28 Jun 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Transparent Chaos Testing with Envoy , Cilium and BPF - Thomas Graf, Isovalent
Chaos testing has become a prerequisite for successful operations by testing chaotic, unexpected situations before they occur in production. Chaos testing is still done manually to a large extent. This talk will demonstrate how to use Envoy in combination with Cilium and BPF to introduce chaos such as service unavailability, latency and random rate limiting into any Kubernetes environment in a completely transparent manner. To achieve this, we will make use of Cilium and BPF to transparent adjust the networking behavior and use Go extensions for Envoy to customize chaos behavior by returning HTTP error codes for specific events, limit request throughput to a trickle and to simulate network segmentation between availability zones.
https://sched.co/MPcG
Join us for KubeCon + CloudNativeCon in San Diego November 18 - 21. Learn more at https://bit.ly/2XTN3ho. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy and all of the other CNCF-hosted projects.
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Transparent Chaos Testing with Envoy , Cilium and BPF - Thomas Graf, Isovalent
Chaos testing has become a prerequisite for successful operations by testing chaotic, unexpected situations before they occur in production. Chaos testing is still done manually to a large extent. This talk will demonstrate how to use Envoy in combination with Cilium and BPF to introduce chaos such as service unavailability, latency and random rate limiting into any Kubernetes environment in a completely transparent manner. To achieve this, we will make use of Cilium and BPF to transparent adjust the networking behavior and use Go extensions for Envoy to customize chaos behavior by returning HTTP error codes for specific events, limit request throughput to a trickle and to simulate network segmentation between availability zones.
https://sched.co/MPcG
Join us for KubeCon + CloudNativeCon in San Diego November 18 - 21. Learn more at https://bit.ly/2XTN3ho. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy and all of the other CNCF-hosted projects.
- 8 participants
- 35 minutes
11 Jun 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Create Visually Compelling Developer Experiences for Kubernetes on VS Code - Ivan Towlson & Ralph Squillace, Microsoft
Great command-line developer tools are widely available for the Kubernetes ecosystem, but fabulous visual developer environments are coming along more slowly, hindering uptake among application developers who are new to container orchestration or who prefer visually rich development environments. This session will show how to build upon the free Kubernetes extension for the open-source Visual Studio Code (VS Code) editor to provide your own custom, developer-oriented experience for use with any kind of Kubernetes cluster. We’ll show how you add to the behaviors and views in the VS Code k8s extension and demonstrate several different extensions built on it, each illustrating a different way to make Kubernetes application development easier, faster, and more effective for an ever-wider array of developers. You’ll leave empowered to create your own new visual experiences for Kubernetes.
https://sched.co/MPXc
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Create Visually Compelling Developer Experiences for Kubernetes on VS Code - Ivan Towlson & Ralph Squillace, Microsoft
Great command-line developer tools are widely available for the Kubernetes ecosystem, but fabulous visual developer environments are coming along more slowly, hindering uptake among application developers who are new to container orchestration or who prefer visually rich development environments. This session will show how to build upon the free Kubernetes extension for the open-source Visual Studio Code (VS Code) editor to provide your own custom, developer-oriented experience for use with any kind of Kubernetes cluster. We’ll show how you add to the behaviors and views in the VS Code k8s extension and demonstrate several different extensions built on it, each illustrating a different way to make Kubernetes application development easier, faster, and more effective for an ever-wider array of developers. You’ll leave empowered to create your own new visual experiences for Kubernetes.
https://sched.co/MPXc
- 3 participants
- 39 minutes
3 Jun 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Rootless, Reproducible, and Hermetic: Secure Container Build Showdown - Andrew Martin, Control Plane
Rootless container image builds (as distinct from rootless runtimes) have crept ever closer with orca-build, BuildKit, and img proving the concept. And they are desperately needed: a build pipeline with an exposed Docker socket can be used by an attacker to escalate privilege - and is probably a backdoor into most Kubernetes-based CI build farms. With a slew of new rootless tooling emerging including Red Hat’s buildah, Google’s Kaniko, and Uber’s Makisu, will we see build systems that can securely build untrusted Dockerfiles? How are traditional build and packaging requirements like reproducibility or hermetic isolation being approached? In this talk we: - Compare the strengths and weaknesses of modern container image build tools - Explore the safety of untrusted image builds - Live demo attacking container build pipelines - Chart the history and future of container image build tooling
https://sched.co/MPYp
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Rootless, Reproducible, and Hermetic: Secure Container Build Showdown - Andrew Martin, Control Plane
Rootless container image builds (as distinct from rootless runtimes) have crept ever closer with orca-build, BuildKit, and img proving the concept. And they are desperately needed: a build pipeline with an exposed Docker socket can be used by an attacker to escalate privilege - and is probably a backdoor into most Kubernetes-based CI build farms. With a slew of new rootless tooling emerging including Red Hat’s buildah, Google’s Kaniko, and Uber’s Makisu, will we see build systems that can securely build untrusted Dockerfiles? How are traditional build and packaging requirements like reproducibility or hermetic isolation being approached? In this talk we: - Compare the strengths and weaknesses of modern container image build tools - Explore the safety of untrusted image builds - Live demo attacking container build pipelines - Chart the history and future of container image build tooling
https://sched.co/MPYp
- 3 participants
- 30 minutes
1 Jun 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
GPU Sharing for Machine Learning Workload on Kubernetes - Henry Zhang & Yang Yu, VMware
Machine learning is becoming more and more popular in the technology world. The community is beginning to leverage Kubernetes to deploy and manage the machine learning workload.
One of the key challenges is to schedule the GPU-intensive workload. The Kubernetes has included GPU support for applications. However, there are some limitations of GPU usage:
1. GPU assignment is exclusive. Containers cannot share GPU resources.
2. A container can request one or more GPUs, but it is not possible to request a fraction of a GPU.
This session introduces how to run workload using the GPU in Kubernetes. In addition, an approach will be demonstrated to use virtual GPU (vGPU) technology to enable multiple pods concurrently accessing the same physical GPU. This approach not only increases the utilization of GPU resources, it also allows more GPU workloads to be scheduled on the same physical GPU.
https://sched.co/MPb0
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
GPU Sharing for Machine Learning Workload on Kubernetes - Henry Zhang & Yang Yu, VMware
Machine learning is becoming more and more popular in the technology world. The community is beginning to leverage Kubernetes to deploy and manage the machine learning workload.
One of the key challenges is to schedule the GPU-intensive workload. The Kubernetes has included GPU support for applications. However, there are some limitations of GPU usage:
1. GPU assignment is exclusive. Containers cannot share GPU resources.
2. A container can request one or more GPUs, but it is not possible to request a fraction of a GPU.
This session introduces how to run workload using the GPU in Kubernetes. In addition, an approach will be demonstrated to use virtual GPU (vGPU) technology to enable multiple pods concurrently accessing the same physical GPU. This approach not only increases the utilization of GPU resources, it also allows more GPU workloads to be scheduled on the same physical GPU.
https://sched.co/MPb0
- 6 participants
- 44 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CLI SIG - Maciej Szulik, Red Hat & Phillip Wittrock, Google
The "deep dive" session will focus on the vision and strategy for the "kubectl" project. There have been multiple efforts to evolve "kubectl" to be more de-coupled and maintainable. We will report the progress of these efforts. We will leave some of the time for Q&A.
https://sched.co/MPiz
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CLI SIG - Maciej Szulik, Red Hat & Phillip Wittrock, Google
The "deep dive" session will focus on the vision and strategy for the "kubectl" project. There have been multiple efforts to evolve "kubectl" to be more de-coupled and maintainable. We will report the progress of these efforts. We will leave some of the time for Q&A.
https://sched.co/MPiz
- 9 participants
- 44 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Helm - Matt Fisher, Microsoft
In this session, we will cover the current status of the Helm project. We will focus on the changes to Helm's architecture in Helm 3, including the new security model, new chart features, and the Helm core libraries. We will also discuss changes that affect the chart ecosystem, including the move to store charts in OCI registries. Finally, we'll discuss how users can start trying out Helm 3 and how to get involved with the project. At the end, there will be an open discussion where Helm maintainers and contributors can come together to discuss issues that benefit from face to face conversations.
https://sched.co/N4kz
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Helm - Matt Fisher, Microsoft
In this session, we will cover the current status of the Helm project. We will focus on the changes to Helm's architecture in Helm 3, including the new security model, new chart features, and the Helm core libraries. We will also discuss changes that affect the chart ecosystem, including the move to store charts in OCI registries. Finally, we'll discuss how users can start trying out Helm 3 and how to get involved with the project. At the end, there will be an open discussion where Helm maintainers and contributors can come together to discuss issues that benefit from face to face conversations.
https://sched.co/N4kz
- 11 participants
- 38 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: CNCF Storage WG - Alex Chircop, StorageOS
The CNCF Storage Working Group and SIG collaborates to explore and understand how different storage technologies are used in cloud-native environments. Topics include block stores, file systems, object stores, key-value stores and databases, amongst others. Different architectural approaches (centralized, distributed, sharded etc) are compared in terms of key attributes like availability, scalability, performance, data consistency, durability, fault tolerance, ease of development and operational complexity. In the intro we'll provide an overview of the work currently underway and on the roadmap. You'll get the meet the people leading these efforts, and find out how best to get involved and contribute. We also welcome any other input you might have related to cloud-native storage. Then we'll dive deeper! We'll present our work thus far, and host detailed discussions around the findings of our recent end-user surveys covering how cloud native storage is approached in the real world, including some representative successes and failures. Our hope is that others can learn from, and expand upon those experiences.
https://sched.co/MPlS
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: CNCF Storage WG - Alex Chircop, StorageOS
The CNCF Storage Working Group and SIG collaborates to explore and understand how different storage technologies are used in cloud-native environments. Topics include block stores, file systems, object stores, key-value stores and databases, amongst others. Different architectural approaches (centralized, distributed, sharded etc) are compared in terms of key attributes like availability, scalability, performance, data consistency, durability, fault tolerance, ease of development and operational complexity. In the intro we'll provide an overview of the work currently underway and on the roadmap. You'll get the meet the people leading these efforts, and find out how best to get involved and contribute. We also welcome any other input you might have related to cloud-native storage. Then we'll dive deeper! We'll present our work thus far, and host detailed discussions around the findings of our recent end-user surveys covering how cloud native storage is approached in the real world, including some representative successes and failures. Our hope is that others can learn from, and expand upon those experiences.
https://sched.co/MPlS
- 4 participants
- 44 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: End User Awards - Cheryl Hung, Director of Ecosystem, CNCF
https://sched.co/NGIk
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: End User Awards - Cheryl Hung, Director of Ecosystem, CNCF
https://sched.co/NGIk
- 2 participants
- 9 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Laying the Foundation: Real World Kubernetes Deployment Patterns - Josh Rosso & Craig Tracey, VMware
Enterprise deployments often find themselves gridlocked in debates concerning the "correct" approach for deploying Kubernetes. Should we use immutable images or a complex configuration management solution? What about leveraging one of the managed service offerings? Or even one of the opinionated open source projects? The possibilities are endless but can also be dizzying. In this talk, Josh and Craig provide an overview of both the successful (and sometimes not so successful) deployment patterns they have encountered across dozens of production Kubernetes users in nearly every industry vertical. They will identify the critical decision making processes that will enable "Day 2" operations, empower stakeholders, and ultimately yield successful Kubernetes outcomes.
https://sched.co/MPYg
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Laying the Foundation: Real World Kubernetes Deployment Patterns - Josh Rosso & Craig Tracey, VMware
Enterprise deployments often find themselves gridlocked in debates concerning the "correct" approach for deploying Kubernetes. Should we use immutable images or a complex configuration management solution? What about leveraging one of the managed service offerings? Or even one of the opinionated open source projects? The possibilities are endless but can also be dizzying. In this talk, Josh and Craig provide an overview of both the successful (and sometimes not so successful) deployment patterns they have encountered across dozens of production Kubernetes users in nearly every industry vertical. They will identify the critical decision making processes that will enable "Day 2" operations, empower stakeholders, and ultimately yield successful Kubernetes outcomes.
https://sched.co/MPYg
- 2 participants
- 32 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Managing Machine Learning in Production with Kubeflow and DevOps - David Aronchick, Microsoft
Kubeflow has helped bring machine learning to Kubernetes, but there’s still a significant gap relative to how to productize these workloads. While DevOps and GitOps have made huge traction in recent years, many customers struggle to apply these practices to ML workloads.
This talk will focus on ways to effectively infuse AI into production-grade applications through establishing practices around model reproducibility, validation, versioning/tracking, and safe/compliant deployment.
We will demonstrate how to run an E2E machine learning system using nothing more than Git. This will integrate DevOps, data and ML pipelines together, and show how to use multiple workload orchestrators together.
While the examples will be run using Azure Pipelines and Kubeflow, we will also show how to extend these platforms to any orchestration tool.
https://sched.co/MPar
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Managing Machine Learning in Production with Kubeflow and DevOps - David Aronchick, Microsoft
Kubeflow has helped bring machine learning to Kubernetes, but there’s still a significant gap relative to how to productize these workloads. While DevOps and GitOps have made huge traction in recent years, many customers struggle to apply these practices to ML workloads.
