From November 11th through 13th I attended and spoke at Usenix’s LISA15 (Large Installation Systems Administration) conference. I participated in a women in tech panel back in 2012, so I’d been to the conference once before, but this was the first time I submitted a talk. A huge thanks goes to Tom Limoncelli for reaching out to me to encourage me to submit, and I was amused to see my response to his encouragement ended up being the introduction to a blog post earlier this year. LISA has changed!

The event program outlines two main sections of LISA, tutorials and conference. I flew in on Tuesday in order to attend the three conference days from Wednesday through Friday. I picked up my badge Tuesday night and was all ready for the conference come Wednesday morning.

Wednesday began with a keynote from Mikey Dickerson of the U.S. Digital Service. It was one of the best talks I’ve seen all year, and I go to a lot of conferences. Launched just over a year ago (August 2014), the USDS is a part of the US executive office tasked with work and advisement to federal agencies about technology. His talk centered around the work he did post launch of healthcare.gov. He was working at Google at the time and was brought in as one of the experts to help rescue the website after the catastrophic failed launch. Long hours, a critical 24-hour news cycle that made sure they stayed under pressure to fix it and work to convince everyone to use best practices refined by the industry made for an amusing and familiar tale. The reasons for the failure were painfully easy to predict, no monitoring, no incident response plan or post-mortems, no formal testing and release process. These things are fundamental to software development in the industry today, and for whatever reason (time? money?) were left off this critical launch. The happy ending was that the site now works (though he wouldn’t go as far as saying it was “completely fixed”) and their success could be measured by the lack of news about the website during the 2014-2015 enrollment cycle. He also discussed some of the other work the USDS was up to, including putting together Requirements for Federal Websites and Digital Services, improvements to VA disability processing and the creation of the College Scorecard.

A talk by Mikey Dickerson of the USDS opens up LISA15

I then went to see Supercomputing for Healthcare: A Collaborative Approach to Accelerating Scientific Discovery (slides linked on that page) presented by Patricia Kovatch of the Icahn School of Medicine at Mount Sinai. She started off by talking about the vast amounts of data collected by facilities like Mount Sinai and how important having that data accessible and mine-able by researchers who are looking for cures to health problems. Then she dove into into collaboration, the keystone of her talk, bringing up several up important social points. Even as a technologist, you should understand the goals of everyone you work with, from the mission statement of your organization to yourself, your management, your clients and the clients (or patients!) served by the organization. Communication is key, and she recommended making non-tech friendly visualizations (that track metrics which are important – and re-evaluate those often), monthly reports and open meetings where interested parties can participate and build trust in your organization. She also covered some things that can be done to influence user behavior, like creating a “free” compute queue that’s lower priority but a department doesn’t need to pay for to encourage usage of that rather than taking over the high priority queue for everything (because everyone’s job is high priority when it’s all the same to them…). In case it’s not obvious, there was a lot of information in this talk squeezed into her time slot! I can’t imagine any team realistically going from having a poorly communicating department to adopting all of these suggestions, but she does present a fantastic array of helpful ideas that can be implemented slowly over time, each of which would help an organization. The slides are definitely worth a browse.

Next up was my OpenStack colleague Devananda van der Veen who was talking about Ironic: A Modern Approach to Hardware Provisioning. Largely divorcing Ironic from OpenStack, he spent this talk talking about how to use it largely as a stand alone tool for hardware provisioning. But he did begin by talking about how tools like OpenStack have started handling VMs, which themselves are abstractions of computers, and that Ironic takes that one step further, but instead of a VM you have hardware that’s an abstraction of a computer, thus putting bare metal and VMs on similar footing abstraction-wise with tooling in OpenStack with Ironic. He spent a fair amount of time talking about how much effort has been put in by hardware manufacturers into writing hardware drivers, and how quickly adoption in production has taken off with companies like Rackspace and Yahoo! being very public about their usage.

