Presentations

CloudNativePG is an open-source Kubernetes operator for PostgreSQL, which has officially been accepted into the Cloud Native Computing Foundation (CNCF) Sandbox.

CloudNativePG manages the full lifecycle of PostgreSQL clusters, configured with a primary/standby setup using native streaming replication for high availability. It is fully declarative and Kubernetes-native. The operator avoids StatefulSets, managing Pods and PersistentVolumeClaims directly. This gives it granular control over storage, instance lifecycle, and automated failover procedures.

We will cover its core design philosophy and key features—including automated deployment, self-healing, and integrated backup/recovery. We will also demonstrate how easy it is to spin up, manage, and scale robust PostgreSQL clusters using CloudNativePG.

Recently, several open source companies attracted a lot of attention after their announcements of license changes. Not surprisingly, these shifts sparked backlash from open source enthusiasts, prompting some to create community-driven forks under open source foundations.

Now there is growing skepticism toward (single) company backed open source projects, with many arguing that open source projects should be run by neutral foundations to prevent future bait-and-switch tactics. In this session, we'll explore if a foundation is always the right model for open source projects. 

“Confidential Vector Search: Knowledgebase Homomorphic Encryption” introduces a practical path to RAG systems that can search sensitive embeddings without ever revealing them. Building on the SIAM study “Maturing Homomorphic Encryption (HE) to Enable Privacy Preserving Vector Search,” Sulimon Sattari will unpack how techniques like dimensional scrambling, noise injection, CKKS, and chaotic mapping can be combined with new schemes such as DIEHARD and ROME to preserve inner products while keeping queries and documents encrypted.
 

Step into the world of stream processing, where events arrive sporadically and timing matters.

This talk explores managing the journey and lifetime of an events during stream processing. We will discuss data events from ingestion to output and examine what happens along the way.

Using a movie theater metaphor, we will explain key ideas like time windows, late arrivals, and dead letter queues. The talk connects high-level concepts to practical implementation notes. You will leave with a clear and useful mental model for working with real-time data.

“Consent Chain: Towards MyTerms” explores how we can finally escape cookie banners and move to user‑set, cryptographically provable privacy terms. Drawing on his work at Kasm, Jaymes Davis will unpack the ConsentChain model shown in this session’s poster: users define a universal privacy profile once; a browser plugin then auto‑negotiates consent with websites and records a tamper‑proof hash of the agreement on a public blockchain, giving enterprises auditable compliance while eliminating banner fatigue for individuals.
 

Over the past few years, OCI containers and Kubernetes have become the backbone of Meta’s open-source cloud infrastructure. This talk explores the complexities of safely running containers inside containers (“nested containers”) without root privileges. It demystifies OCI container internals, highlights the latest open-source advancements enabling rootless deployments, and addresses the unique challenges posed by nested environments. Through production case studies, it shares lessons for secure, efficient container-in-container deployments.

This talk will discuss different ways to crack passwords. There will be a brief history of how passwords are hashed, how hashing works, how long a password should be, how to pick a good password, password managers, and defense against passwords being cracked.

Three ways to crack passwords will be described. Custom open source tools I wrote to help manage password cracking will be described.

I will discuss statistics on 1 billion passwords I have found including password length, use of different character classes such as all lowercase, all uppercase and more. Password patterns will be discussed.

We'll discuss the three main tone mappers in darktable, an application for developing RAW files from your digital camera,  what the tone mapper does well, and how to use them. We'll also cover several other modules and some techniques.

Everyone is running their applications on Kubernetes these days, most of the time the application servers are stateless so it is easy to do so because the database behind the application is responsible for storing the state. What if you would also want to run you database on the same Kubernetes stack. Will you use stateful sets? Will you use network attached storage? These types of storage are introducing a lot of disk latency because of the mandatory network hops. This is why in many environments the database servers still are dedicated machines that are treated as pets while the rest of the fleet is more like cattle.

In this session I will speak about how we run our databases on Kubernetes by using the local ephemeral storage to store your data and also how we are confident we will not loose it in the process of doing so!

