This event has ended. Visit the official site or create your own event on Sched.

CoreOS Fest Berlin, the Open Source Distributed Systems Conference, brings together experts from all over the world to discuss container technologies, distributed systems and open source software to help take the industry to the next level in distributed computing.

The 2016 event will gather 500+ developers, devops professionals and sysadmins together to explore the next steps in making container technologies successful and secure.

Learn more at coreos.com/fest 

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Security [clear filter]
Tuesday, May 10

09:50 CEST

Service to Service Auth in a Microservices World
avatar for Jake Moshenko

Jake Moshenko

Product Manager, Quay, CoreOS
Jake Moshenko is the product manager for the Quay container registry at CoreOS, a Linux distribution with containers as a first-class citizen and software distribution channel. Formerly of Google, Amazon, and Boeing, he has been building robust distributed systems for over 10 yea... Read More →

Tuesday May 10, 2016 09:50 - 10:30 CEST

11:00 CEST

Navigating Compliance in a CoreOS World

CoreOS is an excellent starting point for a secure environment, but there are many challenges to deploying and managing CoreOS under common compliance requirements. Compliance itself does not provide security, but it can present roadblocks to adopting revolutionarily awesome technology. A reduced attack surface, automatic updates, a slimmed down base OS, modern systemd and new automation tools should make a system more secure, but they also invalidate traditional approaches to compliance, and raise red flags for people unfamiliar with the technology.

This talks shares our experiences and explores solutions to deploy and manage CoreOS in light of common compliance themes. The presentation will also serve as a guide to those who are leading change in their organizations and are interested in showing how CoreOS can be adopted in the face of traditional ideas about compliance.


Tuesday May 10, 2016 11:00 - 11:40 CEST

11:50 CEST

CoreOS and Distributed Trusted Computing
Join Matthew Garrett for the next step in distributed trusted computing. This presentation will describe how the techniques used to prove hardware trustworthiness can also be used to validate containers. Learn how to secure your container infrastructure on multiple levels and produce cryptographically verifiable audit trails. Come see how we use distributed trusted computing with CoreOS Linux and in Tectonic, our commercial GIFEE offering.

avatar for Matthew Garrett

Matthew Garrett

Principal Security Software Engineer, CoreOS
Matthew Garrett is a security developer at CoreOS, specialising in the areas where software starts knowing a little more about hardware than you'd like. He implemented much of Linux's support for UEFI Secure Boot, does things with TPMs and has found more bugs in system firmware than... Read More →

Tuesday May 10, 2016 11:50 - 12:30 CEST

13:30 CEST

CoreOS Clair integration made easy with HyperClair
It's easy to integrate tracking vulnerabilities of your containers with Clair. But what if you want to do it via your CI/CD pipelines? That's where Hyperclair comes in! Hyperclair is a lightweight REST API which acts as a bridge between Registries like Docker Hub, Docker Registry or Quay.io and CoreOS vulnerability tracker - Clair. Hyperclair could be easily integrated in your CI/CD pipeline, mapping Registry events to the REST API, which will become your authentification reverse proxy.

avatar for Julien Garcia Gonzalez

Julien Garcia Gonzalez

Julien is a DevOps dreamer @ Wemanity. Having background as a Java developer and a lot of frustration acquired, he was able to find his way in DevOps culture, Docker and containerization stuff & OSS community. Recently, he felt in love with Go and tries to bring other people along... Read More →

Tuesday May 10, 2016 13:30 - 14:10 CEST

14:20 CEST

Secure Intercontainer overlay Networking using flannel and tincvpn
For now flannel supports no encryption on the wire. This may be suitable whre you have a trusted internal network or in a setup where you can care for the network encryption on the application level via tls. In this talk Cornelius will demonstrate how to use the CoreOS built in tools etcd and flannel to setuup a distributed VPN with tinc. Flannel will be used to savely allocate IP subnets but will not do the networking. Instead etcd and some scripting will be used to setup a distributed vpn via tinc. All this will be provisioned via the cloud config file and systemd units.

avatar for Cornelius Keller

Cornelius Keller

DevOps Architect, Marketlogic Software AG
Cornelius started his career as a backend developer and systems architect and worked in Berlin IT companies & startups like Immobilienscout24 and bettermarks. In the last year he has focused on continuous delivery, zero downtime deployments, microservice architectures and distributed... Read More →

Tuesday May 10, 2016 14:20 - 15:00 CEST