Conference Program

Through partnership with researchers, careful analysis of actual usage metrics and benchmarking, modern technologies can be leveraged to decrease the time-to-solution for scientific workflows. The fruits of our collaborative approach have enabled our researchers to tackle more complex scientific questions to better diagnose and treat disease. We aim to increase computational and thus scientific throughput with optimized, scalable and sustainable computational architecture specific for our application workflows. Computational and data challenges associated with genomic sequencing will be used as an example.

In a virtualized environment, it is not difficult to retrieve guest OS information from its hypervisor. However, it is very challenging to retrieve information in the reverse direction, i.e., retrieve the hypervisor information from within a guest OS, which remains an open problem and has not yet been comprehensively studied before. In this paper, we take the initiative and study this reverse information retrieval problem. In particular, we investigate how to determine the host OS kernel version from within a guest OS.We observe that modern commodity hypervisors introduce new features and bug fixes in almost every new release. Thus, by carefully analyzing the seven-year evolution of Linux KVM development (including 3485 patches), we can identify 19 features and 20 bugs in the hypervisor detectable from within a guest OS. Building on our detection of these features and bugs, we present a novel framework called Hyperprobe that for the first time enables users in a guest OS to automatically detect the underlying host OS kernel version in a few minutes. We implement a prototype of Hyperprobe and evaluate its effectiveness in five real world clouds, including Google Compute Engine (a.k.a. Google Cloud), HP Helion Public Cloud, ElasticHosts, Joyent Cloud, and CloudSigma, as well as in a controlled testbed environment, all yielding promising results.

Application-level network traffic analysis and sophisticated analysis techniques such as machine learning and stream data processing for network traffic require considerable computational resources. In addition, developing an application protocol analyzer is a tedious and time- consuming task. Therefore, we propose a scalable and flexible traffic analysis platform (SF-TAP) that provides an efficient and flexible application-level stream analysis of high-bandwidth network traffic. Our platform’s flexibility and modularity allow developers to easily implement multicore scalable application-level stream analyzers. Furthermore, SF-TAP is horizontally scalable and can therefore manage high-bandwidth network traffic. We achieve this scalability by separating network traffic based on traffic flows, forwarding the separated flows to multiple SF-TAP cells, each of which consists of a traffic capturer and application-level analyzers. In this study, we discuss the design and implementation of SF-TAP and provide details of its evaluation.

This presentation provides a high level introduction to Database as a Service, and focuses on DBaaS with OpenStack Trove. It also presents an in depth exploration of the Trove architecture.

It helps answer such questions as “What are some major problems faced by IT and database users in the organization,” “What are the benefits of DBaaS,” “What is OpenStack Trove,” “How does Trove relate to such things as Amazon RDS, MongoHQ, Heroku, DynamoDB, HP Cloud Relational Database and Rackspace Cloud Databases,” “Should I offer DBaaS to my organization,” and “Practical considerations in migrating to DBaaS.”

It also explores such concepts as “How does Trove interact with other OpenStack services,” “What are the various components of Trove,” “What are guest agents,” “How are requests to Trove processed,” “How does Trove handle such activities as Backup and Restore, Clustering and Replication,” and “How does Trove support multiple database types.”
 
It presents some practical examples of benefits achieved in adopting DBaaS, shares learnings from the adoption process, and highlights some potential pitfalls. It helps the participant understand the internals and architecture of Trove and provides the participant with knowledge that would be useful in assessing, deploying and managing Trove in the enterprise. It concludes with a view of the road map of features for upcoming releases.

When we think of scalable infrastructure, we think of technologies such as AWS, Kafka, or Mesos. But to operate these shiny things, you need people. Organized and resilient people.

You wouldn’t rollout containerization while your app has a memory leak, so you shouldn’t expand your DevOps team without addressing the leaks in your day-to-day communication and processes. Come learn some of the steps necessary to make your most important platform--your engineers--stable and successful.

Criminals have embraced the cloud to a greater degree than even private enterprise. What's the best cloud for a crook? Yours. This talk will take a look at how criminals are leveraging purloined Linux and Unix assets to build out their infrastructure and some simple methods to thwart their efforts.

SophosLabs' primary goal is publishing threat information to protect our customers. This requires us to monitor millions of malicious attacks each day providing a large data set to mine for information.

Our experience shows that more than 80% attacks originate from compromised assets, the majority of which are running a Linux-based operating system. Administrators of Linux systems can step up and have a serious impact on reducing the criminal footprint and making our friends, families and organizations safer.

PgBackRest is open source software developed to perform efficient backup on PostgreSQL databases that measure in tens of terabytes and greater. It supports per file checksums, compression, partial/failed backup resume, high-performance parallel transfer, asynchronous archiving, tablespaces, expiration, full/differential/incremental, local/remote operation via SSH, hard-linking, restore, and more. PgBackRest is written in Perl and does not depend on rsync or tar but instead performs its own deltas which gives it maximum flexibility. This talk by the author will introduce the features, give sample configurations, and talk about design philosophy.

With continuous development, we write less code and consume more re-usable open source code. Innovation is accelerated and so is application complexity. Complexity is the enemy of quality. Poor quality creates unplanned/unscheduled work. Re-work creates a drag on development speed. It’s a continuous loop. While Agile and DevOps have made us faster and more efficient, they can only take us so far... and worse, the year of OpenSource attacks we've just had commands better practices.

What if we could deliver applications on-time (even faster), on-budget (even more efficiently) and with a natural byproduct of more acceptable quality and risk?

The good news: other industries have figured this out with supply chain management. Applying supply chain approaches to software raises the bar on continuous goals.

A few of the patterns we can take from the rigor of things like the Toyota Supply Chain:

• Scrutinize the number and quality of your “suppliers”
• Manage out avoidable risk, complexity, and code bloat
• Improve traceability and visibility
• Ensure prompt agile responses when things go wrong

Pending legislation with the Cyber Supply Chain Transparency Act makes this a particularly important topic for Federal Agencies and the ISVs and SIs who provide software to them. This session will also provide background on this act and provide practical guidance on how respond to and benefit from it.

With members distributed all around the world across multiple companies and organizations, the OpenStack project infrastructure team manages hundreds of servers for use by the OpenStack developer community. This talk gives an overview of the open source tools and strategies we use to be an effective remote, distributed team. These tools and strategies include weekly meetings on IRC, leveraging the OpenStack code review and continuous integration system for systems changes, use of collaborative editors when completing work during maintenance windows and more.

Federated identity lets you outsource authentication to a trusted third party, eliminating the requirement to manage a set of users in each web application. There are several specifications that implement this, for different targets. SAML is generally interesting to enterprises and provides features like Single Sign-On (SSO) and Single Logout (SLO). OpenID is a specification sponsored by Facebook, Microsoft, Google and others, and is generally consumer oriented.

Federated identity servers support a number of common authentication mechanisms from username/password, Kerberos, LDAP, one-time passwords, etc.

This talk will provide an introduction to Federated Identity providers: what they are, what they are not, and how and when they can be used.

Monitoring systems will get smarter in order to keep up with the demands of tomorrow's IT architectures. Features like anomaly detection, root cause analysis, and forecasting tools will be critical components of this next level of monitoring. At the same time, the data that monitoring systems ingest is ever increasing in amount and velocity.

This session covers architectural models for advanced online analytics. We argue that stateful online computations provide a means to realize machine learning on high-velocity data. We show how alerting systems, event engines, stream aggregators, and time-series databases interact to support smart, scalable, and resilient monitoring solutions.