The hallway track was strong at this conference! The next talk I attended was in the afternoon, The Latest from Kubernetes by Tim Hockin. As an open source project, I feel like Kubernetes has moved very quickly since I first heard about it, so this was really valuable talk that skipped over introductory details and went straight to talking about new features and improvements in version 1.1. There’s iptables kube-proxy (yay kernel!), support for a level 7 loadbalancer (Ingress), namespaces, resource isolation, quota and limits, network plugins, persistent volumes, secrets handling and an alpha release of daemon sets. And his talk ran long, so he wasn’t able to get to everything! Slides, all 85 of them, are linked to the talk page and are valuable even without the accompanying talk.

My day wrapped up with My First Year at Chef: Measuring All the Things by Nicole Forsgren, the Director of Organizational Performance & Analytics at Chef. Nicole presented a situation where she joined a company that wanted to do better tracking of metrics within a devops organization and outlined how she made this happen at Chef. The first step was just talking about metrics, do you have them? What should you measure? She encouraged making sure both dev and ops were included in the metrics discussions so you’re always on the same page and talking about the same things. In starting these talks, she also suggested the free ~20 page book Data Driven: Creating a Data Culture for framing the discussions. She then walked through creating a single page scorecard for the organization about key things they want to see happen or improve, pick a few key things and then work toward how they can set targets and measure progress and success. Benchmarks were also cited as important, so you can see how you’re doing compared to where you began and more generally in the industry. Advice was also given about what kinds of measurement numbers to look at: internal, external, cultural and whether subjective or objective makes the most sense for each metric, and how to go about subjective measuring.

Nicole Forsgren on “Measuring All the Things”

I had dinner with my local friend Mackenzie Morgan. I hadn’t seen her since my wedding 2.5 years ago, so it was fun to finally spend time catching up in person, and offered a stress-free conclusion to my first conference day.

The high-quality lineup of keynote speakers continued on Thursday morning with Christopher Soghoian of the ALCU who came to talk about Sysadmins and Their Role in Cyberwar: Why Several Governments Want to Spy on and Hack You, Even If You Have Nothing to Hide. He led with the fact that many systems administrators are smart enough to know how to secure themselves, but many don’t take precautions at home: we use poor passwords, don’t encrypt our hard drives, etc. I’m proud to say that I’m paranoid enough that I actually am pretty cautious personally, but I think that stems from being a hobbiest first, it’s always been natural for my personal stuff to be just as secure as what I happen to be paid to work on. With that premise, he dove into government spying that was made clear by Snowden’s documents and high profile cases of systems administrators and NOC workers being targeted personally to gain control of the systems they manage either through technical means (say, sloppy ssh key handling), social engineering or stalking and blackmail. Know targets have been people working for the government, sysadmins at energy and antivirus companies, but he noted any of us could be a target if the data we’re responsible for administering is valuable in anyway. I can’t say any of the information in the talk was new to me, but it was presented in a way that was entertaining and makes me realize that I probably should pay more attention in my day to day work. Bottom line: Even if you’re just an innocent, self-proclaimed boring geek who goes home and watches SciFi after work, you need to be vigilant. See, I have a reason to be paranoid!

I picked up talks in the afternoon by attending one on fwunit: Unit Testing and Monitoring Your Network Flows with Fwunit by Dustin J. Mitchell. The tool was specifically designed for workflows at Mozilla so only a limited set of routers and switches are supported right now (Juniper SRX, AWS, patches welcome for others), but the goal was to be able to do flow monitoring on their network in order to have a good view into where and how traffic moved through their network. They also wanted to be able to do this without inflexible proprietary tooling and in a way that could be scripted into their testing infrastructure. Did a change they make just cut off a bunch of traffic that is needed by one of their teams? Alert and revert! Future work includes improvements to tracking ACLs, optimized statistic gathering and exploring options to test prior to production so reverts aren’t needed.

Keeping with the networking thread, Dinesh G Dutt of Cumulus Networks spoke next on The Consilience Of Networking and Computing. The premise of his talk was that the networking world is stuck in a sea of proprietary tooling that isn’t trivial to use and the industry there is losing out on a lot of the promises of devops since it’s difficult to automate everything in an effective manner. He calls for a more infrastructure-as-code-driven plan forward for networking and cited places where progress is being made, like in the Open Compute Project. His talk reminded me of OpenConfig working group that an acquaintance has been involved with, so it does sound like there is some consensus among network operators about where they want to see the future go.