This talk will focus on ways to effectively infuse AI into production-grade applications through establishing practices around model reproducibility, validation, versioning/tracking, and safe/compliant deployment.
We will demonstrate how to run an E2E machine learning system using nothing more than Git. This will integrate DevOps, data and ML pipelines together, and show how to use multiple workload orchestrators together.
While the examples will be run using Azure Pipelines and Kubeflow, we will also show how to extend these platforms to any orchestration tool.
https://sched.co/MPar
- 4 participants
- 34 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Microservices for the Masses – Integrating a Distributed OS with Kubernetes - Quinton Hoole, Futurewei & Irene Zhang, Microsoft Research & University of Washington
We discuss our experiences integrating an open source distributed operating system (Amino) with Kubernetes to make reliable distributed microservices much easier to write. Writing reliable distributed microservices is notoriously difficult, even with Kubernetes help. In the absence of a coherent and cohesive set of standard open source distributed computing primitives available across all programming languages, things get really hard. We take for granted standard primitives provided by Linux like file systems, virtual memory, threads, network sockets, and locks. Without them, modern application development would be almost impossible. Yet distributed systems require different primitives for things like consistent replication, sharding, distributed shared memory, load balancing, failure handling, and auto-scaling. What should these primitives look like, and how do they work?
https://sched.co/MPXr
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Microservices for the Masses – Integrating a Distributed OS with Kubernetes - Quinton Hoole, Futurewei & Irene Zhang, Microsoft Research & University of Washington
We discuss our experiences integrating an open source distributed operating system (Amino) with Kubernetes to make reliable distributed microservices much easier to write. Writing reliable distributed microservices is notoriously difficult, even with Kubernetes help. In the absence of a coherent and cohesive set of standard open source distributed computing primitives available across all programming languages, things get really hard. We take for granted standard primitives provided by Linux like file systems, virtual memory, threads, network sockets, and locks. Without them, modern application development would be almost impossible. Yet distributed systems require different primitives for things like consistent replication, sharding, distributed shared memory, load balancing, failure handling, and auto-scaling. What should these primitives look like, and how do they work?
https://sched.co/MPXr
- 4 participants
- 45 minutes
31 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Metrics that Matter: How to Forge More Diverse, Inclusive Communities
While it is well-recognized that diversity and inclusion are key to healthy open source communities, numbers lag and the ability to foster inclusive environments remains challenging. The CHAOSS Project’s Diversity & Inclusion Workgroup is focused on establishing a set of peer-validated, research-informed standards and best practices to measure, and in turn, increase, diversity and inclusion across open source communities. Join us for an interactive session to learn about our work to date and the progress we’ve made in areas such as creating a set of community-curated metrics to track diversity. Hear how projects like Kubernetes handle community recognition, mentorship and inclusive leadership. Just as important, help us shape our work. Let’s work together to make our collective cloud native communities more welcoming, broader, and heterogeneous.
https://sched.co/MPZe
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Metrics that Matter: How to Forge More Diverse, Inclusive Communities
While it is well-recognized that diversity and inclusion are key to healthy open source communities, numbers lag and the ability to foster inclusive environments remains challenging. The CHAOSS Project’s Diversity & Inclusion Workgroup is focused on establishing a set of peer-validated, research-informed standards and best practices to measure, and in turn, increase, diversity and inclusion across open source communities. Join us for an interactive session to learn about our work to date and the progress we’ve made in areas such as creating a set of community-curated metrics to track diversity. Hear how projects like Kubernetes handle community recognition, mentorship and inclusive leadership. Just as important, help us shape our work. Let’s work together to make our collective cloud native communities more welcoming, broader, and heterogeneous.
https://sched.co/MPZe
- 8 participants
- 36 minutes
30 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
2 Years of TGIKubernetes - Joe Beda, VMware
2 years ago Joe Beda tweeted about a Friday afternoon “Hacking on Kubernetes with Joe”. The overall interest was overwhelming. Fast forward 2 years we have over 60 episodes of TGIK8s starring Joe from Heptio. The sessions serve as an archive of Kubernetes and cloud native knowledge that we share with the broader open source community. What started out as a fun carefree afternoon with Joe, later turned into one of the most prized cloud native resources on the internet. Join us as we talk about the lessons we learned, and talk about the struggle to get to wear we are today.
We learn about how Kubernetes empowers engineers to “test drive” open source software at faster iteration cycles than ever before. With TGIK8s we have inadvertently discovered that sharing technology can cost an organization less in resources than encouraging independent evaluation of tooling.
https://sched.co/MPZq
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
2 Years of TGIKubernetes - Joe Beda, VMware
2 years ago Joe Beda tweeted about a Friday afternoon “Hacking on Kubernetes with Joe”. The overall interest was overwhelming. Fast forward 2 years we have over 60 episodes of TGIK8s starring Joe from Heptio. The sessions serve as an archive of Kubernetes and cloud native knowledge that we share with the broader open source community. What started out as a fun carefree afternoon with Joe, later turned into one of the most prized cloud native resources on the internet. Join us as we talk about the lessons we learned, and talk about the struggle to get to wear we are today.
We learn about how Kubernetes empowers engineers to “test drive” open source software at faster iteration cycles than ever before. With TGIK8s we have inadvertently discovered that sharing technology can cost an organization less in resources than encouraging independent evaluation of tooling.
https://sched.co/MPZq
- 3 participants
- 37 minutes
30 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes + Encrypted Memory = Security * Privacy - Harshal Patil & Pradipta Banerjee, IBM
The Memory Encryption on hardware is coming soon. From Intel's TME/MKTME[1] to IBM's Ultravisor[2], hardware manufacturers are aiming to make sure 'what's written by the process stays within the process'. Once the hardware is out, it will change the way we perceive the security and privacy in the cloud. In this talk, we will discuss briefly on the upcoming memory encryption technologies and how we modified kata container runtime to handle kubernetes' Ephemeral Volumes (aka, EmptyDir volumes) to keep your data and application protected from the container image registry (encrypted at rest) to runtime (protected by memory encryption). For the demonstration, we run a container image with the encrypted TensorFlow model using kubernetes such that even the root user on the worker node won’t be able to read the model parameters. [1] https://goo.gl/Xt3MJf [2] https://goo.gl/X2A5yx
https://sched.co/MPdQ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes + Encrypted Memory = Security * Privacy - Harshal Patil & Pradipta Banerjee, IBM
The Memory Encryption on hardware is coming soon. From Intel's TME/MKTME[1] to IBM's Ultravisor[2], hardware manufacturers are aiming to make sure 'what's written by the process stays within the process'. Once the hardware is out, it will change the way we perceive the security and privacy in the cloud. In this talk, we will discuss briefly on the upcoming memory encryption technologies and how we modified kata container runtime to handle kubernetes' Ephemeral Volumes (aka, EmptyDir volumes) to keep your data and application protected from the container image registry (encrypted at rest) to runtime (protected by memory encryption). For the demonstration, we run a container image with the encrypted TensorFlow model using kubernetes such that even the root user on the worker node won’t be able to read the model parameters. [1] https://goo.gl/Xt3MJf [2] https://goo.gl/X2A5yx
https://sched.co/MPdQ
- 2 participants
- 23 minutes
27 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Leveraging Cloud Native Technology to Transform Your Enterprise - Cheryl Hung, CNCF; Brad Topol, IBM; Ken Owens, Mastercard; & Jeff Brewer, Intuit
Cloud Native Technologies are experiencing dramatic growth and achieving widespread support as the de facto standard platform across a variety of industries. Kubernetes, containers, and related cloud-native technologies and tools have the potential to dramatically transform the enterprise. From enabling enterprises to modernize legacy applications, to automated DevOps release pipelines, to automated failure recovery and improved testing methodologies, the list of innovative development and operational practices emerging based on cloud native technologies is amazing and a tremendous opportunity for enterprises. This panel will bring together stakeholders from enterprise IT & open src cloud vendors to discuss how the various facets of cloud native technologies can dramatically transform the enterprise. Panelists will discuss the key innovations that are emerging from cloud native technologies to drive more efficient development and improved standardized operational practices to accelerate the digital transformation and modernization of the enterprise.
https://sched.co/Mnlb
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Leveraging Cloud Native Technology to Transform Your Enterprise - Cheryl Hung, CNCF; Brad Topol, IBM; Ken Owens, Mastercard; & Jeff Brewer, Intuit
Cloud Native Technologies are experiencing dramatic growth and achieving widespread support as the de facto standard platform across a variety of industries. Kubernetes, containers, and related cloud-native technologies and tools have the potential to dramatically transform the enterprise. From enabling enterprises to modernize legacy applications, to automated DevOps release pipelines, to automated failure recovery and improved testing methodologies, the list of innovative development and operational practices emerging based on cloud native technologies is amazing and a tremendous opportunity for enterprises. This panel will bring together stakeholders from enterprise IT & open src cloud vendors to discuss how the various facets of cloud native technologies can dramatically transform the enterprise. Panelists will discuss the key innovations that are emerging from cloud native technologies to drive more efficient development and improved standardized operational practices to accelerate the digital transformation and modernization of the enterprise.
https://sched.co/Mnlb
- 6 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
5 Simple Steps To Simplifying Your Compliance Journey With a Service Mesh – Granville Schmidt, Aspen Mesh
Building distributed systems is hard. Building distributed systems that are secure and compliant is even harder. A service mesh such as Istio can help solve engineering problems you’ll face when securing your services and complying with requirements found in GDPR, HIPAA, PCI-DSS and other standards and regulations. In this presentation, Granville will focus specifically on the security and compliance challenges that developers, operators and leaders face when building distributed systems in highly regulated industries; and show how to effectively leverage Istio to address them.
https://sched.co/MPey
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
5 Simple Steps To Simplifying Your Compliance Journey With a Service Mesh – Granville Schmidt, Aspen Mesh
Building distributed systems is hard. Building distributed systems that are secure and compliant is even harder. A service mesh such as Istio can help solve engineering problems you’ll face when securing your services and complying with requirements found in GDPR, HIPAA, PCI-DSS and other standards and regulations. In this presentation, Granville will focus specifically on the security and compliance challenges that developers, operators and leaders face when building distributed systems in highly regulated industries; and show how to effectively leverage Istio to address them.
https://sched.co/MPey
- 2 participants
- 27 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
A Tale of Two Worlds: Canary-Testing for Both ML Models and Microservices - Jörg Schad, ArangoDB & Vincent Lesierse, Vamp.io
With the rapid and recent rise of data science, organizations are leveraging Cloud Native tools, especially Kubeflow for Data Science. One of the big challenges is how to deploy models in productions using similar practices like A/B testing and Canary-releasing which have proven successful for microservices. How to easily test and update your data models to production without impacting users? These are typical challenges a data-scientist will encounter when self-deploying and -managing the lifecycle of data models in production. In this talk Vincent Lesierse and Jörg Schad are going to show how experiences learned from releasing Microservices on Kubernetes can be applied to the world of ML Models, and where the deployment and lifecycle management of these ML Models differs from Microservices.
https://sched.co/MPau
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
A Tale of Two Worlds: Canary-Testing for Both ML Models and Microservices - Jörg Schad, ArangoDB & Vincent Lesierse, Vamp.io
With the rapid and recent rise of data science, organizations are leveraging Cloud Native tools, especially Kubeflow for Data Science. One of the big challenges is how to deploy models in productions using similar practices like A/B testing and Canary-releasing which have proven successful for microservices. How to easily test and update your data models to production without impacting users? These are typical challenges a data-scientist will encounter when self-deploying and -managing the lifecycle of data models in production. In this talk Vincent Lesierse and Jörg Schad are going to show how experiences learned from releasing Microservices on Kubernetes can be applied to the world of ML Models, and where the deployment and lifecycle management of these ML Models differs from Microservices.
https://sched.co/MPau
- 3 participants
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Autoscaling Multi-Cluster Observability with Thanos and Linkerd - Andrew Seigner, Buoyant & Frederic Branczyk, Red Hat
Uniform observability across polyglot applications can be challenging, even more so across multiple clusters. In this talk, Andrew Seigner from the Linkerd team and Frederic Branczyk from the Prometheus team will demonstrate adding observability to applications across multiple Kubernetes clusters with zero code changes, and then autoscaling Thanos to enable observability across all clusters in one unified view. They'll outline how Linkerd uses Prometheus to provide zero-config observability for applications running in Kubernetes, and how Thanos enables observability to scale across any number of Prometheus instances.
https://sched.co/MPbU
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Autoscaling Multi-Cluster Observability with Thanos and Linkerd - Andrew Seigner, Buoyant & Frederic Branczyk, Red Hat
Uniform observability across polyglot applications can be challenging, even more so across multiple clusters. In this talk, Andrew Seigner from the Linkerd team and Frederic Branczyk from the Prometheus team will demonstrate adding observability to applications across multiple Kubernetes clusters with zero code changes, and then autoscaling Thanos to enable observability across all clusters in one unified view. They'll outline how Linkerd uses Prometheus to provide zero-config observability for applications running in Kubernetes, and how Thanos enables observability to scale across any number of Prometheus instances.
https://sched.co/MPbU
- 7 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building a Controller Manager for Your Cloud Platform - Fabio Rapposelli, VMware & Chris Hoge, Openstack Foundation
The Cloud Controller Manager (CCM) concept was created to allow cloud specific vendor code and the Kubernetes core to evolve independent of one another, with Kubernetes v1.11, CCM has graduated to Beta and in upcoming releases, it will be the preferred way to integrate Kubernetes with any cloud. This talk will expand on the CCM documentation available online and explore in detail how a Cloud Controller Manager is built, what are the testing strategies and how it can be deployed alongside Kubernetes.
https://sched.co/MPdH
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building a Controller Manager for Your Cloud Platform - Fabio Rapposelli, VMware & Chris Hoge, Openstack Foundation
The Cloud Controller Manager (CCM) concept was created to allow cloud specific vendor code and the Kubernetes core to evolve independent of one another, with Kubernetes v1.11, CCM has graduated to Beta and in upcoming releases, it will be the preferred way to integrate Kubernetes with any cloud. This talk will expand on the CCM documentation available online and explore in detail how a Cloud Controller Manager is built, what are the testing strategies and how it can be deployed alongside Kubernetes.
https://sched.co/MPdH
- 5 participants
- 35 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building and Maintaining a Client Library - Stories From the Trenches - Jussi Nummelin, Kontena Inc.
