Agenda

In this talk, the presenter will share a few container troubleshooting stories that were encountered in the life of an infrastructure operator. The use cases are deliberately chosen to be a bit advanced and focused around exploring the inner workings of core libraries and kernel, to remind everyone that even the lowest level of modern systems need some love. The talk will follow a hands-on agenda, interactively iterating over all the key points of the troubleshooting process, focusing on the different tools used and providing immediate value to the listener, who should be able to apply the various workflows to other scenarios. Example use cases presented: - Troubleshooting resource isolation between containers - Tracing the root cause of a crashing containerized application - Monitoring memory and performance issues in containers

Top use cases and different architectures for building and running containers. Overall, my goal is to help you gain insights into how you can most benefit from running containers in your environment.

The current craze of Docker has everyone sticking their processes inside a container… but do you really understand cgroups and how they work? Do you understand the difference between CPU Sets and CPU Shares? Spark is a Scala application that lives inside a Java Runtime, do you understand the consequence of what impact the cgroup constraints have on the JRE? This talk starts with a deep understand of Java’s memory management and GC characteristics and how JRE characteristics change based on core count. We will continue the talk looking at containers and how resource isolation works. The session will detail specifically the difference between CPU sets and CPU shares and memory management. The session will close with a deep understanding of the consequences of running the JRE in a CPU share environment and the potential for pseudo-random behavior of running in a heterogeneous datacenter.

While there have been many improvements around securing containers, there is still a large gap in monitoring the behavior of containers in production. That’s why we created Sysdig Falco, the open source behavioral activity monitor for containerized environments. Sysdig Falco can detect and alert on anomalous behavior at the application, file, system, and network level. In this session get a deep dive into Falco: - How does behavioral security differ from existing security solutions like image scanning? - How does Falco work? - What can it detect? Building and customizing rules - Next steps

Join the party! A fun night at this funky, upscale bowling club with outstanding food and drink!

In this session you'll learn how Kubernetes and Nomad complement each other and provide a solid foundation for running diverse workloads across multiple computing environments.

Containers have been hailed as an easy solution to many problems, from software testing to scaling stateless workloads in production. But anyone can write a deployment tool for a container-based infrastructure, the hard work comes when you get to day 2 and you need to handle the day to day operations and maintenance. Metrics, monitoring, logs, debugging, backups and upgrades are all considerations that operators need to take into account before they invest in a solution. Through lessons learned from direct experience in operations, as well as feedback from open source DC/OS community members, this talk will pull back the curtain to show the internals of how to handle these day 2 operations. It will also provide a checklist of things you want make sure are included when you build a plan for building and maintaining your infrastructure (hint: Logging should never be an afterthought).

Congratulations, you are killing it with your container deployment. Application are faster and more stable with repeatable deploy cycles. You reined in the the single purpose server proliferation and consolidated them into isolated containers running on cluster of container. Your business owners are loving the higher feature velocity, and the somewhat lower costs. But do you know how much your container infrastructure costs, and how well utilized it is? Can you say for certain that your clusters have the right resources mix? Do you know which workloads are the biggest consumers of resources? In this session, we'll show you the steps to identify inefficient resource allocation, and drive continuous improvement across your environment, leveraging detailed information from SysDig together with analysis from CloudHealth. We will demonstrate how to use both SysDig Cloud and SysDig open source to reduce costs and improve utilization and highlight best practices from leading organizations.

By now, most people should be well aware of Sysdig Falco, the open source, behavioral security monitoring tool from Sysdig. In this presentation, I will walk through the simple process of deploying Falco across your Kubernetes fleet, and demo some of the unique insight that you can gain with behavioral monitoring of the containers in your cluster. I'll walk through Yahoo's use cases around visibility and compliance, as well as discuss some of the modifications we made to Falco's rules to meet our needs.

This is the workshop you need to troubleshoot containers like a boss. Join us for a 4-hour use-case driven only training session on container visibility, troubleshooting and run-time security monitoring with the Sysdig open source tools (Sysdig and Falco) and learn how containers work under the hood.

Learn how to debug a 502 error on a containerized LB with HAproxy, a Python webapp crashing after working for 5 minutes or where did you configure wrong credentials in a microservices app

Compare yourself the performance of different web servers running in containers, use system call tracing to find the bottleneck in your application or learn how to use spectrograms (flame graphs) to visualize system call performance.

Dive into Kubernetes internals using reverse engineering: why that Kubernetes service is valid but doesn't work? How does service resolution work? Or how Kubernetes instructs Docker Engine.

Last but not least, all these previous lessons can also be applied for security, not only doing forensics on an attack attempt. Sysdig Falco can alert on containers with anomalous behavior.