025-593-abnormal-devops-round-table https://cfp.cfgmgmtcamp.org/ghent2025/talk/7CB7UJ/ false Main Full Talk - Monday & Tuesday en A live discussion and round table about the past promises and the present and future challenges of Configuration Management and Infrastructures Automation, with some of the people who are working on the field and making impossible things possible. The session is going to be recorded and broadcasted in the Abnormal DevOps Iterations podcast (https://youtube.com/@AbnormalDevOpsIterations). Alessandro Franceschi 2025-02-04T14:00:00+01:00 14:00 00:50 B.Con (Overflow + Main) ghent2025-707-effective-infrastructure-testing-lessons-learned-from-the-field https://cfp.cfgmgmtcamp.org/ghent2025/talk/CJA9ER/ false Main Full Talk - Monday & Tuesday en Modern IT environments require infrastructure testing to ensure that systems are reliable, secure, and functioning as expected. Without thorough testing, undetected issues can lead to system failures, security vulnerabilities, and significant downtime, which can be costly and damaging. We share our experiences with tools such as testinfra, serverspec or goss to ensure the functionality of lab and customer environments. Framework such as DevSec can support achieving industry recognized security standards and benchmarks. Highlighting the challenges and best practices in testing multiple identically configured environments, the session provides insights in projects from the field. In modern IT environments, it is crucial that deployed systems are reliable and functional. We present how we use tools like testinfra to ensure the functionality of lab environments that are regularly deployed and changed. We also share our key insights and best practices from the field in terms of achieving security compliance. This session will give the participants an overview of different testing tools and their corresponding use cases. Also, we will focus on writing proper tests by the example of testinfra, serverspec and goss without neglecting simplicity. Participants will learn how to design tests that check the actual state of the system and receive practical tips for using Bash in combination with the proposed tools. As security often requires quick actions and system landscapes are becoming more complex, automation has quickly become a key component. Without the usage of frameworks such as DevSec implementing security compliance across your fleet can be a daunting task. In highly automated environments discovering configuration errors is challenging. Therefore infrastructure testing becomes important to detect configuration drift. /media/ghent2025/submissions/CJA9ER/sva-logo-2024_5Z593Jq.png Leon KrassChristian Stankowic 2025-02-04T14:50:00+01:00 14:50 00:50 B.Con (Overflow + Main) ghent2025-567-open-source-ai-and-instructlab https://cfp.cfgmgmtcamp.org/ghent2025/talk/NDBZBS/ false Main Full Talk - Monday & Tuesday en In a world of fast-moving AI adoption, the big players want you to play with their versions of AI. The problem, though, is that their AI is usually built in a way that is closed off from the eyes of our tech community, with little or no oversight for choices and legal grey areas for usage and adoption. What if I told you there was a way to get the best of both worlds? An AI solution that can be externally verified and trusted legally, and we want you, yes, you, to join us in building a genuinely transparent AI solution. This is what the Granite and Granite-Code foundational models are. You can read the paper on how the model was initially trained and have IBM's lawyers back up claims made from using Granite or Granite-Code usage. Can your other AI providers say that? Will they give you the design documents on how they built it from the ground up? Or will they put their lawyers behind your usage of their AI? Would you put your business at risk of using something like this when the legal area is so grey and ever-changing? But that's only a point in time; you also need to add skills and knowledge to the ever-growing AI system, which is where InstructLab comes into play. During this presentation/workshop, we will be showing you why you should care about Open Source AI, teach you how to leverage a purely Open Source AI for a local "co-pilot" like experience, and then help train the Granite foundational model with new knowledge, giving you the skills to help build a genuinely transparent AI. Join us and learn with us. We want to build a future of transparency and legal protection for AI engineers. JJ Asghar 2025-02-04T16:00:00+01:00 16:00 00:50 B.Con (Overflow + Main) ghent2025-583-system-inspection-and-observability-2-0-ad-and-rca https://cfp.cfgmgmtcamp.org/ghent2025/talk/JTHWGP/ false Main Full Talk - Monday & Tuesday en Grafana alone is nice, but might be a bit meaningless if one has no Anomaly Detection and Root Cause Analysis. How do we do our data actionable and proactive? Arguably, AD (Anomaly Detection) and RCA (Root Cause Analysis) activities in fact are part of configuration management discipline. AD/RCA and traditional configuration management niches are tightly coupled together because one is essentially guiding another. In this presentation will be demonstrated an early prototype of Anomaly Detection and Root Cause Analysis tooling and an example integration with a configuration management system (Ansible). Observability 1.0 is when the metrics are context-less and actions are reactive. Time to move to Observability 2.0, to proactive data. Bo Maryniuk 2025-02-04T14:00:00+01:00 14:00 00:25 Ansible 1 (B.1.017) ghent2025-641-automating-ai-powered-graph-databases-with-ansible-a-neo4j-genai-case-study https://cfp.cfgmgmtcamp.org/ghent2025/talk/MDJ3YJ/ false Ansible Short Talk - Monday & Tuesday en As AI integration becomes crucial for advanced data systems, automation is essential to