As Kubernetes is a pretty complex system, so is the (REST) API of it. On the first look things feel pretty simple, you authenticate with a token or SSL client certificate and POST few resources to the correct API endpoint. How hard can that be? As we’ve been developing our own Kubernetes distribution and some additional tooling for Kubernetes, we’ve also build a new client library for the API in Ruby, k8s-client (https://github.com/kontena/k8s-client). While building and maintaining the client library we've stumbled on few, well, odd things on the API and faced some technical challenges also. In this session we'll go through some the most interesting findings and how we've tackled them. These topics include for example the complexity of merge-patching resources, empty vs. null vs. non-existing values, PUT vs. PATCH and API compatibility.
https://sched.co/MPXW
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building and Maintaining a Client Library - Stories From the Trenches - Jussi Nummelin, Kontena Inc.
As Kubernetes is a pretty complex system, so is the (REST) API of it. On the first look things feel pretty simple, you authenticate with a token or SSL client certificate and POST few resources to the correct API endpoint. How hard can that be? As we’ve been developing our own Kubernetes distribution and some additional tooling for Kubernetes, we’ve also build a new client library for the API in Ruby, k8s-client (https://github.com/kontena/k8s-client). While building and maintaining the client library we've stumbled on few, well, odd things on the API and faced some technical challenges also. In this session we'll go through some the most interesting findings and how we've tackled them. These topics include for example the complexity of merge-patching resources, empty vs. null vs. non-existing values, PUT vs. PATCH and API compatibility.
https://sched.co/MPXW
- 6 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Chaos Debugging: Finding and Fixing Microservice Weak Points - Idit Levine & Mitch Kelley, Solo.io
Distributed microservices introduce new challenges: failure modes are harder to anticipate and resolve. In this session, we present a “Chaos Debugging” framework enabled by three open source projects: Gloo Shot, Squash, and Loop to help you increase your microservices’ “immunity” to issues. Gloo Shot integrates with any service mesh to implement advanced, realistic chaos experiments. Squash connects powerful and mature debuggers (gdb, dlv, java debugging) to your microservices while they run in Kubernetes. Loop extends the capability of your service mesh to observe your application and record full transactions for sandboxed replay and debugging. Come to this demo-heavy talk to see how together, Squash, Gloo Shot, and Loop allow you to trigger, replay, and investigate failure modes of your microservices in a language agnostic and efficient manner without requiring any changes to your code.
https://sched.co/MPXi
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Chaos Debugging: Finding and Fixing Microservice Weak Points - Idit Levine & Mitch Kelley, Solo.io
Distributed microservices introduce new challenges: failure modes are harder to anticipate and resolve. In this session, we present a “Chaos Debugging” framework enabled by three open source projects: Gloo Shot, Squash, and Loop to help you increase your microservices’ “immunity” to issues. Gloo Shot integrates with any service mesh to implement advanced, realistic chaos experiments. Squash connects powerful and mature debuggers (gdb, dlv, java debugging) to your microservices while they run in Kubernetes. Loop extends the capability of your service mesh to observe your application and record full transactions for sandboxed replay and debugging. Come to this demo-heavy talk to see how together, Squash, Gloo Shot, and Loop allow you to trigger, replay, and investigate failure modes of your microservices in a language agnostic and efficient manner without requiring any changes to your code.
https://sched.co/MPXi
- 3 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Cross-Cluster Calls Made Easy with Istio 1.1 - Matt Turner, Tetrate
Despite the now-common practice of spinning up multiple clusters across multiple regions, cross-cluster communication between the services running in them is still a huge issue. We rarely bother, or when we do, it’s hard-coded at the application level. Holes are punched in our ingress. Traffic traverses the open internet with hand-crafted addresses, no observability, and one-way TLS. Istio already helps communication within a cluster: adding layer 7 routing, automatic security and more. The new version 1.1 can now do that between clusters. This talk will guide you through using Istio’s latest features to easily setup secure, resilient, cross-cluster communication. Matt will talk through the required config before showing a demo of an app seamlessly spanning Kubernetes clusters. The full config will be made available so you can head straight home and give it a go on your own systems!
https://sched.co/MPfb
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Cross-Cluster Calls Made Easy with Istio 1.1 - Matt Turner, Tetrate
Despite the now-common practice of spinning up multiple clusters across multiple regions, cross-cluster communication between the services running in them is still a huge issue. We rarely bother, or when we do, it’s hard-coded at the application level. Holes are punched in our ingress. Traffic traverses the open internet with hand-crafted addresses, no observability, and one-way TLS. Istio already helps communication within a cluster: adding layer 7 routing, automatic security and more. The new version 1.1 can now do that between clusters. This talk will guide you through using Istio’s latest features to easily setup secure, resilient, cross-cluster communication. Matt will talk through the required config before showing a demo of an app seamlessly spanning Kubernetes clusters. The full config will be made available so you can head straight home and give it a go on your own systems!
https://sched.co/MPfb
- 1 participant
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security
See how to use kube-hunter to run penetration tests on your Kubernetes clusters, and reveal misconfigurations that might leave you open to attack! Kube-hunter is an open source tool that simulates what a hacker might do when trying to attack a deployment. We’ll discuss the motivations behind the project, and some interesting aspects of how it is implemented. There will be plenty of demos, including: - Testing for the basics, like an unsecured Kubelet API - Simulating an attack from within a compromised container - Re-using credentials from a compromised container You'll need a basic understanding of Kubernetes components, and with using curl to issue API requests. You’ll leave this talk ready to test your own cluster, and with new insights into the possible routes that an attacker might attempt. Perhaps you’ll even be inspired to submit a new Hunter to the project!
https://sched.co/MPdo
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
DIY Pen-Testing for Your Kubernetes Cluster - Liz Rice, Aqua Security
See how to use kube-hunter to run penetration tests on your Kubernetes clusters, and reveal misconfigurations that might leave you open to attack! Kube-hunter is an open source tool that simulates what a hacker might do when trying to attack a deployment. We’ll discuss the motivations behind the project, and some interesting aspects of how it is implemented. There will be plenty of demos, including: - Testing for the basics, like an unsecured Kubelet API - Simulating an attack from within a compromised container - Re-using credentials from a compromised container You'll need a basic understanding of Kubernetes components, and with using curl to issue API requests. You’ll leave this talk ready to test your own cluster, and with new insights into the possible routes that an attacker might attempt. Perhaps you’ll even be inspired to submit a new Hunter to the project!
https://sched.co/MPdo
- 5 participants
- 30 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Databases on Kubernetes Using a Custom Operator: Day 1, Day 2, and Beyond - Johannes Unterstein, Neo4j
We started the journey of building a managed cloud version of the graph database Neo4j. A bit later we started developing an operator to manage multiple database clusters in k8s. Handling persistence and Neo4j's own distributed consensus algorithm within k8s gave us a challenge. In this session we want to share the lessons we learned writing this operator and using it in production. We will start with how to get started using the k8s controller tooling to create an operator to manage a CRD. We go beyond the "day 1" tasks of creating and deleting databases and discuss how we meet "day 2" concerns such as: - Unit testing our operator using k8s fakes. - Continuously deploying an operator into a GKE cluster. - Automatic rolling updates of Neo4j databases with zero downtime and fault tolerance. - Database administration (backup, restore, password resets etc.) via an operator.
https://sched.co/MPYU
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Databases on Kubernetes Using a Custom Operator: Day 1, Day 2, and Beyond - Johannes Unterstein, Neo4j
We started the journey of building a managed cloud version of the graph database Neo4j. A bit later we started developing an operator to manage multiple database clusters in k8s. Handling persistence and Neo4j's own distributed consensus algorithm within k8s gave us a challenge. In this session we want to share the lessons we learned writing this operator and using it in production. We will start with how to get started using the k8s controller tooling to create an operator to manage a CRD. We go beyond the "day 1" tasks of creating and deleting databases and discuss how we meet "day 2" concerns such as: - Unit testing our operator using k8s fakes. - Continuously deploying an operator into a GKE cluster. - Automatic rolling updates of Neo4j databases with zero downtime and fault tolerance. - Database administration (backup, restore, password resets etc.) via an operator.
https://sched.co/MPYU
- 6 participants
- 41 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Dealing with the Pesky Path Parameter Problem: Service Profiles - Alex Leong, Buoyant
For platform owners and developers to truly grok their service behaviors in Kubernetes, they must understand their services in terms of actual request and responses by HTTP path. Unfortunately, a nearly unlimited number of unique potential paths tends to overwhelm time series capture, making it difficult to get a clear picture of service behaviors. In this talk I’ll introduce the concept of the Service Profile, a custom Kubernetes resource used by Linkerd. The service profile lets operators define permitted routes for the service with regular expressions, which allows Prometheus to scrape and aggregate service behaviors in a manageable way. It also allows operators to set detailed service behavior rules such as retries and timeouts that can be easily reproduced and monitored.
https://sched.co/MPfP
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Dealing with the Pesky Path Parameter Problem: Service Profiles - Alex Leong, Buoyant
For platform owners and developers to truly grok their service behaviors in Kubernetes, they must understand their services in terms of actual request and responses by HTTP path. Unfortunately, a nearly unlimited number of unique potential paths tends to overwhelm time series capture, making it difficult to get a clear picture of service behaviors. In this talk I’ll introduce the concept of the Service Profile, a custom Kubernetes resource used by Linkerd. The service profile lets operators define permitted routes for the service with regular expressions, which allows Prometheus to scrape and aggregate service behaviors in a manageable way. It also allows operators to set detailed service behavior rules such as retries and timeouts that can be easily reproduced and monitored.
https://sched.co/MPfP
- 2 participants
- 24 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: API Machinery SIG - David Eads, Red Hat & Daniel Smith, Google
This Deep Dives will cover the recent developments of Sig API Machinery. Sig API Machinery covers API registration and discovery, admission control, storage migration, conversion, defaulting, OpenAPI, CustomResourceDefinition, garbage collection, quota, and client libraries. We will have the chance to dive into the topics and to answer technical questions around them. One main theme will be server side apply which is supposed to ship as as alpha in 1.14. This will have a big impact on the ecosystem and therefore we want to take this deep dive as chance to reach developers who will have to adapt their operator logic to work well as an apply actor.
https://sched.co/MPkO
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: API Machinery SIG - David Eads, Red Hat & Daniel Smith, Google
This Deep Dives will cover the recent developments of Sig API Machinery. Sig API Machinery covers API registration and discovery, admission control, storage migration, conversion, defaulting, OpenAPI, CustomResourceDefinition, garbage collection, quota, and client libraries. We will have the chance to dive into the topics and to answer technical questions around them. One main theme will be server side apply which is supposed to ship as as alpha in 1.14. This will have a big impact on the ecosystem and therefore we want to take this deep dive as chance to reach developers who will have to adapt their operator logic to work well as an apply actor.
https://sched.co/MPkO
- 6 participants
- 38 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Auth SIG - Mo Khan & Matt Rogers, Red Hat
We present a thorough walkthrough of the Kubernetes authentication and authorization codebase, where we will cover interface contracts and give specific examples of how they are implemented in Kubernetes. The audience will also be given a high level overview of the request processing pipeline. The generic nature of these interfaces will be explored along with a look into areas where Kubernetes has a strong opinion on the implementation specifics such as service accounts and the node authorizer. As a case study, the OpenShift auth stack will be discussed. OpenShift’s use of OAuth for authentication and role based access control for authorization will lead into discussions around token delegation, auditing, access controlled resource lists, etc.