The final talk I went to on Thursday was Vulnerability Scanning’s Not Good Enough: Enforcing Security and Compliance at Velocity Using Infrastructure As Code by Julian Dunn. He was preaching to the choir a bit as he introduced how useless standard vulnerability scanning is to us sysadmins (“I scanned for your version of Apache, and that version number is vulnerable” “…do you not understand how distro patches work?”) and expressed how challenging they are to keep up with. His proposal was two fold. First, that companies get more in the habit of prioritizing security in general rather than passing arbitrary compliance tests. Second, to consolidate the tooling used by everyone and integrate it into the development and deployment pipeline to make sure security standards are adhered to in the long run (not just when the folks testing for compliance are in the building). To this end, he promoted use of the Chef Inspec Project.

Thursday evening was the LISA social, but I skipped that in favor of a small dinner I was invited to at a local Ethiopian restaurant. Fun fact: I’ve only ever eaten Ethiopian food when I’m traveling, and the first time I had it was in 2012 when I was in San Diego, following my first LISA conference!

The final day of the conference began with a talk by Jez Humble on Lean Configuration Management. He spent some time reflecting on modern methodologies for product development (agile, change management, scrum), and discussed how today with the rapid pace of releases (and sometimes continuous delivery) there is an increasing need to make sure quality is built in at the source and bugs are addressed quickly. He then went into the list of very useful indicators for a successful devops team:

• Use of revision control
• Failure alerts from properly configured logging and monitoring
• Developers who merge code into trunk (not feature branches! small changes!) daily
• Peer review driven change approval (not non-peer change review boards)
• Culture that exhibits the Generative organizational structure as defined by R Westrum in his A typology of organisational cultures

He also talked a fair amount about team structures and the ricks when not only dev and ops are segregated, but also product development and others in the organization. He proposed bringing them closer together, even putting an ops person on a dev team and making sure business interests and goals in the product are also clearly communicated to everyone involved.

It was a pleasure to have my talk following this one, as our team strives to tick off most of the boxes when it comes to having a successful team (though we don’t really do active, alerting monitoring). I spoke on Tools for Distributed, Open Source Systems Administration (slides linked on the linked page) where I walked through the key strategies and open source tools we’re using as a team that’s distributed geographically and across time zones. I talked about our Continuous Integration system (the heart of our work together), various IRC channels we use for different purposes (day to day sync-up, meetings, sprints, incidents), use of etherpads for collaborative editing and work and how we have started to address hand-offs between time zones (mostly our answer is “hire more people in that time zone so they have someone to work with”). After my talk I had some great chats with folks either doing similar work, or trying to nudge their organization into being productive across offices. The talk was also well attended, so huge thanks to everyone who came out to it.

At lunch time I had a quick meal with Ben Cotton before sneaking off to the nearby zoo to see if I could get a glimpse of the pandas. I saw a sleeping panda. I was back in time for the first talk after lunch, Thomas A. Limoncelli on Transactional System Administration Is Killing Us and Must be Stopped. Many systems administrators live in a world of tickets. Tickets come in, they are processed, we’re always stressed because we have too many tickets and are always running around to get them done with poor tooling for priority (everything is important!). It also leads to a very reaction-driven workflow, instead of fixing fundamental long term issues and long term planning is very hard. It also creates a bad power dynamic, sysadmins begin to see users as a nuisance, and users are always waiting on those sysadmins in order to get their work done. Plus, users hate opening tickets and sysadmins hate reading tickets opened by users. Perhaps worst of all, we created this problem by insisting upon usage of ticketing systems in the 90s. Whoops. In order to solve this, his recommendations are very much in line with what I’d been hearing at the conference all week: embed ops with dev, build self-service tooling so repeatable things are no longer manually done by sysadmins (automate, automate, automate!), have developers write their own monitors for their software (ops don’t know how it works, the devs do, they can write better monitoring than just pinging a server!). He also promoted the usage of Kanban and building your team schedule so that there is a rotating role for emergencies and others are able to focus on long term project work.