managing these increasingly complex environments. This talk will explore the use of Ansible to automate the deployment of a Neo4j GenAI environment on Fedora. By leveraging Ansible playbooks, we will set up a fully functional AI-powered graph database that integrates with OpenAI for retrieval-augmented generation (RAG) tasks. The session will guide technical users through best practices for automating Neo4j environments, configuring AI APIs, and handling large-scale data queries efficiently using modern infrastructure-as-code techniques. In this session, Luca Berton will provide a deep dive into automating the setup of a Neo4j GenAI environment using Ansible. This talk is specifically designed for system administrators, DevOps engineers, and data scientists who are looking to automate complex AI-powered databases in hybrid cloud environments. Luca will demonstrate how Ansible can be utilized to orchestrate the installation, configuration, and deployment of a Neo4j environment, while integrating advanced AI models from OpenAI. Luca Berton 2025-02-04T14:25:00+01:00 14:25 00:25 Ansible 1 (B.1.017) ghent2025-648-modernizing-awx-from-monolith-to-pluggable-services https://cfp.cfgmgmtcamp.org/ghent2025/talk/M9QFSV/ false Ansible Short Talk - Monday & Tuesday en Ansible engineering has been working on transforming AWX to a pluggable, service-oriented architecture. We’ve announced plans via the community forum and have said that the transformation will make AWX more scalable and easier to contribute to. This talk focuses on some of the challenges the Ansible engineering team at Red Hat have faced with AWX and how the re-architecture work is intended to resolve them. We’ll also have a look at some of the pain points for contributors and how Red Hat wants to remove obstacles for the community. Finally, we’ll have a brief look at what the future might hold for AWX after the re-architecture work is complete. Helen Bailey 2025-02-04T14:50:00+01:00 14:50 00:50 Ansible 1 (B.1.017) ghent2025-681-you-re-doing-ansible-roles-all-wrong https://cfp.cfgmgmtcamp.org/ghent2025/talk/UYWGGF/ false Ansible Full Talk - Monday & Tuesday en Ansible roles were introduced to simplify the organization and reuse of automation tasks, providing a structured, portable way to manage tasks, configurations, dependencies, and variables. Originally intended to streamline complex playbooks, roles have become a cornerstone of efficient Ansible usage. However, many users still fail to fully understand how to leverage their full potential. In this presentation, we will start by revisiting the foundational concepts of Ansible roles and their intended use. We will then explore the noteworthy enhancements and features added to Ansible roles in recent years. Attendees will learn recommended practices to maximize the utility of Ansible roles, including strategies for modular role design, effective use of variables, argument specifications, and defaults, and techniques for role testing and validation. By adopting these practices, you can enhance the maintainability and scalability of your automation projects. Finally, we will look ahead to upcoming developments aimed at further enhancing the portability and maintainability of Ansible roles. This includes new features and improvements that will make it easier to share, reuse, and manage roles across diverse environments. Join us to ensure you’re not just using Ansible roles, but using them right. Tim Appnel 2025-02-04T16:00:00+01:00 16:00 00:25 Ansible 1 (B.1.017) ghent2025-636-creating-ansible-modules-is-a-lot-easier-than-you-think https://cfp.cfgmgmtcamp.org/ghent2025/talk/SZSJV7/ false Ansible Short Talk - Monday & Tuesday en Do you have an idea for automating something but don’t know where to start? Are you interested in becoming an Ansible developer? This talk is for you! Modules are individual units of code that perform specific tasks. You can think of modules as the building blocks of Ansible automation. There are already thousands of Ansible modules for all kinds of tasks, such as the “yum” and “apt” modules for package management, the “file” and “copy” modules for file handling on Linux systems, to the “kubernetes”, “aws”, and “azure” modules for cloud platforms. As new technologies and use cases emerge, so does the need for corresponding modules. Join this session to get a brief overview of the module development process. You’ll learn the basics of creating a new module, find out what tools you should use, and how you can contribute your work to the Ansible community. This session will also briefly explain how modules work, and their lifecycle, during task execution, which might be of interest to Ansible users in general. During this part of the session, we'll look at various network transport concepts related to modules, such as SSH and WinRM for execution on Windows hosts. Don NaroAndrei Klychkov 2025-02-04T16:25:00+01:00 16:25 00:25 Ansible 1 (B.1.017) ghent2025-699-functional-programming-design-patterns-in-ansible-code https://cfp.cfgmgmtcamp.org/ghent2025/talk/NVGQ39/ false Ansible Short Talk - Monday & Tuesday en Ansible yaml code is easy to write but hard to understand and reason about, hard to maintain, debug and test. All of this until you take a functional programming perspective look at an Ansible code. Concepts from functional programming like pure functions, effects, composition, lazy evaluations and others are very much applicable and very useful in Ansible.Allow me to show you how concepts from functional programming can help you simplify Ansible content development, make your Ansible content bullet proof tested, easy to maintain, understand and reuse. This talk does not require any prior knowledge of functional programming. It is designed to be useful to both beginners and experienced Ansible content developers. See