LOPSA-East 2013 Talks

Talks

Hyper-V 2012, Resilient, Flexible, and Mobile
Steven Murawski

Hyper-V in Windows Server 2012 is the third kick at the can for Microsoft’s popular hypervisor, and is usually the case, when Microsoft gets to the third version, they start to hit the ball out of the park.  Hyper-V on Server 2012 offers unprecedented scaleability for virtual machine (VM) workloads, built-in DR capabilities, and the ability to live migrate VMs across hosts and clusters, without shared resources. On the following link you will find the list of the tutorial presenters on the science technology conference.

In this session, I’ll cover some of the highlights, major features, as well as some tips and tricks after running Server 2012 with Hyper-V in a production environment for over a year.

Bare Metal to Private Cloud Infrastructure
Judd Maltin

The great promise of configuration management is sophisticated, repeatable yet flexible installation and management. Great tools like Puppet and Chef give us remarkable expressiveness, flexibility and reusability. But what of bare metal provisioning? What about ease of use? Your brilliant modules and cookbooks should have a brilliant home, that can take your service home and deploy complex applications with ease. Crowbar is a FOSS project with just that goal in mind. Crowbar gives you everything you need to get a private cloud up and running, and all the tools you’re familiar with to customize it. It even lets you select /which/ tools you’d like to use, greasing the devops tool-chain to mesh with your team’s expertise.

In this talk, we’ll run through Crowbar, demonstrating the only FOSS product that can deliver orchestrated multi-node deployments of OpenStack and Hadoop, from bare metal to customer signup and cluster expansion, all with both a CLI and a GUI! Embrace the bunny, our mascot.

How To Sleep Better at Night (or: Building a More Effective Monitoring Environment)
Mike Julian

Mike will present on building an effective monitoring system, from theory and methodology to specific tools. Specific topics will include data collection, visualization, and alerting, as well as touching on many commonly-used tools, such as Nagios, check_mk, Graphite, collected, MRTG, Cacti, and SNMP.

Monitoring For the Public Good
Mike Julian

Ever wanted a dashboard showing a high level state of your applications and services? Even been asked to provide availability or performance reports to management? Welcome to the world of Business Intelligence. I will speak on how to get more than just alerting from your monitoring system, and provide more value to users and management. Topics covered will include designing automated performance and availability reporting using your existing monitoring environment.

The Addictive Nature of Automation
Nathen Harvey

Automation is generally accepted as “good.” I’d like to suggest that automation has rather addictive powers, too. Using my own experiences, but not any “real science”, I’ll explore how automation can make operations people happier, developers more productive, systems more resilient, and customers happier. I’ll share some of my experiences at CustomInk where we leveled-up our automation using tools such as Chef, Jenkins, and communication.

Things You Always Wanted to Know About Chef But Were Afraid to Ask
Nathen Harvey

5 Things You Always Wanted to Know About Chef But Were Afraid to Ask Level-up your Chef skills by learning about these areas of Chef:

• Attribute Precedence – Role, environment, cookbook, data bag? Which attribute value will be used in my chef run? Walk through an example that will show you which value gets applied in your chef run.
• Encrypted Data Bags – Chef 0.10 brought us encrypted data bags. We’ll look at how to create and use data bags and how to keep them up-to-date in your repository
• LWRP – What is a LWRP? How and why do you create one? We’ll look at a couple of sample LWRPs and learn how to build a simple one.
• Error Handlers – Demystify exception and report handlers by writing a simple one and seeing examples of how they work in the wild.
• Testing Your Chef Code – Take a quick look at some of the tools and techniques that you can leverage to test out your Chef codebase.

When disaster strikes – Moving Stack Exchange across the country, and surviving 75 Broad
George Beech

This talk will focus mostly on DR and migration for a primarily windows based shop. Including:

• SQL 2012 failover
• DNS Migration
• Dealing with long term shutdown of AD DC’s
• How our DR Plan survived it’s encounter with reality

I will also spend a little bit of time talking about what happened at the 75 Broad st. facility – and the efforts of all involved to keep that datacenter up and running.

• The “Bucket Brigade”
• 24/7 Staffing rotations
• How two 3 companies worked together (SquareSpace, Fog Creek, and Stack Exchange) to keep the lights on, and services running

KVM
Thomas Uphill

The Kernel based Virtual Machine is a full virtualization suite for Linux that at it’s core is just a single kernel module. This makes kvm very easy to implement and makes it ideal for anyone seeking virtualization, from the hobbyist through to the enterprise user. In this talk I’ll cover the architecture of KVM, how it works with the kernel and hardware. I’ll show network and storage configurations that enable virtual machines to be migrated between hypervisors. KVM also has management suites, we’ll briefly show those as well (ganeti, ovirt, opennebula). I’ll show some deployment scenarios and cover kvm usage with the Red Hat/Fedora Cluster Suite.

Who should attend:

Anyone interested in a free and open source virtualization solution. Anyone currently using vmware or virtualbox. Enterprise admins looking to integrate kvm with their high availability clusters

What I’ve learned working in the Service Hosting Industry
Jacob Jernigan

In late 2012 against my best rationality and any chance of success I decided to start a game host company. Known in the field as GSPs or game service providers; Administrators face vastly different challenges from “standard” in house admins and even other service provider industries. Coming from a short background in web hosting and consulting I quickly learned that I was entering a completely new arena and I soon understood that the only way to survive was to adapt. Eventually I realized that even though the challenges may be different; solutions that work in the GSP arena can be applied to several other ?fields? of IT. I intend to have the talk filled with humor mostly aimed at myself and my numerous mistakes along the way while maintain the seriousness of the topic and attempting to teach from my (sometimes hilarious) mistakes.