https://sched.co/MXvp
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Auth SIG - Mo Khan & Matt Rogers, Red Hat
We present a thorough walkthrough of the Kubernetes authentication and authorization codebase, where we will cover interface contracts and give specific examples of how they are implemented in Kubernetes. The audience will also be given a high level overview of the request processing pipeline. The generic nature of these interfaces will be explored along with a look into areas where Kubernetes has a strong opinion on the implementation specifics such as service accounts and the node authorizer. As a case study, the OpenShift auth stack will be discussed. OpenShift’s use of OAuth for authentication and role based access control for authorization will lead into discussions around token delegation, auditing, access controlled resource lists, etc.
https://sched.co/MXvp
- 5 participants
- 39 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Azure SIG - Stephen Augustus, VMware & Lachlan Evenson
In the SIG Azure Deep Dive, we’re going to tell you all about why SIG Azure exists and the team behind managing it. From there, we’ll talk about what’s happened over the last few releases, Kubernetes 1.14 and Kubernetes 1.15, as well as some of what’s planned for Kubernetes 1.16. Additionally, we’ll cover considerations for successful deployments of Kubernetes on Azure. Afterwards, we’ll have a demo of provisioning Kubernetes on Azure, leveraging Cluster API for Azure, and discuss a little bit about why Cluster API is important to the ecosystem. Finally, and most importantly, we’ll talk all about some of the best ways to get involved with SIG Azure and all of the forums that we’re communicating on!
https://sched.co/MPiw
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Azure SIG - Stephen Augustus, VMware & Lachlan Evenson
In the SIG Azure Deep Dive, we’re going to tell you all about why SIG Azure exists and the team behind managing it. From there, we’ll talk about what’s happened over the last few releases, Kubernetes 1.14 and Kubernetes 1.15, as well as some of what’s planned for Kubernetes 1.16. Additionally, we’ll cover considerations for successful deployments of Kubernetes on Azure. Afterwards, we’ll have a demo of provisioning Kubernetes on Azure, leveraging Cluster API for Azure, and discuss a little bit about why Cluster API is important to the ecosystem. Finally, and most importantly, we’ll talk all about some of the best ways to get involved with SIG Azure and all of the forums that we’re communicating on!
https://sched.co/MPiw
- 7 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Brigade - Radu Matei, Microsoft
In this session, we will explore the Brigade architecture, and how it is built to chain together containers and share data between them. We will deep dive on how external events are routed and transformed into jobs, and how Brigade uses JavaScript for more complex scripting and error handling, and differentiate itself to enable scenarios that are extremely difficult to achieve in a purely declarative framework. In the end, we will take a look at how to build custom event gateways, and have a look at the future roadmap.
https://sched.co/N7N9
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Brigade - Radu Matei, Microsoft
In this session, we will explore the Brigade architecture, and how it is built to chain together containers and share data between them. We will deep dive on how external events are routed and transformed into jobs, and how Brigade uses JavaScript for more complex scripting and error handling, and differentiate itself to enable scenarios that are extremely difficult to achieve in a purely declarative framework. In the end, we will take a look at how to build custom event gateways, and have a look at the future roadmap.
https://sched.co/N7N9
- 6 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cluster Lifecycle SIG (Cluster API) - Jason DeTiberus, VMware & Hardik Dodiya, SAP
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. In this deep dive, we will examine how the Cluster API simplifies the cluster management experience for cluster operators by enabling consistent machine management across environments, and bringing declarative upgrades to Kubernetes clusters.
https://sched.co/MPkR
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cluster Lifecycle SIG (Cluster API) - Jason DeTiberus, VMware & Hardik Dodiya, SAP
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. In this deep dive, we will examine how the Cluster API simplifies the cluster management experience for cluster operators by enabling consistent machine management across environments, and bringing declarative upgrades to Kubernetes clusters.
https://sched.co/MPkR
- 8 participants
- 42 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Envoy - Lizan Zhou, Tetrate
Envoy is a high-performance proxy in the cloud-native landscape designed to be extensible at its core. There are several possible “extension points” in Envoy as outlined in https://github.com/envoyproxy/envoy/tree/master/source/extensions. However, the currently available approaches to extend it is rather limited. Since Envoy is written in C++, the primary way to introduce new extended functionality in Envoy is by writing an extension (e.g. filters, either network or HTTP filter, as one of the most relevant use-cases in Envoy), in C++. It is possible to write an extension for Envoy using Lua (https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/lua_filter.html), but the current scope of this extension is only for HTTP traffic.
https://sched.co/MPjQ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Envoy - Lizan Zhou, Tetrate
Envoy is a high-performance proxy in the cloud-native landscape designed to be extensible at its core. There are several possible “extension points” in Envoy as outlined in https://github.com/envoyproxy/envoy/tree/master/source/extensions. However, the currently available approaches to extend it is rather limited. Since Envoy is written in C++, the primary way to introduce new extended functionality in Envoy is by writing an extension (e.g. filters, either network or HTTP filter, as one of the most relevant use-cases in Envoy), in C++. It is possible to write an extension for Envoy using Lua (https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/lua_filter.html), but the current scope of this extension is only for HTTP traffic.
https://sched.co/MPjQ
- 7 participants
- 21 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: KubeEdge - Cindy Xing, Futurewei
IOT/Edge computing has been the buzz word for couple of years now. With the industry evolving, there are a few potential solutions and architectures available. Being one of the reference architecture, KubeEdge is accepted as a CNCF sandbox project recently. In this talk, Cindy Xing and Zefeng Wang from Huawei will deep dive details of KubeEdge architecture and design. Based on real life use cases, a few demos will be implemented to help community understand better of KubeEdge. The future roadmap and current pain points will also be shared.
https://sched.co/PlxP
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: KubeEdge - Cindy Xing, Futurewei
IOT/Edge computing has been the buzz word for couple of years now. With the industry evolving, there are a few potential solutions and architectures available. Being one of the reference architecture, KubeEdge is accepted as a CNCF sandbox project recently. In this talk, Cindy Xing and Zefeng Wang from Huawei will deep dive details of KubeEdge architecture and design. Based on real life use cases, a few demos will be implemented to help community understand better of KubeEdge. The future roadmap and current pain points will also be shared.
https://sched.co/PlxP
- 2 participants
- 40 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (UI) SIG - Jeffrey Sica, University of Michigan & Sebastian Floreks, Loodse
The Kubernetes Dashboard is the primary way non-cloud-hosted Kubernetes clusters are managed and is a great introductory tool in a new cluster-admin's belt. The Dashboard, much like Kubernetes itself, is a complex beast with many moving parts. With a front-end written in Angular, and a back-end written in go, the project has a complex set of needs to support development. This session will dive into both the front-end and back-end development with the Dashboard as well as outline progress with the 2019 SIG-UI Roadmap.
https://sched.co/MPkX
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (UI) SIG - Jeffrey Sica, University of Michigan & Sebastian Floreks, Loodse
The Kubernetes Dashboard is the primary way non-cloud-hosted Kubernetes clusters are managed and is a great introductory tool in a new cluster-admin's belt. The Dashboard, much like Kubernetes itself, is a complex beast with many moving parts. With a front-end written in Angular, and a back-end written in go, the project has a complex set of needs to support development. This session will dive into both the front-end and back-end development with the Dashboard as well as outline progress with the 2019 SIG-UI Roadmap.
https://sched.co/MPkX
- 4 participants
- 26 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes/Kubespray (Cluster Lifecycle) SIG - Antoine Legrand, Kubespray & Matthew Mosesohn, Progmatic Lab
Kubespray is one of the most versatile kubernetes-cluster manager and benefits of an extensive and active community. Kubespray main focus is to deploy and manage production kubernetes clusters on bare metal and on all major cloud platforms. The deep-dive session will focus on making decisions with the community and opening discussions for the future of the project, the roadmap, the organization, and how to contribute and help contributors more effectively.
https://sched.co/MPka
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes/Kubespray (Cluster Lifecycle) SIG - Antoine Legrand, Kubespray & Matthew Mosesohn, Progmatic Lab
Kubespray is one of the most versatile kubernetes-cluster manager and benefits of an extensive and active community. Kubespray main focus is to deploy and manage production kubernetes clusters on bare metal and on all major cloud platforms. The deep-dive session will focus on making decisions with the community and opening discussions for the future of the project, the roadmap, the organization, and how to contribute and help contributors more effectively.
https://sched.co/MPka
- 9 participants
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Linkerd - Oliver Gould, Buoyant
In this session, Oliver Gould, will focus on lessons learned, how to's, and what the future of Linkerd holds.
https://sched.co/MPju
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Linkerd - Oliver Gould, Buoyant
In this session, Oliver Gould, will focus on lessons learned, how to's, and what the future of Linkerd holds.
https://sched.co/MPju
- 4 participants
- 40 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Long Term Support WG - Tim Pepper, VMware
Late in 2018 community discussion of Kubernetes support coalesced into a proposal for a Long Term Support Working Group. "WG LTS" is the name, but LTS should not imply work is towards what you may already believe to be meant by the term. Rather we seek a new, evolved definition of the Kubernetes release/support cadence, an investigation in a time-limited fashion during 2019 of the questions of "To LTS Or Not To LTS" and "What Are We Releasing And Why And How Is It Best Integrated, Validate, And Supported". Discussion spans complex questions of what support is desirable and viable in the minds of users, vendors, and ecosystem code contributors. This presentation will provide an overview of first half of our 2019 survey findings, describe progress towards and future work remaining to achieve a higher level of critical API stability, and outline the shape of possible support enhancement proposals.
https://sched.co/MkJq
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Long Term Support WG - Tim Pepper, VMware
Late in 2018 community discussion of Kubernetes support coalesced into a proposal for a Long Term Support Working Group. "WG LTS" is the name, but LTS should not imply work is towards what you may already believe to be meant by the term. Rather we seek a new, evolved definition of the Kubernetes release/support cadence, an investigation in a time-limited fashion during 2019 of the questions of "To LTS Or Not To LTS" and "What Are We Releasing And Why And How Is It Best Integrated, Validate, And Supported". Discussion spans complex questions of what support is desirable and viable in the minds of users, vendors, and ecosystem code contributors. This presentation will provide an overview of first half of our 2019 survey findings, describe progress towards and future work remaining to achieve a higher level of critical API stability, and outline the shape of possible support enhancement proposals.
https://sched.co/MkJq
- 5 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Scheduling SIG - Babak Salamat, Google
Kubernetes Scheduler is a critical component of Kubernetes that finds the best nodes for running pods based the configured scheduling requirements. The scheduler provides features to run clusters with desired configuration. Users can choose to run their clusters with high resource efficiency, high reliability, or various other custom policies. This talk will provide information on recent SIG Scheduling projects and features, including the development of the scheduling framework, batch scheduling, pod scheduling policies for multi-tenant clusters, and scalability improvements. We will dedicate about half of the time of the presentation to audience questions and users' feedback.
https://sched.co/MPkg
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Scheduling SIG - Babak Salamat, Google
Kubernetes Scheduler is a critical component of Kubernetes that finds the best nodes for running pods based the configured scheduling requirements. The scheduler provides features to run clusters with desired configuration. Users can choose to run their clusters with high resource efficiency, high reliability, or various other custom policies. This talk will provide information on recent SIG Scheduling projects and features, including the development of the scheduling framework, batch scheduling, pod scheduling policies for multi-tenant clusters, and scalability improvements. We will dedicate about half of the time of the presentation to audience questions and users' feedback.
https://sched.co/MPkg
- 8 participants
- 30 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Vitess - Jiten Vaidya & Dan Kozlowski, PlanetScale
One of the scariest thoughts about storing data in the cloud is the worry about a node going down taking its data with it. In spite of this, many users have successfully run Vitess on Kubernetes in various clouds. This deep dive session in Vitess will show you how to configure a Vitess server to be resilient to failures. As a demo, we'll bring up a Vitess cluster with the a set of optimal configurations and demonstrate how it survives various events like pod evictions and node restarts.
https://sched.co/MPkL
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Vitess - Jiten Vaidya & Dan Kozlowski, PlanetScale
One of the scariest thoughts about storing data in the cloud is the worry about a node going down taking its data with it. In spite of this, many users have successfully run Vitess on Kubernetes in various clouds. This deep dive session in Vitess will show you how to configure a Vitess server to be resilient to failures. As a demo, we'll bring up a Vitess cluster with the a set of optimal configurations and demonstrate how it survives various events like pod evictions and node restarts.
https://sched.co/MPkL
- 4 participants
- 45 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: kops (Cluster Lifecycle) SIG - Justin Santa Barbara, Google & Mike Splain, Sonos
We'll dig into the recent progress in kops: etcd-manager and etcdadm getting us to etcd3; support for CRDs and the server mode; starting to move to cluster API and our future plans here; starting to adopt bundles to allow for richer upgrades. Also kops is now a conformant kubernetes distribution! We'll discuss the status of our support for more clouds, including the recent OpenStack work. We'll also talk about some of our general initiatives e.g. secure by default. But most importantly let's talk about your pain points and figure out what you would like to see, and let's discuss how you can get involved.