http://kksat.github.io/s/functional-ansible Kirill Satarin 2025-02-04T16:50:00+01:00 16:50 00:50 Ansible 1 (B.1.017) ghent2025-683-from-manual-testing-to-continuous-validation-taking-the-quality-of-ansible-content-to-the-next-level https://cfp.cfgmgmtcamp.org/ghent2025/talk/DYEVRX/ false Ansible Full Talk - Monday & Tuesday en Building on the best practices and techniques for using Ansible development tools for authoring playbooks and collections, this session focuses on the critical next step: comprehensively testing and validating your Ansible content for production environments. While creating well-structured content is essential, maintaining quality at scale requires automated testing pipelines that can validate each change consistently and reliably. In this follow-up session, we'll demonstrate testing best practices with Ansible Navigator and Molecule. We'll also explore how to use easily incorporate Ansible testing with Pytest and how the tox-ansible plugin can simply testing across multiple Python interpreters and Ansible versions. We'll also focus on how to transform manual testing procedures into automated workflows using a GitHub Action. Attendees will leave this talk with the tools and knowledge to stop wondering if their Ansible content will work in production and start knowing that it will! Part 1: Streamlining the Ansible creator experience with the new and improved Ansible Development tools Part 2: How to write Ansible Content *Part 3: Beyond copy-paste: Using Ansible Development Tools for Robust Automation Content* THIS TALKS /media/ghent2025/submissions/DYEVRX/WhatsApp_Image_2025-02-04_at_17.29.55_QifPOOB.jpeg Sorin Sbarnea 2025-02-04T14:00:00+01:00 14:00 00:50 Ansible 2 (B.1.014) ghent2025-623-securing-secrets-at-scale-integrating-ansible-automation-with-conjur https://cfp.cfgmgmtcamp.org/ghent2025/talk/ERF7ZA/ false Ansible Full Talk - Monday & Tuesday en As automation becomes ever more important, safe and secure management of secrets is paramount. It is vital that secrets are managed in a secure, centralized manner and that control is thus maintained over them. In this session we will explore the integration of Ansible with Conjur Open Source, and how this lends itself perfectly to secure, centralized secrets management. As a bonus, we'll even explore how Conjur Open Source can be used in a wider context to provide secrets to other platforms, and even rotation of credentials on a Linux server can be managed. James Freeman 2025-02-04T14:50:00+01:00 14:50 00:50 Ansible 2 (B.1.014) ghent2025-611-resilient-network-automation-deploy-validate-backup-and-restore-with-ansible https://cfp.cfgmgmtcamp.org/ghent2025/talk/TRZ3PA/ false Ansible Full Talk - Monday & Tuesday en Managing complex network infrastructure can be daunting, especially when dealing with multiple protocols and devices. This session demonstrates how Ansible’s validated network content simplifies the entire process. We’ll explore using the network.base, network.bgp, network.ospf, network.interfaces, and network.backup collections to automate deployment, validation, and backup workflows. Managing complex network infrastructure can be daunting, especially when dealing with multiple protocols and devices. This session demonstrates how Ansible’s validated network content simplifies the entire process. We’ll explore using the network.base, network.bgp, network.ospf, network.interfaces, and network.backup collections to automate deployment, validation, and backup workflows. Through these demonstrations, attendees will learn how to: Deploy and validate network configurations across BGP and OSPF. Generate real-time HTML reports for network config resources. Implement automated backups and perform quick restores to minimize downtime. Build resilient, self-healing networks using Ansible playbooks. /media/ghent2025/submissions/TRZ3PA/cfgmgmt_7nORDxH.png Rohit Thakur 2025-02-04T16:00:00+01:00 16:00 00:50 Ansible 2 (B.1.014) ghent2025-613-leverage-event-driven-ansible-to-reduce-your-automation-reaction-time https://cfp.cfgmgmtcamp.org/ghent2025/talk/BTV9U3/ false Ansible Full Talk - Monday & Tuesday en In today's complex IT environments, it is more important than ever to automate tasks and processes. Event-Driven Ansible is a new feature of Ansible that allows you to automate IT tasks based on events that occur in your IT environment. This session will provide an introduction to Event-Driven Ansible, including what it is, how it works, and the benefits of using it. We will also discuss some examples of how Event-Driven Ansible can be used in real-world scenarios. Fabio Alessandro "Fale" Locati 2025-02-04T14:00:00+01:00 14:00 00:50 Tofu / Cloud (B.3.013) ghent2025-710-leveraging-bicep-and-the-graph-api-for-advanced-azure-deployments https://cfp.cfgmgmtcamp.org/ghent2025/talk/QWCHBS/ false Bicep Full Talk - Monday & Tuesday en Unlock the full potential of your Azure infrastructure with the combined power of Bicep and the Microsoft Graph API. We can now leverage Graph objects within Bicep. In this session, we will explore how Bicep, Azure’s domain-specific language for deploying resources, can be seamlessly integrated with the Graph to enhance your Infrastructure as Code (IaC) strategy. Maik van der Gaag 2025-02-04T14:50:00+01:00 14:50 00:50 Tofu / Cloud (B.3.013) ghent2025-714-infrastructure-from-code-the-next-generation-of-cloud-management https://cfp.cfgmgmtcamp.org/ghent2025/talk/AZVBV9/ false Bicep Full Talk - Monday & Tuesday en While Infrastructure as Code (IaC) has become the standard for managing cloud resources using tools like Terraform, Pulumi, and Bicep, writing templates can still be a time-consuming task. But what if infrastructure could be automatically inferred from your application code? In this session, we’ll explore the emerging concept of "Infrastructure from Code" and evaluate