The final talk of the main conference I attended was The Care and Feeding of a Community by Jessica Hilt. I’ve been working with communities for a long time, even holding some major leadership positions, but I really envy the experience that Jessica brought to her talk, particularly since she’s considerably more outgoing and willing to confront conflict than I am. She began with an overview of different types of communities and how their goals matter so you can collect the right group of people for the community you’re building. She stressed that goals like cooperative learning (educational, tech communities, beyond) is a valuable use of a group’s time and helps build expertise and encourages retention when members are getting value. Continuing on a similar theme, networking and socialization are important, so that people have a bond with each other and provide a positive feedback loop that keeps the community healthy. During a particularly amusing part of her talk, she also mentioned that you want to include people who complain, since it’s often that the complainers are passionate about the group topic, but are just grumpy and they can be a valuable asset. Once you have ideas and potential members identified, you can work on organizing. What are the best tools to serve this community? What rules need to be in place to make sure people are treated fairly and with respect? She concluded by talking about long term sustainability, which includes re-evaluating the purpose of the group from time to time, making sure it’s still attracting new members, confirming that the tooling is still effective and that the rules in place are being enforced.

During the break before the closing talks of the conference I had the opportunity to meet the current Fedora Project Lead, Matthew Miller. Incidentally, it was the same day that my tenure on the Ubuntu Community Council officially expired, so we were able to have an interesting chat about leadership and community dynamics in our respective Linux distributions. We have more in common than we tend to believe.

The conference concluded with a conference report from the LISA Build team that handled the network infrastructure for the conference. They presented all kinds of stats about traffic and devices and stories of their adventures throughout the conference. I was particularly amused when they talked about some of the devices connecting, including an iPod. I couldn’t have been the only one in the audience brainstorming what wireless devices I could bring next year to spark amusement in their final report. They then handed it off to a tech-leaning comedian who gave us a very unusual, meandering talk that kept the room laughing.

This is my last conference of the year and likely my last talk, unless someone local ropes me into something else. It was a wonderful note to land on in spite being tired from so much travel this past month. Huge thanks to everyone who took time to say hello and invite me out, it went a long way to making me feel welcome.

More photos from the conference here: https://www.flickr.com/photos/pleia2/sets/72157660670374520

After a quick trip to Las Vegas in October, I was off to Houston for my first Grace Hopper Celebration of Women in Computing! I sometimes struggle some with women in computing events, and as a preamble to this post I wrote about it here. But I was excited to finally attend a Grace Hopper conference and honored to have my talk about the Continuous Integration system we use in the OpenStack project accepted in the open source track.

Since I’m an ops person and not a programmer, the agenda I was looking at leaned very much toward the keynotes, plenaries and open source, with a few talks just for fun thrown in. Internet of Things! Astronauts!

Wednesday kicked off with a series of keynotes. The introduction by Telle Whitney, CEO and President of the Anita Borg Institute for Women and Technology (ABI) included statistics about attendees, of which there were 12,000 from over 60 countries and over 1,000 organizations. She then introduced the president of the ACM, Alexander L. Wolf, who talked about Association for Computing Machinery (ACM) and encouraged attendees to join professional organizations like the ACM in order to bring voice to our profession. I’ve been a member since 2007.

The big keynote for the morning was by Hilary Mason, a data scientist and Founder at Fast Forward Labs. She dove into the pace of computer technology, progress of Artificial Intelligence and how data is driving an increasing amount of innovation. She explained that various mechanisms that make data available and the drop in computing prices has helped drive this, explaining that what makes a machine intelligence technology interesting tends to follow four steps:

1. A theoretical breakthrough
2. A change in economics
3. A capability to build a commodity
4. New data is available

Slides from her talk are on slideshare.