This session is a presentation of Data4Citizen, the new disruptive Open Data Platform used by Governments to deploy Open Data Portals, powered by AI and LLM This session explians how Data4Citizen can help users to value the public data, anywhere - anytime, through easy-to-use interfaces and AI companions

Data4Citizen provides more than a simple data catalog, with modules and tools to create maps, interactives Dashboards, etc

“Decentralized Trust for People and AI Agents: A Report from Linux Foundation Trust Over IP (ToIP)” dives into how we can give both humans and AI agents durable, portable trust on the open internet. Drummond Reed—co‑author of the Trust Over IP stack and co‑founder of the First Person Project—will explain ToIP’s four‑layer architecture, which pairs a technical stack (DIDs, verifiable credentials, agent protocols) with a governance stack (community‑defined trust frameworks) so that trust isn’t left to ad‑hoc policies or single vendors.
 

Mesh networking solves the problem of connecting machines across locations, but today it is rarely declarative. Homelabs and enterprises alike rely on imperative setup or low-level WireGuard configurations. This talk shows how Nix can be used to declaratively manage mesh networking with NetBird, reducing drift while improving reliability, security, and reproducibility through open source tooling.

API Priority and Fairness (APF) is a core feature in Kubernetes designed to protect the API server from overload and ensure critical requests are processed even during high traffic. It works by classifying, prioritizing, and managing inbound API requests using a flow control mechanism.

Are you tired of reverse engineering poorly written Perl scripts to get that annoying dependency to work on a modern version of Linux?
Does your lab have a RHEL VM named DO_NOT_DELETE_ME.qcow used for one piece of legacy HPC software?
If so, it may be high time to tame your gnarly software stack with Nix. Join me for a discussion on using Nix to package the seemingly unpackageable!

Disappointed by per-minute pricing and the risks of sending HIPAA data to public APIs, StratusTalk decided to build their own AI receptionist. By embedding the agent directly into their Asterisk/FreePBX offering, they gave it the same tools a human receptionist uses: call transfers, intercom, outbound dialing, and more.  In this talk, Jeff will walk you through their design decisions, their Kubernetes-based solution, and show you live demos of it in action.

At the request of a translation company commissioned by the French government under immigration law, we developed a system that can find a translator among the 125 languages offered in less than 5 minutes, involving Asterisk, an AGI server, AMI connection, an IVR, and other tools.

You’re probably familiar with containers and OCI images, and you’ve probably heard of Nix—usually from that somebody who really, really likes it. This talk explains how containerd assembles containers from OCI images, then contrasts that with how Nix builds reproducible artifacts that can be composed into a complete execution environment. With that foundation, we’ll walk through a few practical ways to use Nix-built components as container filesystems in Kubernetes—ranging from assembling a rootfs from a closure to generating OCI images to running Nix-based environments directly in containers. The goal is to give attendees a clear mental model of both systems and the spectrum of techniques that connect them.

Presenting an offline-first IDE that runs on low-end Android phones. It includes the standard toolchain for Java and Kotlin, a Java debugger, full documentation, open-source textbooks, and a curriculum for classrooms and self-learners. The IDE is user-extensible with plugins and it supports on-phone and remote AI assistance, enabling the two billion people who lack a laptop, reliable Internet, or who live under repressive regimes to develop the apps they need.

Robotics teams are often short of cash, and off-the-shelf hardware solutions are expensive. In 2025 I designed and built a printed circuit board meant to control addressable LED strips whilst utilizing the CAN protocol for communication, which we could use on our competition robot, and which other robotics teams could make or have made for use on their own robots. My primary goal was to create a controller that was considerably less expensive than the other available options while retaining many of the same capabilities and being completely open source.

My presentation will act as a Do-It-Yourself guide to developing open source hardware solutions, following the path I took. I will go through the process of identifying a need for a piece of hardware, determining desired capabilities, designing and testing a breadboard prototype, designing and testing an initial design, identifying key areas of improvement, and then redesigning. I will finish by describing the process of writing code for hardware, and open sourcing the hardware solution(s) and code. 