the maturity of tools like Radius, Dapr, and Nitric. Are these tools ready to replace IaC? Join us to find out if it’s time to make the leap to a more seamless infrastructure experience. Erwin Staal 2025-02-04T16:00:00+01:00 16:00 00:50 Tofu / Cloud (B.3.013) ghent2025-604-4-2-6-the-story-about-migrating-aws-cloud-infrastructure-from-ipv4-to-ipv6 https://cfp.cfgmgmtcamp.org/ghent2025/talk/9CMK3D/ false Cloud Full Talk - Monday & Tuesday en We’re one of the few companies running a fully IPv6-native cloud solution. While AWS claims full IPv6 support, there are always caveats. Many well-known open-source tools we use also face IPv6 issues. I've led this migration twice — failed once, succeeded in my current role — and felt like I was pioneering it both times. This experience could benefit others. Content: - AWS IPv6 support: Expectations vs. Reality - Our motivation for transitioning to IPv6 - Key challenges during migration - IPv6 issues in AWS services (e.g., EKS) - Solutions and workarounds for IPv6 problems - Security posture and new risks - Best practices for other teams considering IPv6 migration Konstantin Dobroliubov 2025-02-04T16:50:00+01:00 16:50 00:50 Tofu / Cloud (B.3.013) ghent2025-736-how-to-manage-10k-linux-systems-centrally-with-uyuni-and-salt https://cfp.cfgmgmtcamp.org/ghent2025/talk/DMPETX/ false Salt Full Talk - Monday & Tuesday en Uyuni is an open-source configuration and infrastructure management solution for software-defined infrastructure. In case of using it in the large scale environments there could be different challenges and any of such deployment requires tweaking to meet the requirements of the exact use case. /media/ghent2025/submissions/DMPETX/uyuni_logo_FAllprN.png Victor ZhestkovAlexander Graul 2025-02-04T14:00:00+01:00 14:00 00:50 Puppet 1 (B.1.015) ghent2025-590-puppet-what-future- https://cfp.cfgmgmtcamp.org/ghent2025/talk/VQUFXW/ false Puppet Full Talk - Monday & Tuesday en Puppet is a mature tool, the company behind it has changed over the years and most of the people who developed it, are no more working there. For somebody Puppet is old, solving problems that are no more current. Yet, Puppet is still around , and as long as there'll be systems to manage over time, there'll be the need of such a tool. The question is if the tool of choice is going to be Puppet or not. What's its present and future? We will analyse the current Puppet situation, market demand and perception, and spend our two cents on what could be done to improve perception, usage and adoption. We will also try to raise the topic with the people in the audience, when the presentation will turn into a discussion, possibly stirring ideas and suggestions. Alessandro Franceschi 2025-02-04T14:50:00+01:00 14:50 00:50 Puppet 1 (B.1.015) ghent2025-769-why-does-this-node-have-that-config- https://cfp.cfgmgmtcamp.org/ghent2025/talk/V37GEP/ false Puppet Full Talk - Monday & Tuesday en Within Puppet one can separate code and data using Hiera - a hierarchical data backend. Data itself can be queried from Puppet modules. This allows Puppet developers to provide generic code, where other people - like application responsible teams - can take over the configuration details by providing data only. Data is usually YAML format - which many people consider being simple to learn. Hiera also allows one to make use of individual data merges to reflect individual system needs. One might find it challenging when it comes to analysing the result of a lookup and comparing these between different nodes. Hiera Data Manager (HDM) provides a Web UI to Hiera data. I am going to explain Hiera, the way how you can modify results and access shared data and how HDM can help analysing data results or issues. Martin Alfke 2025-02-04T16:00:00+01:00 16:00 00:50 Puppet 1 (B.1.015) ghent2025-578-upgrading-to-puppet-8-the-good-the-bad-and-the-ruby https://cfp.cfgmgmtcamp.org/ghent2025/talk/T97UPU/ false Puppet Full Talk - Monday & Tuesday en We use Puppet for about 1200 Linux machines. This talk will recount our journey in upgrading from Puppet 7 to Puppet 8. I will talk about the incompatible changes to be aware of, how we handled them, and general strategy for handling Puppet major upgrades. The talk will cover: - our Puppetserver architecture - changes in Puppet 8 like legacy facts and Ruby 3.2 - how to prepare for any Puppet major upgrade - how to prepare for the Puppet 8 changes specifically - things that the ecosystem could do better Maximilian Gass 2025-02-04T16:50:00+01:00 16:50 00:50 Puppet 1 (B.1.015) ghent2025-717-don-t-panic- https://cfp.cfgmgmtcamp.org/ghent2025/talk/NPG9HP/ false Puppet Full Talk - Monday & Tuesday en Your organisation has been using Puppet to manage its infrastructure, but it's grown organically over time with best practices and the long-term implications of decisions never really being thought about. A new Puppet administrator has just been handed responsibility for the Puppet infrastructure, we need to help them out. This is a common scenario, the Puppet admin has left an organisation and a new Puppet admin has been assigned but doesn't have any real experience of Puppet, just like their predecessor. We need to teach them what Puppet is, help them understand what they've taken on and use Puppet best practices such as roles and profiles, and Hiera to organize their configuration management into a clear and robust structure that will give them confidence to make the required changes as and when they are needed as the infrastructure grows. Andrew Jones 2025-02-04T14:00:00+01:00 14:00 00:50 Foreman (B.1.031) ghent2025-651-ci-in-the-foreman-project-from-jenkins-to-github-actions-lessons-problems-outlook https://cfp.cfgmgmtcamp.org/ghent2025/talk/KCWFKJ/ false Foreman Short Talk - Monday & Tuesday en The Foreman project has recently moved big parts of its