https://sched.co/MPkU
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: kops (Cluster Lifecycle) SIG - Justin Santa Barbara, Google & Mike Splain, Sonos
We'll dig into the recent progress in kops: etcd-manager and etcdadm getting us to etcd3; support for CRDs and the server mode; starting to move to cluster API and our future plans here; starting to adopt bundles to allow for richer upgrades. Also kops is now a conformant kubernetes distribution! We'll discuss the status of our support for more clouds, including the recent OpenStack work. We'll also talk about some of our general initiatives e.g. secure by default. But most importantly let's talk about your pain points and figure out what you would like to see, and let's discuss how you can get involved.
https://sched.co/MPkU
- 9 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Delivering Serverless Experience on Kubernetes: Beyond Web Applications - Alex Glikson, Carnegie Mellon University
Knative is a great platform to host web applications on Kubernetes, offering seamless request-based scaling as well as scale-to-zero. As part of research at the Carnegie Mellon University to better understand the advantages and limitations of serverless platforms, we assessed Knative for two workloads that may differ from typical Web applications -- Machine Learning inference (ML) and Interactive Computing (IC). We focused on properties which are important for workloads with significant amount of state - such as ML model, or IC session - while still maintaining the ability to scale down to zero (and back to one) efficiently. In this talk we will present the initial results of an effort to design a Kubernetes-based serverless platform optimized for such workloads, focusing on two properties: 1) ability to efficiently persist state, 2) ability to deliver low latency under load spikes.
https://sched.co/MPem
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Delivering Serverless Experience on Kubernetes: Beyond Web Applications - Alex Glikson, Carnegie Mellon University
Knative is a great platform to host web applications on Kubernetes, offering seamless request-based scaling as well as scale-to-zero. As part of research at the Carnegie Mellon University to better understand the advantages and limitations of serverless platforms, we assessed Knative for two workloads that may differ from typical Web applications -- Machine Learning inference (ML) and Interactive Computing (IC). We focused on properties which are important for workloads with significant amount of state - such as ML model, or IC session - while still maintaining the ability to scale down to zero (and back to one) efficiently. In this talk we will present the initial results of an effort to design a Kubernetes-based serverless platform optimized for such workloads, focusing on two properties: 1) ability to efficiently persist state, 2) ability to deliver low latency under load spikes.
https://sched.co/MPem
- 1 participant
- 39 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Delivering TV Everywhere with Cloud Native Solutions - Arnaud Caron & Jerome Champetier, Mediakind
Traditional TV players are facing huge challenges from the rapid growth of emerging video services such as Netflix, Amazon Prime and YouTube TV. TV service providers must modernize and accelerate their operations, moving from dedicated hardware in datacenter to embracing hybrid cloud technologies, DevOps and orchestration, while considering cloud frameworks constraints which aren’t natively designed for real-time media - and issues such as high processing & storage performance, network (latency, bandwidth, multicast), high availability and reliability. We will present our journey since 2015, showcasing how our architecture migration to microservices / containers / Kubernetes & Helm helped to lay the foundations for our global development team. We will share our architectural designs and explain how we overcame challenges such as K8s deployments, CNI, monitoring and packaging with Helm.
https://sched.co/MPYR
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Delivering TV Everywhere with Cloud Native Solutions - Arnaud Caron & Jerome Champetier, Mediakind
Traditional TV players are facing huge challenges from the rapid growth of emerging video services such as Netflix, Amazon Prime and YouTube TV. TV service providers must modernize and accelerate their operations, moving from dedicated hardware in datacenter to embracing hybrid cloud technologies, DevOps and orchestration, while considering cloud frameworks constraints which aren’t natively designed for real-time media - and issues such as high processing & storage performance, network (latency, bandwidth, multicast), high availability and reliability. We will present our journey since 2015, showcasing how our architecture migration to microservices / containers / Kubernetes & Helm helped to lay the foundations for our global development team. We will share our architectural designs and explain how we overcame challenges such as K8s deployments, CNI, monitoring and packaging with Helm.
https://sched.co/MPYR
- 4 participants
- 42 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Democratizing MySQL: From Cloud Managed to Kubernetes Managed - Sachin Manpathak, Platform9 & Flavius Mecea, Presslabs SRL
Platform9, like many startups used public cloud based MySQL service as backend to quickly get started. But as their customer base grew, the public cloud costs became significant. Their goal for this project was ambitious - they wanted to run their own MySQL as a service without any in-house MySQL expertise. They also wished the model to scale well, achievable with a small team. Learn how Platform9 has reached their goal by using a highly flexible open-source MySQL Operator, written by Presslabs—a startup that aims at democratizing the WordPress hosting infrastructure by using Kubernetes and other open technologies. This is a back-to-back combo talk featuring 2 people who know the MySQL Operator better than anyone, but differently: the original builder & its heaviest user.
https://sched.co/MPYa
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Democratizing MySQL: From Cloud Managed to Kubernetes Managed - Sachin Manpathak, Platform9 & Flavius Mecea, Presslabs SRL
Platform9, like many startups used public cloud based MySQL service as backend to quickly get started. But as their customer base grew, the public cloud costs became significant. Their goal for this project was ambitious - they wanted to run their own MySQL as a service without any in-house MySQL expertise. They also wished the model to scale well, achievable with a small team. Learn how Platform9 has reached their goal by using a highly flexible open-source MySQL Operator, written by Presslabs—a startup that aims at democratizing the WordPress hosting infrastructure by using Kubernetes and other open technologies. This is a back-to-back combo talk featuring 2 people who know the MySQL Operator better than anyone, but differently: the original builder & its heaviest user.
https://sched.co/MPYa
- 7 participants
- 41 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deploy, Scale and Extend Jaeger - Louis-Etienne Dorval, Ticketmaster
Distributed Tracing has been a hot topic in the last few years. While a lot has been said about the benefits of having tracing as well as how to instrument your (micro?) services, this talk will instead focus on how we deployed, scaled and extended Jaeger at Ticketmaster. We will look into how we drove adoption internally as well as the strategies that were put in place to scale it as it gained traction. We’ll cover the first few pull requests needed to get the ball rolling and the lessons learned while helping different development teams get started. We will share how the architecture of Jaeger enabled us to deploy it inside Kubernetes as a multi-region cluster used by application all across our hybrid cloud and explore the various extension points that are available.
https://sched.co/MPbm
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deploy, Scale and Extend Jaeger - Louis-Etienne Dorval, Ticketmaster
Distributed Tracing has been a hot topic in the last few years. While a lot has been said about the benefits of having tracing as well as how to instrument your (micro?) services, this talk will instead focus on how we deployed, scaled and extended Jaeger at Ticketmaster. We will look into how we drove adoption internally as well as the strategies that were put in place to scale it as it gained traction. We’ll cover the first few pull requests needed to get the ball rolling and the lessons learned while helping different development teams get started. We will share how the architecture of Jaeger enabled us to deploy it inside Kubernetes as a multi-region cluster used by application all across our hybrid cloud and explore the various extension points that are available.
https://sched.co/MPbm
- 1 participant
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Economics and Best Practices of Running AI/ML Workloads on Kubernetes - Maulin Patel, Google & Yaron Haviv, Iguazio
In this session, we will discuss how Kubernetes driven AI/ML building blocks are making AI/ML simple, fast and efficient for data scientists, data engineers, devops engineers and everyday users. We will explore how Kubernetes, Kubeflow and Kubeflow pipeline can help to mitigate complexities and challenges associated with AI/ML. We will demonstrate the use of Accelerators like GPUs and TPU in Kubernetes Engine to make serving compute intensive ML/AI workloads easy, fast and scalable. We will present the real world examples of commonly used AI/ML applications, discuss their performance and share best practices. We will also present how the economics are different when it comes to ML workloads and highlight the unique values Kubernetes brings to enterprises.
https://sched.co/MPaf
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Economics and Best Practices of Running AI/ML Workloads on Kubernetes - Maulin Patel, Google & Yaron Haviv, Iguazio
In this session, we will discuss how Kubernetes driven AI/ML building blocks are making AI/ML simple, fast and efficient for data scientists, data engineers, devops engineers and everyday users. We will explore how Kubernetes, Kubeflow and Kubeflow pipeline can help to mitigate complexities and challenges associated with AI/ML. We will demonstrate the use of Accelerators like GPUs and TPU in Kubernetes Engine to make serving compute intensive ML/AI workloads easy, fast and scalable. We will present the real world examples of commonly used AI/ML applications, discuss their performance and share best practices. We will also present how the economics are different when it comes to ML workloads and highlight the unique values Kubernetes brings to enterprises.
https://sched.co/MPaf
- 4 participants
- 54 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Embracing Upstream Kubernetes in Web Scale Organization - Lei Zhang, Alibaba & Jun Chen, Ant Financial
How does a web-scale organization meet the demands of performance & scalability without forking Kubernetes while still offering a fully integrated and secure offering? Actually, for any large scale organization or public cloud, we believe the problems we share are the similar: Should I maintain a swarm of small clusters or a single "monster"? What would be the challenge when I scale the cluster to 1k nodes or more? How to fix issues or add features without breaking Kubernetes code? How often the cluster would be upgraded? And how to make engineers think in a “Kubernetes Native” way? In this talk, we will share some experience & lessons we learnt from applying upstream Kubernetes in Alibaba ecosystem. We will list every challenge we faced, and the "upstream native" practice we fixed it. We will share our unique way of upgrading our Kubernetes with keeping pace of upstream as well.
https://sched.co/MPXu
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Embracing Upstream Kubernetes in Web Scale Organization - Lei Zhang, Alibaba & Jun Chen, Ant Financial
How does a web-scale organization meet the demands of performance & scalability without forking Kubernetes while still offering a fully integrated and secure offering? Actually, for any large scale organization or public cloud, we believe the problems we share are the similar: Should I maintain a swarm of small clusters or a single "monster"? What would be the challenge when I scale the cluster to 1k nodes or more? How to fix issues or add features without breaking Kubernetes code? How often the cluster would be upgraded? And how to make engineers think in a “Kubernetes Native” way? In this talk, we will share some experience & lessons we learnt from applying upstream Kubernetes in Alibaba ecosystem. We will list every challenge we faced, and the "upstream native" practice we fixed it. We will share our unique way of upgrading our Kubernetes with keeping pace of upstream as well.
https://sched.co/MPXu
- 1 participant
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Fine-Grained Permissions in Kubernetes: What’s Missing, and How to Fix That - Vallery Lancey, Lyft & Seth McCombs, Triller
In this talk, we will walk through a number of common scenarios where Kubernetes lacks sufficient access control tools, or where access control is often not properly applied. For example, it is common for a team to own a subset of services in a namespace, yet RBAC permissions grant that team access to other pods within the namespace. We will demonstrate a number of solutions available for specific problems, such as pod network policies, the open policy agent, custom controllers that gate API functionality. We will also discuss problems with the namespace permission model, and possible alternatives. Namespaces create an arbitrary boundary around resources, which creates the need to then bridge those boundaries. We will demonstrate ideas for bridging namespace networks, and posix-style objection permissions within a namespace.
https://sched.co/MPdx
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Fine-Grained Permissions in Kubernetes: What’s Missing, and How to Fix That - Vallery Lancey, Lyft & Seth McCombs, Triller
In this talk, we will walk through a number of common scenarios where Kubernetes lacks sufficient access control tools, or where access control is often not properly applied. For example, it is common for a team to own a subset of services in a namespace, yet RBAC permissions grant that team access to other pods within the namespace. We will demonstrate a number of solutions available for specific problems, such as pod network policies, the open policy agent, custom controllers that gate API functionality. We will also discuss problems with the namespace permission model, and possible alternatives. Namespaces create an arbitrary boundary around resources, which creates the need to then bridge those boundaries. We will demonstrate ideas for bridging namespace networks, and posix-style objection permissions within a namespace.
https://sched.co/MPdx
- 8 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Fool-Proof Kubernetes Dashboards for Sleep-Deprived Oncalls - David Kaltschmidt, Grafana Labs
Software running on Kubernetes can fail in various, but surprisingly well-defined ways. In this intermediate-level talk David Kaltschmidt shows how structuring dashboards in a particular way can be a helpful guide when you get paged in the middle of the night. Reducing cognitive load makes oncall more effective. When dashboards are organized hierarchically on both the service and the resource level, troubleshooting becomes an exercise of divide and conquer. The oncall person can quickly eliminate whole areas of problems and zone in on the real issue. At that point a single service or instance should have been identified, for which more detailed debugging can take place.
https://sched.co/MPbv
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Fool-Proof Kubernetes Dashboards for Sleep-Deprived Oncalls - David Kaltschmidt, Grafana Labs
Software running on Kubernetes can fail in various, but surprisingly well-defined ways. In this intermediate-level talk David Kaltschmidt shows how structuring dashboards in a particular way can be a helpful guide when you get paged in the middle of the night. Reducing cognitive load makes oncall more effective. When dashboards are organized hierarchically on both the service and the resource level, troubleshooting becomes an exercise of divide and conquer. The oncall person can quickly eliminate whole areas of problems and zone in on the real issue. At that point a single service or instance should have been identified, for which more detailed debugging can take place.