DevOps has a notoriously steep learning curve. Getting started in the field can feel like being dropped in a foreign country without the ability to understand *anything* about the language. 

A language is more than just the syntax and semantic rules of the words themselves. It also encompasses the shared culture of the speakers. With the proliferation of programming languages as well as the deeply held cultural beliefs of the community, it's easy to see that learning DevOps is like trying to learn a foreign language.

I will review five foundational hypotheses from the field of Second Language Acquisition and relate these hypotheses back to the world of DevOps. DevOps practitioners, trainers, tool builders, and learners should all come away with useful insights to apply to their practice. 

It's no secret that VS Code from Microsoft is a popular code editor. It's free, it's loaded with shortcuts and themes, and you can extend it with the vast plugin network. Some of those extensions are written and maintained by Microsoft, and they've created a few that Postgres administrators will want to know about. With these extensions VS Code becomes more than a code editor, it's a comprehensive database management environment.

The official PostgreSQL extension allows you to connect to databases, manage objects, write queries, export data, and more! GitHub Copilot brings AI into your workflow, with Postgres-specific suggestions and integrations. It connects to your database and enables an @pgsql chat partner to bounce ideas off of, and even issue database altering commands if you're truly bold.  Oracle to Azure Schema Conversion is an exciting new extension that will radically cut the time it takes to perform Oracle to Postgres migrations. It's powered by Azure OpenAI to provide intelligent transformation capabilities for complex schema operations. 

Lastly, we'll talk about why these tools matter, and how their introduction signals a broader shift in database tooling. This talk is ideal for PostgreSQL developers and DBAs who want to streamline their workflows, teams evaluating database tooling options, and anyone curious about how AI is transforming database development. Whether you're a VS Code veteran or have never considered it for database work, you'll leave with practical techniques you can apply immediately.

In this talk, we’ll describe a production-grade NLP pipeline that processes millions of pieces of social media content across TikTok, YouTube, and Instagram using Ray and GPU acceleration. Learn how we use Ray's distributed computing model to orchestrate scalable embedding generation, sharded batch writes to Qdrant for vector search, and end-to-end pipeline tracking with Snowflake. We'll also talk about selecting a vector store and how to best evaluate the many options available.

Artificial Intelligence is an overhyped distraction, except for what it can do for you when using MySQL. AI is strong in he pattern matching area, which means it is great with SQL syntax and examining DDL metadata. This session will cover basic prompting, using AI to repair or augment existing queries, and developing new schemas. And you can write queries in English (or French, or German, or Italian) instead of SQL, saving you a lot of time determining which tables need to be joined where. SO, yes, you do need an AI Assistant to get the maximum out of your MySQL instances, and this session will show you how to do it.

“dRAG Race: Benchmarking Open Source Vector Databases” presents the findings of Kwaai’s intern-led Vector DB Performance project, now accepted for publication in the Journal for Big Data and AI. A cross‑functional cohort of data science and engineering interns—guided by a PhD AI‑robotics advisor and program coordinator—designed and ran a rigorous benchmark of seven open source vector databases under realistic RAG workloads, from corpus design and chunking through automated multi‑run experiments and visual analysis.
 

Building systems that respond reliably to specific changes in distributed data is harder than it should be. This session introduces Drasi, a CNCF Sandbox project that simplifies change-driven design by codifying continuous query and reaction patterns. We’ll show how Drasi helps developers declare which data changes matter and automatically trigger the right downstream updates- no polling loops or custom glue code required.

Beyond everyday scenarios like keeping services and dashboards in sync, Drasi also supports AI-driven workloads where fresh data is critical. From updating embeddings to refreshing model inputs, Drasi ensures AI systems stay aligned with the latest state of the world.

You will learn the fundamentals of change-driven architecture, see Drasi in action, and walk away with practical patterns you can apply in your own distributed or AI-powered systems.