CI to GitHub Actions (GHA), to allow better re-use of code between repositories, easier control of CI by repository owners and to reduce the maintenance cost of infrastructure. As with any other migration, this was not painless, but we learned a lot, created many useful snippets and found more places for improvement. In this talk we will share the benefits of this migration for developers, show how the created workflows can be used in other projects, but also highlight problems that GHA has over Jenkins and what we plan to do to fix these. Ewoud Kohl van Wijngaarden 2025-02-04T14:50:00+01:00 14:50 00:50 Foreman (B.1.031) ghent2025-732-foreman-provisioning-hosts-with-netboot-iso https://cfp.cfgmgmtcamp.org/ghent2025/talk/7TRSGL/ false Foreman Full Talk - Monday & Tuesday en Let's see how Foreman, an open-source lifecycle management tool, simplifies the provisioning process by leveraging customized NetBoot ISO images. We'll cover the basics of Foreman, its integration with PXE boot workflows, how NetBoot ISO can be helpful in your environment, and use cases that might improve your workflows, like automating provisioning or provisioning in an environment without managed DHCP. Leos Stejskal 2025-02-04T16:00:00+01:00 16:00 00:50 Foreman (B.1.031) ghent2025-693-ansible-and-foreman-pulling-together https://cfp.cfgmgmtcamp.org/ghent2025/talk/SPW79A/ false Foreman Full Talk - Monday & Tuesday en Foreman has had support for using Ansible as a remote execution provider for some time already, but only in push mode. This talk will explore one of the ways how we could run Ansible on managed hosts without ever opening a SSH connection to them. In Foreman 3.1, we introduced support for pull mode in remote execution. This however, only covered script jobs, not Ansible ones. During this talk we'll explore what it would take to close this gap and enable Foreman users to run Ansible in pull mode. We'll recap how we got where we are, consider our options, take a look at how it could work, what its benefits and downsides would be and maybe there will be a demo too. Adam Ruzicka 2025-02-04T16:50:00+01:00 16:50 00:50 Foreman (B.1.031) ghent2025-650-containerizing-foreman-deployments-take-42 https://cfp.cfgmgmtcamp.org/ghent2025/talk/WLFEVJ/ false Foreman Full Talk - Monday & Tuesday en I was asked to submit a Steve Ballmer style "Automation! Automation! Automation!" lightning talk, but that's really not my style. So let's instead talk about containers! Especially containers for Foreman. Suiteable for running in production, with plugins and auxilary services like Candlepin and Pulp. Running like normal system services with Podman and systemd or on your Kubernetes cluster. We've had a `Dockerfile` in the main Foreman repository for over 5 years (May 2019), have been publishing it to Quay for a long time and I've heard people actually been using it. But it's not flexible (no plugins!), mainly aimed at developers and not well maintained overall (no CI until 2023!). In this talk we will present the current iteration (luckily not actually #42!) of a possible design for running a production Foreman with plugins, bells and whistles in a container environment. We will also discuss what this (probably) means for future deployments on Foreman and upgrades of existing setups. [Slides with speaker notes (press S)](https://evgeni.github.io/talks/cfgmgmtcamp2025-Containerizing_Foreman_deployments_take_42.html) Evgeni Golov 2025-02-04T14:00:00+01:00 14:00 00:50 Kube (B.3.032) ghent2025-614-embracing-karpenter-to-scale-optimize-upgrade-kubernetes https://cfp.cfgmgmtcamp.org/ghent2025/talk/P7CTWQ/ false Kubernetes Full Talk - Monday & Tuesday en Kubernetes is still quite a popular choice with wide community adoption to run containerised workloads in the Cloud, but it doesn’t come with batteries included. And some of that is intentional to allow freedom to make different choices or extend its functionality as needed. For example scaling compute nodes is one of the things which is not built-in. Making sure you’re doing it in most efficient and cost-efficient way is paramount. But it’s not just efficienty than separates Karpenter (an open-source node lifecycle management) from other options, but also how it can help you stay on top with compliance, patching and drift. The project has come a long way in the last couple of year and it was also adopted by CNCF/SIG Autoscaling making it alternative approach compared to de-facto Cluster Autoscaler project. I this talk I’ll show how to set it up, different use cases and demonstrate hands-on what to expect in the real world scenario. /media/ghent2025/submissions/P7CTWQ/karpenter_ee858Ko.png Marko Bevc 2025-02-04T14:50:00+01:00 14:50 00:25 Kube (B.3.032) ghent2025-679-running-kubernetes-on-small-scale-lessons-learned-on-operating-small-scale-clusters https://cfp.cfgmgmtcamp.org/ghent2025/talk/A3QEP7/ false Kubernetes Short Talk - Monday & Tuesday en This talk will walk through and provide examples and war stories on how kubernetes can be used not only in large scale environments but also in small and small-ish scale environments. Kubernetes is often considered as the tool to tackle large scale traffic, which is supposed to be used by a big team of engineers. This talk presents an opposite approach which shows how Kubernetes can be used in a very small team with limited resources. It will explore the benefits of running k8s in a small scale and also what pitfalls come with it. It will walk through the steps of provisioning self hosted Kubernetes cluster - kOps - challenges of keeping clusters upgraded without downtime. It will discuss issues encountered in daily operations, applications taking too long to start up anyone, and then how it was tuned with tools like Goldilocks. It will delve into CI/CD on Kubernetes (using Jenkins and ArgoCD). Keeping an