https://sched.co/MPbv
- 3 participants
- 29 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Grafana Loki: Like Prometheus, But for logs. - Tom Wilkie, Grafana Labs
Loki is a horizontally-scalable, highly-available log aggregation system inspired by Prometheus. It is designed to be cost effective and easy to operate, as it does not index the contents of the logs, but rather labels for each log stream. Loki initially targets Kubernetes logging, using Prometheus service discovery to gather labels for log streams. As such, Loki enables you to easily switch between metrics and logs, streamlining the incident response process - a workflow we have built into the latest version of Grafana. In this talk we will discuss the motivation behind Loki, its design and architecture, and what the future holds. Its early days after the launch at KubeCon Seattle, but so far the response to the project has been overwhelming, with more the 4.5k GitHub stars and over 12hrs at the top spot on Hacker News.
https://sched.co/MPbj
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Grafana Loki: Like Prometheus, But for logs. - Tom Wilkie, Grafana Labs
Loki is a horizontally-scalable, highly-available log aggregation system inspired by Prometheus. It is designed to be cost effective and easy to operate, as it does not index the contents of the logs, but rather labels for each log stream. Loki initially targets Kubernetes logging, using Prometheus service discovery to gather labels for log streams. As such, Loki enables you to easily switch between metrics and logs, streamlining the incident response process - a workflow we have built into the latest version of Grafana. In this talk we will discuss the motivation behind Loki, its design and architecture, and what the future holds. Its early days after the launch at KubeCon Seattle, but so far the response to the project has been overwhelming, with more the 4.5k GitHub stars and over 12hrs at the top spot on Hacker News.
https://sched.co/MPbj
- 10 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Helm 3: Navigating To Distant Shores - Bridget Kromhout & Jessica Deen, Microsoft
Adjusting your spyglass & looking out over the water, you can see how useful a package manager like Helm is. Perhaps you’ve used it to manage the fractal complexity of packages on your Kubernetes clusters (without losing track of versions stashed in the hold). But Helm 3 is rumored to be different; you’re ready to get started on this exciting voyage as soon as you have some idea of what’s port & what’s starboard! Get clear answers to questions like “when do I use Go templates versus Lua?”, “how do I move my production Helm 2 installation to Helm 3 seamlessly?”, “what do I use now instead of tiller?” In this demo-fueled session, we’ll take you through differences from the Helm of yore, tips for a successful rollout or upgrade, & opportunities to shape the project’s future. The cloud native waters can be choppy but a technical deep dive powered by open source tooling will steer you right!
https://sched.co/MPXf
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Helm 3: Navigating To Distant Shores - Bridget Kromhout & Jessica Deen, Microsoft
Adjusting your spyglass & looking out over the water, you can see how useful a package manager like Helm is. Perhaps you’ve used it to manage the fractal complexity of packages on your Kubernetes clusters (without losing track of versions stashed in the hold). But Helm 3 is rumored to be different; you’re ready to get started on this exciting voyage as soon as you have some idea of what’s port & what’s starboard! Get clear answers to questions like “when do I use Go templates versus Lua?”, “how do I move my production Helm 2 installation to Helm 3 seamlessly?”, “what do I use now instead of tiller?” In this demo-fueled session, we’ll take you through differences from the Helm of yore, tips for a successful rollout or upgrade, & opportunities to shape the project’s future. The cloud native waters can be choppy but a technical deep dive powered by open source tooling will steer you right!
https://sched.co/MPXf
- 2 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
High Performance Networking with Kubevirt - Doug Smith, Red Hat & Abdul Halim, Intel
When we’re talking about legacy workloads running in Kubernetes as Virtual Machines, we’re not talking about “any old workload” -- we’re usually talking about performance workloads. The KubeVirt community, Red Hat & Intel have come together to enable high performance networking for these workloads. Need hardware-accelerated networking in a cloud-native environment? Using KubeVirt (for virtual machines on top of Kubernetes) and recent improvements in SR-IOV networking integration with Kubernetes, we'll talk about gaining performance networking for your apps, and for legacy workload migration. You’ll get the opportunity to explore the mechanics of running pods that are also connected to SR-IOV NICs. We’ll also look at how KubeVirt builds on top of and extends the base Kubernetes platform support for SR-IOV networking into the world of legacy virtual machines, all managed by kubectl.
https://sched.co/MPcw
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
High Performance Networking with Kubevirt - Doug Smith, Red Hat & Abdul Halim, Intel
When we’re talking about legacy workloads running in Kubernetes as Virtual Machines, we’re not talking about “any old workload” -- we’re usually talking about performance workloads. The KubeVirt community, Red Hat & Intel have come together to enable high performance networking for these workloads. Need hardware-accelerated networking in a cloud-native environment? Using KubeVirt (for virtual machines on top of Kubernetes) and recent improvements in SR-IOV networking integration with Kubernetes, we'll talk about gaining performance networking for your apps, and for legacy workload migration. You’ll get the opportunity to explore the mechanics of running pods that are also connected to SR-IOV NICs. We’ll also look at how KubeVirt builds on top of and extends the base Kubernetes platform support for SR-IOV networking into the world of legacy virtual machines, all managed by kubectl.
https://sched.co/MPcw
- 5 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How Does Google Release Kubernetes in GKE - Kobi Magnezi & Josh Hoak, Google
Working on the GKE, we have been releasing new versions of Kubernetes since before Kubernetes was 1.0. Although closely related to the Kubernetes release, the release of Kubernetes in GKE involves ensuring fleet-wide consistency through upgrades, qualification and customer feedback. We will talk about the history of the GKE Release process and the lessons we have learned working with Kubernetes. We will close with open source improvements we're making to systems and tooling so that others can benefit from what we have learned.
https://sched.co/MPZ7
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How Does Google Release Kubernetes in GKE - Kobi Magnezi & Josh Hoak, Google
Working on the GKE, we have been releasing new versions of Kubernetes since before Kubernetes was 1.0. Although closely related to the Kubernetes release, the release of Kubernetes in GKE involves ensuring fleet-wide consistency through upgrades, qualification and customer feedback. We will talk about the history of the GKE Release process and the lessons we have learned working with Kubernetes. We will close with open source improvements we're making to systems and tooling so that others can benefit from what we have learned.
https://sched.co/MPZ7
- 2 participants
- 24 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How Intuit Does Canary and Blue Green Deployments with a K8s Controller - Daniel Thomson & Alex Matyushentsev, Intuit
GitOps has taken Kubernetes by storm, but the default kubernetes deployment is missing strategies such as canary and blue green. How do you run two versions of one application at the same time in a GitOps manner? Do you need to make multiple commits to orchestrate those strategies? Isn’t that redundant for a single deployment? The onus is on the user to orchestrate these industry standard strategies often using error prone scripts. To address this need, Intuit open sourced a deployment controller called Argo Rollouts that codifies these industry standard strategies into an custom resource called Rollout. This session will discuss how Intuit leverages rollouts of hundreds of apps in a GitOps style to implement these missing strategies, the challenges in converting inherently imperative strategies into a declarative configuration, and envisioning the future for GitOps based deployments.
https://sched.co/MPZD
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How Intuit Does Canary and Blue Green Deployments with a K8s Controller - Daniel Thomson & Alex Matyushentsev, Intuit
GitOps has taken Kubernetes by storm, but the default kubernetes deployment is missing strategies such as canary and blue green. How do you run two versions of one application at the same time in a GitOps manner? Do you need to make multiple commits to orchestrate those strategies? Isn’t that redundant for a single deployment? The onus is on the user to orchestrate these industry standard strategies often using error prone scripts. To address this need, Intuit open sourced a deployment controller called Argo Rollouts that codifies these industry standard strategies into an custom resource called Rollout. This session will discuss how Intuit leverages rollouts of hundreds of apps in a GitOps style to implement these missing strategies, the challenges in converting inherently imperative strategies into a declarative configuration, and envisioning the future for GitOps based deployments.
https://sched.co/MPZD
- 6 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How LivePerson is Tailoring its Conversational Platform Using OpenFaaS - Simon Pelczer, LivePerson & Ivana Yovcheva, VMware
The conversational commerce experience needs to be personalized to allow customers to extend and customize the chat experience with bespoke code. Attend this talk to hear how LivePerson took one of the most popular open source Serverless projects and built it into their product to add value for customers. Functions allow customers to create custom chatbot behaviour, messaging extensions and commerce workflows. You’ll see a live demo and hear about how the team put together the solution. We’ll cover how we operationalized an open source project so that we can build, ship and maintain our many functions whilst ensuring secure, multi-tenant access. Ivana will give an overview of the OpenFaaS architecture, CRD and its set of UNIX-like components which build on top of primitives in Kubernetes. She will also share the vision of the open source project and where it’s heading next.
https://sched.co/MPeR
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How LivePerson is Tailoring its Conversational Platform Using OpenFaaS - Simon Pelczer, LivePerson & Ivana Yovcheva, VMware
The conversational commerce experience needs to be personalized to allow customers to extend and customize the chat experience with bespoke code. Attend this talk to hear how LivePerson took one of the most popular open source Serverless projects and built it into their product to add value for customers. Functions allow customers to create custom chatbot behaviour, messaging extensions and commerce workflows. You’ll see a live demo and hear about how the team put together the solution. We’ll cover how we operationalized an open source project so that we can build, ship and maintain our many functions whilst ensuring secure, multi-tenant access. Ivana will give an overview of the OpenFaaS architecture, CRD and its set of UNIX-like components which build on top of primitives in Kubernetes. She will also share the vision of the open source project and where it’s heading next.
https://sched.co/MPeR
- 2 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How to Create Kubernetes Experts - Clarke Vennerbeck & Aaron Teague, Supergiant
Effective knowledge transfer is critical for the continued survival of Kubernetes end-users (and projects). Rapid growth and adoption of Kubernetes has left a growing demand for operators and developers unmet. In addition, an ever-growing catalog of OSS has sprung up along with Kubernetes, expanding the qualifications needed to operate in an enterprise-worthy fashion. Our company has dealt with this challenge by changing the way we acquire Kubernetes talent--by building experts in house, sometimes from little to no experience. With good training and committed participants, this is achievable for anyone! Learn tactics, approaches, and practical tips to training teams with any skill level, creating new generations of Kubernetes experts!
https://sched.co/MPZn
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How to Create Kubernetes Experts - Clarke Vennerbeck & Aaron Teague, Supergiant
Effective knowledge transfer is critical for the continued survival of Kubernetes end-users (and projects). Rapid growth and adoption of Kubernetes has left a growing demand for operators and developers unmet. In addition, an ever-growing catalog of OSS has sprung up along with Kubernetes, expanding the qualifications needed to operate in an enterprise-worthy fashion. Our company has dealt with this challenge by changing the way we acquire Kubernetes talent--by building experts in house, sometimes from little to no experience. With good training and committed participants, this is achievable for anyone! Learn tactics, approaches, and practical tips to training teams with any skill level, creating new generations of Kubernetes experts!
https://sched.co/MPZn
- 4 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Ingress V2 and Multicluster Services - Rohit Ramkumar & Bowei Du, Google
With app modernization, we’ve entered a new phase of structuring services. Services have evolved over time to span multiple clusters as well as hybrid deployments that encompass both on-prem and multiple clouds. There are several use cases for multiple Kubernetes clusters: canarying new versions of your app, or low latency access for your users across the globe. In this session, we will present a new version of the Ingress and the Service APIs. These API’s form the foundational blocks for managing your global, scalable and reliable services close to your users using a single control plane. Moreover, we will compare these new API’s with different models for spreading services across multiple cluster (e.g Istio). We will demo a custom controller we have written that will configure multi-cluster HTTP(S) load balancing given these new API’s.
https://sched.co/MPb6
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Ingress V2 and Multicluster Services - Rohit Ramkumar & Bowei Du, Google
With app modernization, we’ve entered a new phase of structuring services. Services have evolved over time to span multiple clusters as well as hybrid deployments that encompass both on-prem and multiple clouds. There are several use cases for multiple Kubernetes clusters: canarying new versions of your app, or low latency access for your users across the globe. In this session, we will present a new version of the Ingress and the Service APIs. These API’s form the foundational blocks for managing your global, scalable and reliable services close to your users using a single control plane. Moreover, we will compare these new API’s with different models for spreading services across multiple cluster (e.g Istio). We will demo a custom controller we have written that will configure multi-cluster HTTP(S) load balancing given these new API’s.
https://sched.co/MPb6
- 3 participants
- 27 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive BoF: Telecom User Group and Cloud Native Network Functions (CNF) Testbed - Cheryl Hung, Dan Kohn, CNCF & Taylor Carpenter, Vulk Coop
This birds-of-a-feather (BOF) session will discuss how telcos are evolving their Virtual Network Functions (VNFs) into Cloud-native Network Functions (CNFs) running on Kubernetes. CNCF is spinning up a new Telecom User Group for service providers and their vendors to discuss the adoption of cloud native technologies, and this session will also be a kickoff for that group.