From the keynotes I went to the first series of open source presentations which began with a talk by Jen Wike Huger on contributing to opensource.com. As a contributor already, it was fun to hear her talk and I was particularly delighted to see her highlight three of my favorite stories as examples of how telling your open source story can make a difference:

• Students power this open source high school
• Asian Penguins middle school Linux club inspires community
• A 3D printed hand brings the crowd to their feet

Jen Wike Huger on opensource.com

The next presentation was by Robin J. Goldstone, a Solutions Architect at Lawrence Livermore National Laboratory (LLNL) where they work on supercomputers! Her talk centered around the extreme growth of open source in the High Performance Computing (HPC) space by giving a bit of a history of supercomputing at LLNL and beyond, and how the introduction of open source into their ecosystem has changed things. She talked about their work on the CHAOS Linux clustering operating system that they’ve developed which allows them to make changes without consulting a vendor, many of whom aren’t authorized to access the data stored on the clusters anyway. It was fascinating to hear her speak to how it’s been working in production and she expressed excitement about the ability to share their work with other organizations.

From there, it was great to listen to Sreeranjani (Jini) Ramprakash of Argonne National Laboratory where they’re using Jenkins, the open source Continuous Integration system, in their supercomputer infrastructure. Most of her talk centered less around the nuts and bolts of how they’re using it, and more on why they chose to adopt it, including the importance testing changes in a distributed team (can’t just tap on a shoulder to ask why and when something broke), richer reports when something does break and shorter debug time since all changes are tested. When talking about Jenkins specifically, we learned that they had used it elsewhere in their organization so adopting that hosted version was at first a no-brainer, but then when they learned that they really had to run their own. The low bar created by it being open source software allowed them to run it themselves without too much of an issue.

That afternoon I attended the plenaries, kicked off by Clara Shih, the CEO and Founder at Hearsay Social. Her talk began by talking about how involvement with the Grace Hopper conference and ABI helped prepare her early for success in her career, and quickly launched into 5 major points when working in and succeeding with technology:

1. Listen carefully (to everyone: customers, employees)
2. Be OK with being different (and you have to be yourself to truly be accepted, don’t fake it)
3. Cherish relationships above all else (both personal and professional, especially as a minority)
4. There is no failure, only learning
5. Who? If not us. When? If not now. (And do your part to encourage other women in tech)

Clara Shih keynote

Her plenary was followed by a surprising one from Blake Irving, the CEO of GoDaddy. GoDaddy has a poor reputation when it comes to women, particularly with respect to their objectifying ad campaigns that made the company famous early on. In his talk, I felt a genuine commitment from him personally and the company to change this, from the retirement of those advertisements and making sure the female employees within GoDaddy are being paid fairly. Reflecting on company culture, he also said they wanted advertising to reflect the passion and great work that happens within the company, in spite of poor public opinion due to their ads. They’re taking diversity seriously and he shared various statistics about demographics and pay within the company to show gender pay parity in various roles, which is a step I hadn’t seen a company do before (there are diversity stats from several companies, but not very detailed or broken up by role in a useful way). The major take-away was that if a company with a reputation like GoDaddy can work toward turning things around, anyone can.

The final plenary of Wednesday was from Megan Smith, the Chief Technology Officer of the United States. The office was created by President Obama in 2009 and Smith is the third person to hold the post, and the first woman. Her talk about the efforts being made by the US government to embrace the digital world, from White House Tech Meetups, the TechHire Initiative and White House Demo Days and Maker work. Even more exciting, she brought a whole crew of women from various areas of the government to speak on various projects. One spoke on simplifying access to Veteran Medical records through digital access, another on healthcare more broadly as they worked to fix Healthcare.org after it was launched. A technology-driven modernization effort to the immigration system was particularly memorable, as work to make it easier and cheaper for potential citizens to get the resources they need without the mountain of confusing and expensive forms that they often have to go through today to become citizens and bring family members to the United States. It was also interesting to learn about the open data initiatives from data.gov as well as how citizens can help bring more records online through the Citizen Archivist program. I was also really impressed with their commitment to open source throughout all of their talks. It seems obvious to me that any software developed with my tax dollars should be made available to me in an open source manner, but it’s only recently that this has actually started to gain traction, and this administration seems committed to making sure we continue to go in this direction.