eye on operational costs is essential in a small environment and this talk will discuss how kOps can utlize spot instances everywhere and benefits/challenges with spot instances. The idea of downscaling on schedule with py-kube-downscaler project, mutating pods with kyverno will be discussed. Soham Chakraborty 2025-02-04T15:15:00+01:00 15:15 00:25 Kube (B.3.032) ghent2025-575-turning-cloud-nightmares-into-cost-saving-dreams https://cfp.cfgmgmtcamp.org/ghent2025/talk/PVN3XX/ false Kubernetes Short Talk - Monday & Tuesday en cloud costs can feel like a nightmare, creeping up on your Kubernetes infrastructure. But with the right tools, you can be the hero your budget deserves! In this talk, we’ll dive into OpenCost, an open-source solution that can help you track and optimize your cloud spending in real time.You’ll discover how OpenCost works, why it matters, and how you can use it to become the cost-saving champion of your cloud environment. Get ready to conquer Kubernetes costs and take back control of your cloud! julia lamenza 2025-02-04T16:00:00+01:00 16:00 00:25 Kube (B.3.032) ghent2025-570-creating-immutable-infrastructures-with-kairos https://cfp.cfgmgmtcamp.org/ghent2025/talk/3BSKZB/ false Kubernetes Short Talk - Monday & Tuesday en In this talk, we will introduce Kairos, an open-source project that aims to create immutable Operating Systems designed for Kubernetes. This includes a toolset that simplifies operations at the edge in a cloud-native way. Edge computing has become increasingly popular due to its ability to save costs by processing information closer to the data before sending filtered and computed information to a centralized application or data warehouse hosted in the cloud. Kubernetes is an ideal solution for edge computing because it natively builds components that facilitate the lifecycle management of modern edge applications. However, as we scale the number of edge locations, we face operational challenges, such as interacting with cluster configurations at scale without creating unique configurations for each location, ensuring security for remote clusters and applications, upgrading Kubernetes clusters without specific domain knowledge, and minimizing disruptions during maintenance windows for smaller form factor hardware. Kairos acts as an engine delivering immutable Kubernetes-enabled Linux OS from OCI conformant container images. It provides unique capabilities such as VPN peer-to-peer mesh, a distributed ledger to automate Kubernetes cluster bootstrapping and coordination, and zero-touch provisioning with a QR code scan. But more importantly, it uses a declarative model backed by Kubernetes CRDs. It manages distributed Kubernetes operations at the edge from a centralized Kubernetes cluster. In this presentation, we will explain the foundations and concepts of Kairos and demonstrate its capabilities. Mauro Morales 2025-02-04T16:25:00+01:00 16:25 00:25 Kube (B.3.032) ghent2025-759-progressive-infrastructure-delivery-using-kargo-and-argo-cd https://cfp.cfgmgmtcamp.org/ghent2025/talk/DGYEV7/ false Kubernetes Short Talk - Monday & Tuesday en Since the day Kargo was released, I have been exploring the idea of using it not only to deliver and promote applications but also to deliver infrastructure through its progressive delivery capabilities. Using Kubernetes-based tools like Crossplane or Pulumi, we can define infrastructure as code and deliver it progressively to our management clusters and then promote this infrastructure through different stages without the need for extra CD script magic. Let me show you how Kargo helps platform engineering streamline and automate the progressive rollout of infrastructure changes to all stages. This talk will cover the basics of Kargo and how to use it with Infrastructure as Code tools. Engin Diri 2025-02-05T08:30:00+01:00 08:30 09:00 Foyer ghent2025-767-breakfast-and-coffee-tea-day-3 https://cfp.cfgmgmtcamp.org/ghent2025/talk/GFVWCP/ false Breakfast en Breakfast and Coffee & Tea - Day 3 2025-02-05T09:00:00+01:00 09:00 08:00 Ansible 1 (B.1.017) ghent2025-589-ansible-contributor-summit https://cfp.cfgmgmtcamp.org/ghent2025/talk/3HEPVD/ false Fringe Fringe - Wednesday en Ansible Contributor Summit is a full day working session for community users and contributors to interact with each another along with Ansible development teams. We will discuss important issues facing the Ansible community with a goal to shape the future of Ansible in a way that improves and increases collaboration. Agenda and details available in the [event calendar on the Ansible forum](https://forum.ansible.com/t/ansible-contributor-summit-at-cfgmgmtcamp-2025/9658). Don Naro 2025-02-05T09:00:00+01:00 09:00 08:00 Ansible 2 (B.1.014) ghent2025-705-mgmt-config-training-workshop https://cfp.cfgmgmtcamp.org/ghent2025/talk/8YTUMH/ false Fringe Fringe - Wednesday en [Mgmt](https://github.com/purpleidea/mgmt/) is a real-time automation tool that is fast and safe. In this workshop, we'll be teaching you how to build a complete cluster from scratch. The focus will be on new users, but you are also welcome to join to hack on mgmt itself. It's strongly recommended that you come with a modern Linux laptop. (VM's, Mac or Windows will make this more difficult for you!) A number of blog posts on the subject are available: https://purpleidea.com/tags/mgmtconfig/ Attendees are encouraged to read some before the workshop if they want a preview! James (purpleidea) 2025-02-05T09:00:00+01:00 09:00 04:00 Pulp (B.1.029) ghent2025-730-pulp-user-group-meetup https://cfp.cfgmgmtcamp.org/ghent2025/talk/Q7EHAF/ false Fringe Fringe - Wednesday - Half en This will be an opportunity for users of Pulp to share their experiences with each other and a couple of Pulp developers. Part of the time will be dedicated to gathering requirements for Pulp 4. Dennis