The topics that would be covered can include:

• Monitoring and how you might not be watching enough of your network
• DDoS prevention and mitigation
• Hosted apps and services vs running them in house
• Naming conventions and how even generic hostnames can carry a large amount of information
• Backups and restore plans
• Dealing with users and support tickets
• Prioritization of time
• Planning your network now and for the future
• Writing and maintaining internal documentation
• Configuration management, maintenance and updates.

Ultimately, I want attendees to walk away from the session with a good laugh, and some concepts that they can research further and implement into their environment.

Building a web load balancing solution using open source software
Ryan Frantz

• Overview of the project’s goals
• Design choices made and why they were made
• What things were learned along the way?
  • NEW! What things have been learned since the implementation?
• How is the health of the system being monitored (i.e. what metrics should be followed and what do the various visualization patterns mean?)

Implementing a Certificate-based authentication infrastructure without User Torture
Chandin Wilson

It has long been acknowledged that security, especially when it comes to passwords and other forms of user authentication, is a compromise. Quite often an organization may have multi-factor authentication to gain access to a resource or realm, but within the realm little additional authentication is required. For certain use cases, a Kerberos infrastructure based on limited-lifetime tickets is acceptable.

This talk describes an alternative implementation based on X509 certificates. This allows access to HPCS resources using a certificate-enabled SSH (GSISSH), and certificate-aware data transfers using Gridftp, availble as OSS from Globus.org. To avoid the traditional complexity of certificate management visible to both the users and administrators, as well as to enable redundancy for access and administration, LDAP is leveraged as a certificate store. Bastion hosts provide a single unified mechanism for transparent certificate creation and renewal for the users.

Configuration Management Workflows (Panel)

Everyone is starting to get on to the Config Mgmt bandwagon. Puppet & Chef are big deals now. However, there’s not much out there on how to best use these tools in teams. There’s a lot of documentation on how to use the tool, but what about the next level?

A panel discussion on workflows.

How do we make changes, safely?  We can talk about our code reviews, testing changes, and roll out change in a measured fashion.

Panel:

• Matthew Barr, Technical Architect / Ops team lead for Snap Interactive (puppet)
• Anthony Caiafa, Director of ops for Sailthru (Chef)
• Mike Fiedler, Director of Engineering Operations at Magnetic (chef shop, contrib)
• Julian C Dunn, Senior Systems Operations Engineer, SecondMarket (chef)

Moderator:  James Turnbull, Puppet Labs, etc.

Performance Tuning PostgreSQL
Jim Mlodgenski

With large Web 2.0 companies like Instagram and Skype relying on PostgreSQL as their database of choice, the growth of PostgreSQL has exploded recently. PostgreSQL can scale to handle these demanding environments, but its default setting are far from optimal. Adding to the variables when tuning PostgreSQL is its reliance on the operating system. PostgreSQL trusts the operating system for great performance more than any other database which actually is one of its greatest strengths.

In this talk, we will introduce the key areas system administrators can focus on for great performance on PostgreSQL. In addition to the PostgreSQL config file, we will discuss memory and file system requirements.

Deploying PostgreSQL on Amazon EC2: A Case Study
Denish Patel

About a year ago, OmniTI was approached by a startup company seeking help for managing their IT infrastructure. To better manage costs, they made a business decision to run their entire IT architecture in the cloud; including their PostgreSQL databases. They were having issues keeping their servers running smoothly, experiencing almost weekly machine flake out problems, so they asked us to review their architecture and implement
solutions to make it more resilient to failures. In this case study, I’m going to discuss the approaches and processes implemented to run their PostgreSQL database servers smoothly. The talk will include details on setting up highly available solutions for achieving disaster resilience within Amazon’s cloud.

Provisioning and systems management using Foreman
Sam Kottler

This talk will cover provisioning and systems management using the Foreman with a particular focus on environments that utilize public and private clouds. I’ll talk about how Foreman helps systems administrators build re-producable hosts by integrating services like DHCP, TFTP, DNS, Puppet CA, and Puppet masters under one common system. Users will see live OpenStack, oVirt, libvirt, EC2, and Rackspace provisioning and then subsequent management with Puppet. We’ll also cover how Foreman makes bare metal provisioning easier by providing a Kickstart & PXE server. A quick overview of Puppet will also be included, but ideally users will already understand configuration management.

This talk will be best for an intermediate to advanced audience; it will be particularly useful if audience members have previous experience with provisioning and a basic understanding of configuration management. Talk attendees can expect to walk away with an understanding of how Foreman can help streamline the management of their systems and provide better insight into what is happening across the topology of their infrastructure. Additionally, users will learn how to replace existing infrastructure (like a Kickstart/PXE server) with Foreman’s improved provisioning capabilities.

Principled Patch Management with Munki
Allister Banks

Munki is a patch management tool for the Mac that follows a set of edicts:

• Standard end users should be able to agree to software installs or apply non-critical updates on their own schedule (with a mechanism for IT to enforce any zero-day patches)
• IT should be empowered to manage all software-related changes in their fleets lifecycle without lengthy processes or brittle backends to maintain
• The Mac IT community as a whole should out-engineer unenlightened vendors so repackaging for distribution is used only as a last resort

As a purpose-built tool to accomplish these goals, Munki seems like something out of the agile, infrastructure-as-code present instead of the proprietary, weighed-down past. We’ll see how easy a proof-of-concept is to get started with, and how the inherent lack of compromise ends up complementing (obviously more powerful) products like Puppet. A mature group of satellite projects has sprung up around it, and we’ll go over some of the more common scenarios in which it’s changed the way Mac IT gets things done.