Technologists in US Government!

A quick walk through the opening of the career fair and exposition hall finished up my day. It was a pretty overwhelming space. So many companies seeking to interview and hiring from the incredible pool of talent that GHC brings together.

My Thursday was very busy. It began with an HP networking breakfast, with the 70 or so people from HP who came to the conference as attendees (not booth and interview staff) could meet up. I got a surprise at the breakfast by being passed the microphone after several VPs spoke as I was one of the two speakers from HP who was attending the conference and the only one at the breakfast, no pressure! From there, it was off to the keynotes.

I really enjoyed hearing from Hadi Partovi, the Founder of Code.org about his take on the importance of humans being taught about coding in the world today and how the work of Code.org is helping to make that happen on a massive scale. The growing demand versus slower creation of computer science professional statistics were grim and he stressed the importance of computer science as a component of primary education. It was impressive to learn about some of the Code.org statistics from their mere 2 years of existence, going into their third year they’re hoping to reach hundreds of thousands of more students.

It was a real pleasure to hear from Susan Wojcicki, the CEO of YouTube. She touched upon several important topics, including myths in computing that keep school age girls (even her own daughter!) away: Computer Science is boring, girls aren’t good at it and discomfort with associating with the stereotypical people who are portrayed in the field. She talked about the trouble with retention of women in CS, citing improvements to paid maternity leave as a huge factor in helping retention at Google.

Following the keynotes I attended the next round of open source sessions. Becka Morgan, a professor at Western Oregon University began the morning with a very interesting talk about building mentorship programs for her students in partnership with open source projects. I learned that she initially had worked with the local Ubuntu team, even having some of her students attend an Ubuntu Global Jam in Portland, an experience she hoped to repeat in the future. She walked us through various iterations of her class structure and different open source projects she worked with in order to get the right balance of structure, support from project volunteers and clear expectations on all sides. It was great to hear about how she was then able to take her work and merge it with that of others in POSSE (Professors’ Open Source Summer Experience) so they could help build programs and curriculum together. Key take-aways for success in her classroom included:

• Make sure students have concrete tasks to work on
• Find a way to interact with open source project participants in the classroom, whether they visit or attend virtually through a video call or similar (Google Hangouts were often used)
• Tell students to ask specific, concrete questions when they need help, never assume the mentors will stop their work to reach out and ask them if they need help (they’re busy, and often doing the mentoring as a volunteer!)
• Seek out community opportunities for students to attend, like the Ubuntu Global Jam

Her talk was followed by one by Gina Likins of Red Hat who talked about the experience in her career moving from a very proprietary company to one that is open and actually develops open source software. As someone who is familiar with structures of open organizations from my own work and open source experiences it was mostly information I was familiar with, but one interesting point she made was that in some companies people hoard information in an effort to make sure they have an edge over other teams. This stifles innovation and is very short-sighted, more importance in sharing knowledge so that everyone can grow is a valuable cultural trait for an organization. Billie Rinaldi followed Gina’s talk with one about working on an Apache Software Foundation project, sharing the benefits of a solid structure and valuable structures for getting involved as important to open source projects and something that the foundation supports.

Prior to a partner lunch that I was invited to, I went to a final morning talk by Dr. Nadya Fouad who published the famous Leaning in, but Getting Pushed Back (and Out) study results where culture, including failure to provide clear and fair advancement opportunities, was cited in their study of women leaving engineering. I’d read articles about her work, as it was widely covered when it first came out as one of the best studies to come out covering the retention problem. Of particular note was that about $3.4 billion in US federal funds are spent on the engineering “pipeline problem” each year, and very little attention is paid to the near 50% of women who complete an engineering degree and don’t continue with an engineering career. I’ve known that culture was to blame for some time, so it was satisfying to see someone do a study on the topic to gather data beyond the unscientific anecdotal stories I had piled up in my own experience with female friends and acquaintances who have left or lost their passion for the tech industry. She helpfully outlined things that were indicators for a successful career path, of course noting that these things are good for everyone: good workload management, psychologically safe environment, supportive leadership, promotion path, equitable development opportunities and an actively supported work/life balance policy.