https://sched.co/MSzj
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive BoF: Telecom User Group and Cloud Native Network Functions (CNF) Testbed - Cheryl Hung, Dan Kohn, CNCF & Taylor Carpenter, Vulk Coop
This birds-of-a-feather (BOF) session will discuss how telcos are evolving their Virtual Network Functions (VNFs) into Cloud-native Network Functions (CNFs) running on Kubernetes. CNCF is spinning up a new Telecom User Group for service providers and their vendors to discuss the adoption of cloud native technologies, and this session will also be a kickoff for that group.
https://sched.co/MSzj
- 24 participants
- 1:25 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Apps SIG - Adnan Abdulhussein, Bitnami
Kubernetes SIG Apps covers developing, deploying, and operating applications on Kubernetes with a focus on the application developer and application operator experience. In this deep dive we will look at the general experience for application developers and operators along with specifics of the Workloads API and Application CRD. The topics discussed will be based on the desires of those in attendance and the conversation will go where attendees would like it to go.
https://sched.co/MPkj
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Apps SIG - Adnan Abdulhussein, Bitnami
Kubernetes SIG Apps covers developing, deploying, and operating applications on Kubernetes with a focus on the application developer and application operator experience. In this deep dive we will look at the general experience for application developers and operators along with specifics of the Workloads API and Application CRD. The topics discussed will be based on the desires of those in attendance and the conversation will go where attendees would like it to go.
https://sched.co/MPkj
- 20 participants
- 53 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: IBMCloud SIG - Sahdev P. Zala, Khalid Ahmed, Brad Topol & Nimesh Bhatia, IBM
In this session, the IBM Cloud SIG leads will first provide an overview of the SIG and highlight key SIG activities. The introductory presentation, in the beginning, will be followed by a deep dive into SIG upstream activities, updates to the cloud provider code, and the ongoing collaborative work with the SIG Cloud Provider. The presentations will be followed by discussions between SIG leads and attendees on current and future work items. Everyone --active contributors, new contributors, and conference attendees -- with interest in the SIG IBM Cloud are welcome to attend. During the session, SIG leads will be available all the time for discussions.
https://sched.co/MPks
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: IBMCloud SIG - Sahdev P. Zala, Khalid Ahmed, Brad Topol & Nimesh Bhatia, IBM
In this session, the IBM Cloud SIG leads will first provide an overview of the SIG and highlight key SIG activities. The introductory presentation, in the beginning, will be followed by a deep dive into SIG upstream activities, updates to the cloud provider code, and the ongoing collaborative work with the SIG Cloud Provider. The presentations will be followed by discussions between SIG leads and attendees on current and future work items. Everyone --active contributors, new contributors, and conference attendees -- with interest in the SIG IBM Cloud are welcome to attend. During the session, SIG leads will be available all the time for discussions.
https://sched.co/MPks
- 7 participants
- 1:06 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Jaeger - Juraci Paixão Kröhling, Red Hat & Prithvi Raj, Uber
Jaeger is a distributed tracing platform, providing a way to monitor and troubleshoot transactions in complex distributed systems. In the first part, we’ll introduce you to Jaeger, showing what it is capable of. We’ll deploy a few microservices into a Kubernetes cluster and use distributed tracing to help us see what’s going on. After this brief demo, you’ll learn how to engage with the community and how to make your first contribution to the project. In the second part of this talk, we’ll explain in details what are all the moving pieces and how they work together. You’ll also learn about the different deployment strategies and advanced configuration options. And finally, we’ll have a Q&A session at the end with project maintainers.
https://sched.co/MPkv
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Jaeger - Juraci Paixão Kröhling, Red Hat & Prithvi Raj, Uber
Jaeger is a distributed tracing platform, providing a way to monitor and troubleshoot transactions in complex distributed systems. In the first part, we’ll introduce you to Jaeger, showing what it is capable of. We’ll deploy a few microservices into a Kubernetes cluster and use distributed tracing to help us see what’s going on. After this brief demo, you’ll learn how to engage with the community and how to make your first contribution to the project. In the second part of this talk, we’ll explain in details what are all the moving pieces and how they work together. You’ll also learn about the different deployment strategies and advanced configuration options. And finally, we’ll have a Q&A session at the end with project maintainers.
https://sched.co/MPkv
- 11 participants
- 1:14 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes (Docs) SIG - Zach Corleissen, Linux Foundation & Rael Garcia, CAPSiDE
This session covers Kubernetes (K8s) documentation. We'll do an overview of the docs--how they're organized, and how they're maintained--then contribute to the docs ourselves. During the introduction, we'll look at the docs repository (kubernetes/website) and how we organize content. We'll also look at the website stack: how we preview and publish docs to kubernetes.io. We'll talk about the docs workflow: how SIG Docs does the work to review and publish docs. During the deep dive, we'll explore the docs contributor guide and do some hands-on contribution. Remember that contributing to docs is a pathway to Kubernetes membership!
https://sched.co/MPlA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes (Docs) SIG - Zach Corleissen, Linux Foundation & Rael Garcia, CAPSiDE
This session covers Kubernetes (K8s) documentation. We'll do an overview of the docs--how they're organized, and how they're maintained--then contribute to the docs ourselves. During the introduction, we'll look at the docs repository (kubernetes/website) and how we organize content. We'll also look at the website stack: how we preview and publish docs to kubernetes.io. We'll talk about the docs workflow: how SIG Docs does the work to review and publish docs. During the deep dive, we'll explore the docs contributor guide and do some hands-on contribution. Remember that contributing to docs is a pathway to Kubernetes membership!
https://sched.co/MPlA
- 3 participants
- 1:04 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes (Network) SIG - Tim Hockin, Google
This presentation will include an introduction to Kubernetes networking, covering the high level challenges the Kubernetes network model solves, Kubernetes specific concepts such as Services, Ingress, and NetworkPolicy, and how they interact and are typically used. We'll then dive deeper into topics currently being discussed in SIG network, opening the floor for discussion and debate on a range of topics based on attendee interest and moderated by members of the SIG. In this latter half, we hope to bring contributors and users together to discuss the problems they are currently facing and how we can collaborate to solve them.
https://sched.co/MPky
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes (Network) SIG - Tim Hockin, Google
This presentation will include an introduction to Kubernetes networking, covering the high level challenges the Kubernetes network model solves, Kubernetes specific concepts such as Services, Ingress, and NetworkPolicy, and how they interact and are typically used. We'll then dive deeper into topics currently being discussed in SIG network, opening the floor for discussion and debate on a range of topics based on attendee interest and moderated by members of the SIG. In this latter half, we hope to bring contributors and users together to discuss the problems they are currently facing and how we can collaborate to solve them.
https://sched.co/MPky
- 3 participants
- 1:28 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes Conformance WG - Dan Kohn, CNCF, William Denniss, Aaron Crickenberger, Google & Hippie Hacker, ii.coop
We will start the session with a high level introduction of the Certified Kubernetes conformance program. Topics will include how to run the conformance test suite, how to certify your company's platform, distribution or installer, and how to get maximum benefit out of the program for your company. Following the the introduction, there will be a technical working session by members of the working group to discuss current topics, likely including the in-development Windows container conformance profile.
https://sched.co/MPl1
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes Conformance WG - Dan Kohn, CNCF, William Denniss, Aaron Crickenberger, Google & Hippie Hacker, ii.coop
We will start the session with a high level introduction of the Certified Kubernetes conformance program. Topics will include how to run the conformance test suite, how to certify your company's platform, distribution or installer, and how to get maximum benefit out of the program for your company. Following the the introduction, there will be a technical working session by members of the working group to discuss current topics, likely including the in-development Windows container conformance profile.
https://sched.co/MPl1
- 10 participants
- 1:27 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes IoT Edge WG - Steven Wong, VMware, Cindy Xing, Huawei, Dejan Bosanac, Red Hat, & Kilton Hopkins, Edgeworx
Intro and Deep Dive: Edge Computing challenges and solutions with Kubernetes This session will investigate and catalogue challenges encountered when Kubernetes is deployed in Edge and IoT applications. We'll start by describing two basic approaches: deploying nodes to the Edge with a central control plane; and deploying whole clusters to the Edge. This will be followed by a deep dive into Kubernetes architectural features and constraints in the context of both approaches. We'll see which course makes the most sense for some specific use cases. Next we'll discuss some common challenges to successful deployments, such as resource limits and network availability, and provide some guidance on how to deal with them. There are opportunities to contribute to the evolution of Kubernetes to better serve edge use cases. We will close with details on how you can get involved with the community effort to help this happen.
https://sched.co/MPl4
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes IoT Edge WG - Steven Wong, VMware, Cindy Xing, Huawei, Dejan Bosanac, Red Hat, & Kilton Hopkins, Edgeworx
Intro and Deep Dive: Edge Computing challenges and solutions with Kubernetes This session will investigate and catalogue challenges encountered when Kubernetes is deployed in Edge and IoT applications. We'll start by describing two basic approaches: deploying nodes to the Edge with a central control plane; and deploying whole clusters to the Edge. This will be followed by a deep dive into Kubernetes architectural features and constraints in the context of both approaches. We'll see which course makes the most sense for some specific use cases. Next we'll discuss some common challenges to successful deployments, such as resource limits and network availability, and provide some guidance on how to deal with them. There are opportunities to contribute to the evolution of Kubernetes to better serve edge use cases. We will close with details on how you can get involved with the community effort to help this happen.
https://sched.co/MPl4
- 6 participants
- 1:16 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes Policy WG - Zhipeng Huang, Huawei & Erica Von Buelow, Red Hat
The Intro+Deep session for Kubernetes Policy WG will cover the basics of the WG process, what we have achieved and what we will be mostly working at in 2019. We will also cover will specific topics like unified policy object definition in depth
https://sched.co/MPl7
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes Policy WG - Zhipeng Huang, Huawei & Erica Von Buelow, Red Hat
The Intro+Deep session for Kubernetes Policy WG will cover the basics of the WG process, what we have achieved and what we will be mostly working at in 2019. We will also cover will specific topics like unified policy object definition in depth
https://sched.co/MPl7
- 3 participants
- 26 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes Storage SIG - Saad Ali, Google
Join Kubernetes SIG Storage to learn about the areas of our focus, what we are working on currently, and how you can get involved. SIG Storage members will also present details on some of the projects the SIG is actively working on like CSI, the migration of in-tree volume plugins to external CSI drivers, etc. Veteran SIG Storage members will be on hand to help answer questions.
https://sched.co/MPlJ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Kubernetes Storage SIG - Saad Ali, Google
Join Kubernetes SIG Storage to learn about the areas of our focus, what we are working on currently, and how you can get involved. SIG Storage members will also present details on some of the projects the SIG is actively working on like CSI, the migration of in-tree volume plugins to external CSI drivers, etc. Veteran SIG Storage members will be on hand to help answer questions.
https://sched.co/MPlJ
- 18 participants
- 1:16 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Multicluster SIG - Irfan Ur Rehman, Huawei & Maru Newby, Red Hat
SIG-Multicluster is focused on solving common challenges related to the management of many Kubernetes clusters, across many cloud providers (so-called hybrid cloud) and applications deployed across this these many, hybrid clusters. We are responsible for designing, discussing, implementing and maintaining API’s, tools and documentation related to multi-cluster administration and application management. This includes not only active automated approaches such as Cluster Federation, but also those that employ batch workflow-style continuous deployment systems like Spinnaker and others. Standalone building blocks for these and other similar systems (for example a cluster registry), and proposed changes to kubernetes core where appropriate are in scope. In the introduction, we will give you an overview of the projects we're currently actively working on, how best to get involved, and what our future plans look like. Then we'll dive deeper! We recently released the second version of our biggest project, Federation v2 as Beta, and have gathered user feedback on how and why several different companies are using it to solve their particular multi-cluster use cases. In this deep-dive session we'll take you through what's in this beta release, and the results of our findings about its real-world usage.
https://sched.co/MPlP
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Multicluster SIG - Irfan Ur Rehman, Huawei & Maru Newby, Red Hat
SIG-Multicluster is focused on solving common challenges related to the management of many Kubernetes clusters, across many cloud providers (so-called hybrid cloud) and applications deployed across this these many, hybrid clusters. We are responsible for designing, discussing, implementing and maintaining API’s, tools and documentation related to multi-cluster administration and application management. This includes not only active automated approaches such as Cluster Federation, but also those that employ batch workflow-style continuous deployment systems like Spinnaker and others. Standalone building blocks for these and other similar systems (for example a cluster registry), and proposed changes to kubernetes core where appropriate are in scope. In the introduction, we will give you an overview of the projects we're currently actively working on, how best to get involved, and what our future plans look like. Then we'll dive deeper! We recently released the second version of our biggest project, Federation v2 as Beta, and have gathered user feedback on how and why several different companies are using it to solve their particular multi-cluster use cases. In this deep-dive session we'll take you through what's in this beta release, and the results of our findings about its real-world usage.