Kliban 2025-02-05T13:00:00+01:00 13:00 04:00 Pulp (B.1.029) ghent2025-761-discover-pulumi-through-hands-on-practice https://cfp.cfgmgmtcamp.org/ghent2025/talk/SAMLJM/ false Workshop Workshop - Wednesday en Are you new to Infrastructure as Code (IaC) or a seasoned expert exploring alternatives to Terraform? Perhaps you’re simply curious about Pulumi. Whatever your starting point, join us for a hands-on lab to dive into this open-source IaC solution. Rather than just hearing about Pulumi’s benefits, you'll have the chance to form your own opinion by coding a small infrastructure project in Azure. This lab is a fantastic opportunity to familiarize yourself with Pulumi’s core concepts while exploring advanced features, such as: - General functionality (declarative IaC, state management, backends, providers) - Resources, inputs, and outputs - Configuration and environment management with stacks - Security and encryption of secrets - Integration with existing infrastructure - Usage within a CI/CD pipeline Come and experience Pulumi in action! Engin Diri 2025-02-05T09:00:00+01:00 09:00 04:00 Tofu / Cloud (B.3.013) ghent2025-627-selinux-for-the-terrified https://cfp.cfgmgmtcamp.org/ghent2025/talk/8WQ7LH/ false Workshop Workshop - Wednesday en SELinux is such an important part of your security posture, and with data breaches becoming more frequent and significant, it is now more important than ever to ensure you have taken every precaution to secure your environment. Unfortunately, SELinux is one of those technologies that strikes fear into the heart of so many, with a large number of people still disabling it to work around issues. In this hands on workshop, we will start from a ground up implementation of an SELinux policy, taking you through its background, why you should be considering it, and how to build up (and debug) a policy from nothing for a custom application of our own creation. James Freeman 2025-02-05T13:00:00+01:00 13:00 04:00 Tofu / Cloud (B.3.013) ghent2025-724-instructlab-workshop https://cfp.cfgmgmtcamp.org/ghent2025/talk/SML8WG/ false Workshop Workshop - Wednesday en During this hands-on exercise, you will learn what is InstructLab and how you can leverage it to easily extend Large Language Models with your data and run them on your infrastructure. The tool makes it easy to download, run and chat with models locally on your laptop. InstructLab is a fully open-source project from Red Hat and IBM that introduces Large-scale Alignment for chatBots (LAB). /media/ghent2025/submissions/SML8WG/instructlab-banner1_3LcEwLw.png Carol Chen 2025-02-05T09:00:00+01:00 09:00 08:00 Puppet 1 (B.1.015) ghent2025-670-puppet-community-day https://cfp.cfgmgmtcamp.org/ghent2025/talk/WM33NW/ false Fringe Fringe - Wednesday en Puppets community day is a chance for Puppet staff, community contributors and users to get together and talk about all things Puppet, Bolt and the various open source development tools used to develop and maintain code. Bring your challenges, ideas and projects so we can work together across the day. We can look at things like: Modernizing Puppet code and take full advantage of Upgrading to Puppet 8 Working out how we create a better developer toolset and release process for Puppet community. Discuss what we would like to see in Puppet 9 and other open source Puppet tools like Bolt Meeting the Vox Pupuli community group and finding out how you can get involved and contribute. Schedule Main room (shared) Morning Community day welcome Puppet 8 upgrade workshop Road to 9.x - Shared testing toolset improvements - Openvox test pipeline and gem publication - Review list of features for Puppet 9 - Papercuts Community engagement - Vox Pupuli onboarding - Vox elections - PR / Social / etc Lightning talks (2) Perforce community approach recap and Q&A Afternoon Steering Committee Security Team Lightning talks (4) / OpenVox Breakout Open project work time / OpenVox Breakout /media/ghent2025/submissions/WM33NW/puppet-community-logo_b5R7nVl_fbMsqOc.png David Sandilands 2025-02-05T13:00:00+01:00 13:00 04:00 Puppet 2 (B.1.011) ghent2025-690-openvox-working-group https://cfp.cfgmgmtcamp.org/ghent2025/talk/Q9TZ7E/ false Fringe Fringe - Wednesday - Half en The [OpenVox community fork of Puppet](https://voxpupuli.org/openvox/) is making much rapid progress. But we still have a lot of details to work out. This session is a "breakout room" of sorts from the main Puppet room and we'll discuss: * Project Governance, such as our decision making framework. Led by Garrett Honeycutt. * Technical Steering; how we keep the project architecture aligned with our vision and specifications from the Standards Steering Committee. Let by Nick Burgan. * Infrastructure plans, such as our GitHub organization, CI testing, package mirroring, etc. Led by Gene Liverman. * Other topics as we have time, such as packaging details, a Windows installer, etc. Ben Ford 2025-02-05T09:00:00+01:00 09:00 04:00 Workshop Icinga (B 3.0.29) ghent2025-756-icinga-meetup https://cfp.cfgmgmtcamp.org/ghent2025/talk/SAPC7J/ false Fringe Fringe - Wednesday - Half en Join us for an **Icinga Meetup**, where monitoring enthusiasts, DevOps professionals, and system administrators come together to share knowledge, exchange ideas, and explore the latest in the world of monitoring. This meetup is an opportunity to connect with the Icinga community, learn about new features, and discover best practices for monitoring modern infrastructures. Sessions you can expect during this Icinga Meetup: * **Current State of Icinga**: Get the latest news about new features and the current state of development. * **Developing new Modules for Icinga**: We will share insights about how the development of new modules is done - from a Icinga Developers perspective. * **Community Spaces**: Suggest your own topics and discuss