Dr. Nadya Fouad on retention in engineering

After lunch began the trio of open source presentations that included my own! The afternoon began with a talk by Irene Ros on Best Practices for Releasing and Choosing Open Source Software. This talk gave her an opportunity to attack evaluation of open source from both sides, both what to look for in a project before adopting it and what you need to provide users and a community before you release your own open source project – predictably these are the same thing! She stressed the importance of using a revision control system, writing documentation, version tracking (see semver.org for a popular method), publishing of release notes and changelogs, proper licensing, support and issue tracking and in general paying attention to feedback and needs of the community. I loved her presentation because it included a lot of valuable information packed into her short talk slot, not all of which is obvious to new projects.

My talk came next, where I talked about our Open Source Continuous Integration System. In 20 minutes I gave a whirlwind tour of our CI system, including our custom components (Zuul, Nodepool, Jenkins Job Builder) along with the most popular open source offerings for code review (Gerrit) and CI (Jenkins). I included a lot of links in my talk so that folks who were interested could dive deeper into whichever component my quick overview was of interest to them. I was delighted to conclude my talk with several minutes of engaging Q&A before turning the microphone over to my OpenStack colleague Anne Gentle. Slides from my talk are here: 2015-ghc-Open-Source-Continuous-Integration-System.pdf

Thanks to Terri Oda for the photo! (source)

Anne’s talk a great one on documentation. She stressed the importance of treating open source documentation just like you would code. Use revision control, track versions, make the format they are written in simple (like reStructuredText) and use the same tooling as developers so it’s easy for developers to contribute to documentation. She also spoke about the automated test and build tools we use in OpenStack (part of our CI system, yay!) and how they help the team continue to publish quickly and stay on top of the progress of documentation. It was also worthy to note that writing documentation in OpenStack grants one Active Technical Contributor status, which gives you prestige in the community as a contributor (just like a developer) and a free ticket to the OpenStack summits that happen twice a year. That’s how documentation writers should be treated!

Since our trio of talks followed each other immediately, I spent the break after Anne’s talk following up with folks in the audience who were interested in learning more about our CI system and generally geeking out about various components. It was a whole lot of fun to chat with other Gerrit operators and challenges that our Nodepool system solves when it comes to test node handling. I had a lot of fun, and it’s always great when these conversations follow me for the rest of the conference like they did at GHC.

The next session I attended was the Women Lead in Open Source panel. A fantastic lineup of women in open source explored several of the popular open source organizations and opportunities for women and others, including Systers, Google Summer of Code, Outreachy and OpenHatch. The panel then spent a lot of time answering great questions about breaking into open source, how to select a first project and searching for ways to contribute based on various skills, like knowledge of specific programming languages.

The plenary that wrapped up our day was a popular one by Sheryl Sandberg, which caused the main keynote and plenary room to fill up quickly. For all the criticism, I found myself to be the target audience of her book Lean In and found tremendous value in not holding back my career while waiting for other parts of my life to happen (or not). Various topics were covered in her plenary, from salary parity across genders and the related topic of negotiation, bringing back the word “feminism” and banning the word “bossy”, equal marriages, unconscious bias and the much too gradual progress on C-suite gender parity. She has placed a lot work and hope into Lean In Circles and how they help build and grow the necessary professional networks for women. She advised us to undertake a positive mindfulness exercise before bed, writing down three things you did well during the day (“even if it’s something simple”). A strong conclusion was made by telling us to stay in technology, because they are the best jobs out there.

With the plenary concluded, I went back to my hotel to “rest for a few minutes before the evening events” and promptly fell asleep for 2.5 hours. I guess I had some sleep debt! In spite of missing out on some fun evening events, it probably a wise move to just take it easy that evening.

Friday’s keynote could be summed up concisely with one word: Robots! Valerie Fenwick wrote a great post about the keynote by Manuela Veloso of Carnegie Mellon University here: GHC15: Keynote: Robotics as a Part of Society.

As we shuffled out of the last keynote, I was on my way back to the open source track for star-studded panel (ok, two of them are my friends, too!) of brilliant security experts. The premise of the panel was exploring some of the recent high profile open source vulnerabilities and the role that companies now play in making sure this widely used tooling is safe, a task that all of the panelists work on. I found a lot of value in hearing from security experts what struggles they have when interacting with open source projects, like how to be diplomatic about reporting vulnerabilities and figuring out how to do it securely when a mechanism isn’t in place. They explored the fact that most open source projects simply don’t have security in mind, and they suggested some simple tooling and tips that can be used to evaluate security of various types of software, from Nmap and AFL to the OSWASP Top 10 of 2013 which is a rundown of common security issues with software, many of which are still legitimate today and the Mozilla wiki that has a surprising amount of security information (I knew about it from their SSL pages, lots of good information there). They also recommended the book The Art of Software Security Assessment and concluded my mentioning that learning about security is a valuable skill, there are a lot of jobs!

I had a bit of fun after the security panel and went to one of the much larger rooms to attend a panel about Data Science at NASA. Space is cool, and astronaut Catherine Coleman on the panel to talk about her work on the International Space Station (ISS)! It was also really fun to see photos of several women she’s worked with on the ISS and in the program, as female *nauts are still a minority (though there are a lot of female technologists working at NASA). I enjoyed hearing her talk about knowing your strengths and those of the people you’re working, since your life could depend upon it, teams are vital at NASA. Annette Moore, CIO of the Johnson Space Center, then spoke about the incredible amount of data being sent from the ISS, from the results of experiments to the more human communications that the astronauts need to keep in contact with those of us back on Earth. I have to admit that it did sound pretty cool to be the leader of the team providing IT support for a space station. Dorothy Rasco, CFO at Johnson Space Center, then spoke about some of the challenges of a manned mission to Mars, including handling the larger, more protected lander required, making sure it gets there fast enough, and various questions about living in a different atmosphere and food (most doesn’t have a shelf life beyond 3 years, not long enough!). Panel moderator and CTO-IT of NASA Deborah Diaz then took time to talk more broadly about the public policy of data at NASA which meant some interesting and ongoing big data challenges around making sure it’s all made available effectively. She shared a the link to open.nasa.gov that has various projects for the public, including thousands of data sets, open source code repositories and almost 50 APIs to work with. Very cool stuff! She also touched upon managing wearables (our new “Internet of Things”) that astronauts have been wearing for years, and how to manage all the devices on a technology and practical level, to record and store important scientific data collected, all without overburdening those wearing them.

Later in the afternoon I went to a fun Internet of Things workshop where we split into groups and tried to brainstorm an IoT product while paying careful attention to security and privacy around identity and authentication mechanisms for these devices. Our team invented a smart pillow. I think we were all getting pretty tired from conferencing!

The conference concluded with an inspiring talk from Miral Kotb, the Founder of iLuminate. A brilliant software engineer, I loved hearing about her passion for dance and technology, and how she followed both to dream up and build her company. I’d never heard of iLuminate before, but for the other uninitiated their performances are done in the dark with full body suits that use a whole bunch of lights synced up with their proprietary hardware and software to give the audience a light, music and dance show. Following her talk she brought out the dancers to close the conference with a show, nice!

I met up with some friends and acquaintances for dinner before going over to the closing party, which was held in the Houston Astros ballpark! I had fun, and made it back to the hotel around 10:30 so I could collect my bags and make my move to a hotel closer to the airport so I could just take a quick shuttle in the early AM to catch my flight to Tokyo the next day.

More photos from the conference and after party here: https://www.flickr.com/photos/pleia2/albums/72157659453000380

It was quite a conference, I’m thankful that I was able to participate. The venue in Houston was somewhat disruptively under construction, but it’s otherwise a great space and it was great to learn that they’ll be holding the conference there again next year. I’d encourage women in tech I know to go if they’re feeling isolated or looking for tips to succeeding. If you’re thinking of submitting a talk, I’d also be happy to proof and make recommendations about your proposal, as it’s one of the more complicated submission processes I’ve been through and competition for speaking slots is strong.