with your peers. /media/ghent2025/submissions/SAPC7J/icinga-logo-screen-export-medium_IPHu940.png Blerim SheqaAlvar Penning 2025-02-05T09:00:00+01:00 09:00 04:00 Niks (B.1.036) ghent2025-666-hands-on-nixos-for-beginners-workshop https://cfp.cfgmgmtcamp.org/ghent2025/talk/XSAPED/ false Workshop Workshop - Wednesday en Heard about Nix or NixOS but never taken the chance to try it? We will help you get started with this hands-on workshop! This workshop will introduce the concepts of NixOS to beginners. Participants will be guided through the installation of [NixOS](https://nixos.org/) in a virtual machine—local or remote—configuring the basics, setting up additional services from the [Nix Packages collection](https://search.nixos.org/packages), and managing programs with [home-manager](https://nix-community.github.io/home-manager/). By the end of the workshop, attendees will have a fully functional NixOS environment and the foundational knowledge to use it in other contexts. ### Topics covered: - Fresh installation and converting an existing Linux system - Configuring services - Running containers: OCI (Docker) and nixos-containers - "Dotfiles" management with home-manager ### Requirements - Basic experience with running Linux inside virtual machines. - A setup to run virtual machines with at least 4GB of RAM: - A setup to run virtual machines (VirtualBox, Qemu, ... ) - Or an account on a cloud platform with resources available (Hetzner, OVH, DigitalOcean, Big Tech, ...) /media/ghent2025/submissions/XSAPED/nixos-hires_JpGa4aa.png Hugo Herter 2025-02-05T13:00:00+01:00 13:00 04:00 Niks (B.1.036) ghent2025-571-nixing-on-stuff https://cfp.cfgmgmtcamp.org/ghent2025/talk/KNRWAF/ false Workshop Workshop - Wednesday en Heard of Nix, but too afraid of its learning curve? Fear no more! Bryan & Co. will stick around to work and help on everything Nix/NixOS related. From packaging simple Go applications in NixPkgs, all the way to complex NixOS module questions, nothing's off the table. You might've heard about Nix, maybe you even have that one colleague that just won't stop talking about it. You've given in, sure I'll give it a shot... And, well, it's overwhelming. This is a common problem with users just starting out with Nix and veterans alike. Nix can do _a lot_, from managing your packages, to managing your system declaratively, setting up full-fledged k8s cluster that integrate deeply into the Nix store, even embedded systems aren't safe from Nix's cross-compiling powers. So, you'd like to learn, and maybe even meet the community. Members of Flox and the Nix community will be available to ask questions to during this event, we'll try to focus on the following. - Installing Nix, the package manager, on your system - Understanding Nix, the language - Understanding Nixpkgs - Installing packages with Nix on your system - Using NixOS in a VM - Configuring NixOS to host a simple web application - Just hang out and talk about Nix, NixOS, and everything around it - **Whatever you'd like to work on!** - ... If any of the above sounds interesting to you, give this workshop a shot. Bryan & Co. look forward to seeing you there, to generate interesting discussions and insights. [Source Code](https://github.com/bryanhonof/cfgmgmtcamp-nixing-on-stuff) /media/ghent2025/submissions/KNRWAF/nixos.svg_nN4TaXN.png Bryan Honof 2025-02-05T09:00:00+01:00 09:00 04:00 Foreman (B.1.031) ghent2025-582-foreman-beginner-workshop https://cfp.cfgmgmtcamp.org/ghent2025/talk/VZZ7QR/ false Workshop Workshop - Wednesday en As part of the Foreman fringe event we want to provide a workshop for users new to Foreman at all or the orchestration functionality of Remote Execution The workshop will give an introduction to Foreman and an overview over its components. We will install Foreman with Remote Execution using Forklift which requires Vagrant and Virtualbox or Libvirt or on a virtual machine running CentOS Stream 9 prepared by the attendee. We will look into Remote Execution and how it works, using the script provider to run bash commands and Ansible provider to execute playbooks. Furthermore we look into writing our own templates, how to implement recurring jobs and how jobs can be pulled by a host instead of getting push. And last but not least we will look into the Cockpit integration based on Remote Execution providing a Web console and graphical management interface. /media/ghent2025/submissions/VZZ7QR/foreman_large_T8Vp2Oa.png Dirk Götz 2025-02-05T09:00:00+01:00 09:00 04:00 Workshop Chef / Cue B.3.036 ghent2025-751-using-the-cue-registry-with-json-yaml-and-json-schema-and-more https://cfp.cfgmgmtcamp.org/ghent2025/talk/GCZVJ8/ false Workshop Workshop - Wednesday en We will explore how to use CUE with the central registry, including validating JSON and YAML as well as using CUE with JSON Schema. CUE recently released the central registry. This allows sharing configuration of all sorts, including APIs and policy to a larger audience in versioned units called modules. Its strict approach to versioning allows for reproducible results. In this workshop you will learn how to use existing schema to validate your Kubernetes configurations and how to upload your own modules. Marcel van Lohuizen 2025-02-05T13:00:00+01:00 13:00 04:00 Workshop Chef / Cue B.3.036 ghent2025-749-chef-s-toolkit-with-labs https://cfp.cfgmgmtcamp.org/ghent2025/talk/ZWKL9T/ false Workshop Workshop - Wednesday en Run through the hands-on labs that accompany the lecture. Ideal for practitioners of Chef and anyone with a laptop curious to see Chef cook with recipes and scripts. Heather Thacker 2025-02-05T09:00:00+01:00 09:00 08:00 Kube (B.3.032) ghent2025-706-system-initiative-day https://cfp.cfgmgmtcamp.org/ghent2025/talk/ZFBT9F/ false Fringe Fringe - Wednesday en Day on how to use and Author using System Initiative Paul Stack