https://sched.co/MPlP
- 8 participants
- 1:02 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: OpenStack SIG - Chris Hoge, OpenStack Foundation & Aditi Sharma, NEC Technologies India
The SIG-OpenStack Introduction and Deep Dive will be an opportunity for members of the Kubernetes community involved with development related to hosting Kubernetes on OpenStack to share existing work and plan for upcoming work. The first portion of the talk will cover basic usage of OpenStack Cloud Provider. We will then follow up with an update on the status of the OpenStack provider for the Cluster API project. The session will wrap up with a deep dive on the software development and future plans.
https://sched.co/MPlD
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: OpenStack SIG - Chris Hoge, OpenStack Foundation & Aditi Sharma, NEC Technologies India
The SIG-OpenStack Introduction and Deep Dive will be an opportunity for members of the Kubernetes community involved with development related to hosting Kubernetes on OpenStack to share existing work and plan for upcoming work. The first portion of the talk will cover basic usage of OpenStack Cloud Provider. We will then follow up with an update on the status of the OpenStack provider for the Cluster API project. The session will wrap up with a deep dive on the software development and future plans.
https://sched.co/MPlD
- 17 participants
- 1:20 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Prometheus - Julius Volz, Prometheus & Richard Hartmann, SpaceNet
Prometheus is an open-source monitoring system and time series database. It features a multi-dimensional data model with a powerful query language and integrates many aspects of systems and service monitoring: from the instrumentation of services over the collection and storage of metrics data, all the way to dashboarding and alerting. Native support for various service discovery mechanisms also make it particularly suitable for dynamic cloud-based environments. In the introduction, Prometheus co-founder Julius Volz explains the architecture of Prometheus and shows its advantages over traditional monitoring systems. For the deep dive: Join Prometheus maintainers to learn more about the design, project goals and history of Prometheus. We will cover in depth concepts of Prometheus to enable you to get a better understanding of what it is all about. The talk will cover topics including federation, relabelling and PromQL joins. In the end, you will leave with an advanced understanding of Prometheus.
https://sched.co/MPiP
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Prometheus - Julius Volz, Prometheus & Richard Hartmann, SpaceNet
Prometheus is an open-source monitoring system and time series database. It features a multi-dimensional data model with a powerful query language and integrates many aspects of systems and service monitoring: from the instrumentation of services over the collection and storage of metrics data, all the way to dashboarding and alerting. Native support for various service discovery mechanisms also make it particularly suitable for dynamic cloud-based environments. In the introduction, Prometheus co-founder Julius Volz explains the architecture of Prometheus and shows its advantages over traditional monitoring systems. For the deep dive: Join Prometheus maintainers to learn more about the design, project goals and history of Prometheus. We will cover in depth concepts of Prometheus to enable you to get a better understanding of what it is all about. The talk will cover topics including federation, relabelling and PromQL joins. In the end, you will leave with an advanced understanding of Prometheus.
https://sched.co/MPiP
- 23 participants
- 1:19 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Serverless WG - Scott Nichols, Google & Doug Davis, IBM
In this session the CNCF Serverless Working Group will provide an update to the community on the state of Serverless since we produced our whitepaper and landscape document over a year ago. We'll overview what's changed in the community and what the new, and exciting, developments are - such as new open source projects and trends. Then we'll turn this into a BoF session where we'd like to hear from the community about where they would like the CNCF, and our WG, to go: e.g. what are the pain points people are seeing with respect to interoperability and portability of their Serverless workloads.
https://sched.co/MPlG
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Serverless WG - Scott Nichols, Google & Doug Davis, IBM
In this session the CNCF Serverless Working Group will provide an update to the community on the state of Serverless since we produced our whitepaper and landscape document over a year ago. We'll overview what's changed in the community and what the new, and exciting, developments are - such as new open source projects and trends. Then we'll turn this into a BoF session where we'd like to hear from the community about where they would like the CNCF, and our WG, to go: e.g. what are the pain points people are seeing with respect to interoperability and portability of their Serverless workloads.
https://sched.co/MPlG
- 16 participants
- 1:27 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Windows SIG - Michael Michael, VMware & Patrick Lang, Microsoft
The chairs for SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This will concentrate on presenting new features that are being delivered and the General Availability of Windows Containers on Kubernetes. We will also have a detailed discussion on our future roadmap, key functionality that we want to enable, and open the floor for Q&A with customers and members of the SIG-Windows community. This is both an introduction to Windows on Kubernetes and a deep dive into the efforts of the team. Some familiarity with Windows on Kubernetes is required for the deep dive part since we will have an in-depth discussion on key features that are in the pipeline for Windows, explain their implementation and have a discussion on tradeoffs with the community.
https://sched.co/MPlM
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Windows SIG - Michael Michael, VMware & Patrick Lang, Microsoft
The chairs for SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This will concentrate on presenting new features that are being delivered and the General Availability of Windows Containers on Kubernetes. We will also have a detailed discussion on our future roadmap, key functionality that we want to enable, and open the floor for Q&A with customers and members of the SIG-Windows community. This is both an introduction to Windows on Kubernetes and a deep dive into the efforts of the team. Some familiarity with Windows on Kubernetes is required for the deep dive part since we will have an in-depth discussion on key features that are in the pipeline for Windows, explain their implementation and have a discussion on tradeoffs with the community.
https://sched.co/MPlM
- 7 participants
- 1:04 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: containerd - Wei Fu, Alibaba & Mike Brown, IBM
We will show how users can enhance containerd without having to first modify containerd’s internals. We’ll also cover building custom snapshotters for special storage needs and integrating with custom runtimes for stronger isolation. Understanding containerd architecture and data flow is key to extending it’s functionality. In this talk, we’ll look at the internals of containerd (covering its components and dataflows) then dive into how external plugins work with containerd. We’ll go over using containerd’s smart client API and plugins to make new/custom integrations. We will demonstrate how various sandbox technologies can be integrated with containerd to work with Kubernetes, including Amazon’s Firecracker, Google’s gVisor etc. Attendees will leave the talk understanding how they can extend/modify containerd to support enhanced integrations for custom production deployments.
https://sched.co/MPkp
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: containerd - Wei Fu, Alibaba & Mike Brown, IBM
We will show how users can enhance containerd without having to first modify containerd’s internals. We’ll also cover building custom snapshotters for special storage needs and integrating with custom runtimes for stronger isolation. Understanding containerd architecture and data flow is key to extending it’s functionality. In this talk, we’ll look at the internals of containerd (covering its components and dataflows) then dive into how external plugins work with containerd. We’ll go over using containerd’s smart client API and plugins to make new/custom integrations. We will demonstrate how various sandbox technologies can be integrated with containerd to work with Kubernetes, including Amazon’s Firecracker, Google’s gVisor etc. Attendees will leave the talk understanding how they can extend/modify containerd to support enhanced integrations for custom production deployments.
https://sched.co/MPkp
- 8 participants
- 1:17 hours
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio on Knative Lessons Learned: How Istio is Fit for Serverless Platform - Ying Chun Guo & Iris Ding, IBM
Serverless is the emerging technology to support microservices. Istio is a popular service mesh platform. How Istio is fit for a serverless platform? It's a question that developers and users of both serverless and Istio shall look at. Knative, a Kubernetes native serverless platform, relies on Istio to provide routing, logging, tracing and metrics support for its serverless platform. In this session, we will discover how Istio is leveraged in Knative, analyze and showcase the advantages and disadvantages that Istio brings to Knative. Finally, we will summarize the lessons learned when utilizing Istio on serverless platform.
https://sched.co/MPeL
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio on Knative Lessons Learned: How Istio is Fit for Serverless Platform - Ying Chun Guo & Iris Ding, IBM
Serverless is the emerging technology to support microservices. Istio is a popular service mesh platform. How Istio is fit for a serverless platform? It's a question that developers and users of both serverless and Istio shall look at. Knative, a Kubernetes native serverless platform, relies on Istio to provide routing, logging, tracing and metrics support for its serverless platform. In this session, we will discover how Istio is leveraged in Knative, analyze and showcase the advantages and disadvantages that Istio brings to Knative. Finally, we will summarize the lessons learned when utilizing Istio on serverless platform.
https://sched.co/MPeL
- 2 participants
- 28 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Metrics, Logs & Traces; What Does the Future Hold for Observability? - Tom Wilkie, VP Product, Grafana Labs & Frederic Branczyk, Software Engineer, Red Hat
The “the three pillars” of observability - monitoring, logging and tracing - were so 2018. A growing consensus is questioning the efficacy of this approach. So what’s the next step?
Without dwelling on past, Frederic and Tom will present three exciting trends in observability for 2019 and beyond. Future developments need to tame complexity, enhance understanding and accelerate incident response.
Expect substantiated opinions, contentious observations and surprising predictions. Are you ready to take this next step?
https://sched.co/MRzA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Metrics, Logs & Traces; What Does the Future Hold for Observability? - Tom Wilkie, VP Product, Grafana Labs & Frederic Branczyk, Software Engineer, Red Hat
The “the three pillars” of observability - monitoring, logging and tracing - were so 2018. A growing consensus is questioning the efficacy of this approach. So what’s the next step?
Without dwelling on past, Frederic and Tom will present three exciting trends in observability for 2019 and beyond. Future developments need to tame complexity, enhance understanding and accelerate incident response.
Expect substantiated opinions, contentious observations and surprising predictions. Are you ready to take this next step?
https://sched.co/MRzA
- 2 participants
- 15 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: From COBOL to Kubernetes: A 250 Year Old Bank's Cloud-Native Journey - Laura Rehorst, Product Owner - Stratus Platform, ABN AMRO Bank NV & Mike Ryan, DevOps Consultant, backtothelab.io
Adopting Kubernetes in an enterprise setting is challenging enough. Doing so in the highly-regulated banking industry presents further challenges. In this presentation Laura Rehorst (Product Owner - Stratus Platform, ABN AMRO) and Mike Ryan (DevOps Consultant) will share some of the lessons learned during ABN AMRO's Kubernetes adoption, discuss how Kubernetes accelerated the bank's Digital Transformation, and demonstrate parts of our Continuous Compliance infrastructure.
The technical part of the presentation will include demonstrations of how Open Policy Agent is used in CICD pipelines and Admission Controllers, our process for automatically repaving infrastructure to protect against Advanced Persistent Threats, and how our ""compliant by default"" approach allows us to move fast (without breaking things).
https://sched.co/MRzj
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: From COBOL to Kubernetes: A 250 Year Old Bank's Cloud-Native Journey - Laura Rehorst, Product Owner - Stratus Platform, ABN AMRO Bank NV & Mike Ryan, DevOps Consultant, backtothelab.io
Adopting Kubernetes in an enterprise setting is challenging enough. Doing so in the highly-regulated banking industry presents further challenges. In this presentation Laura Rehorst (Product Owner - Stratus Platform, ABN AMRO) and Mike Ryan (DevOps Consultant) will share some of the lessons learned during ABN AMRO's Kubernetes adoption, discuss how Kubernetes accelerated the bank's Digital Transformation, and demonstrate parts of our Continuous Compliance infrastructure.
The technical part of the presentation will include demonstrations of how Open Policy Agent is used in CICD pipelines and Admission Controllers, our process for automatically repaving infrastructure to protect against Advanced Persistent Threats, and how our ""compliant by default"" approach allows us to move fast (without breaking things).
https://sched.co/MRzj
- 2 participants
- 19 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Kubernetes - Don't Stop Believin' – Bryan Liles, Senior Staff Engineer, VMware
Kubernetes in 2019: Don’t stop believin’. Kubernetes is five years old. Is the journey over? Of course not. What’s next for the Kubernetes ecosystem? In this keynote, Bryan reflects on where we’ve come from and offers ideas on where we could go next.
https://sched.co/MQWR
Join us for KubeCon + CloudNativeCon in San Diego November 18 - 21. Learn more at https://bit.ly/2XTN3ho. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy and all of the other CNCF-hosted projects.
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Kubernetes - Don't Stop Believin' – Bryan Liles, Senior Staff Engineer, VMware
Kubernetes in 2019: Don’t stop believin’. Kubernetes is five years old. Is the journey over? Of course not. What’s next for the Kubernetes ecosystem? In this keynote, Bryan reflects on where we’ve come from and offers ideas on where we could go next.
https://sched.co/MQWR
Join us for KubeCon + CloudNativeCon in San Diego November 18 - 21. Learn more at https://bit.ly/2XTN3ho. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy and all of the other CNCF-hosted projects.
- 1 participant
- 20 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Networking at Scale - Laurent Bernaille, Datadog & Bowei Du, Google
Running large Kubernetes clusters serving high volumes of traffic (thousands of nodes serving thousands of requests/second) requires tackling scaling challenges in both the control plane and data plane. This talk will present options that allow for performant networking when the number of nodes, services, endpoints and traffic grow in your Kubernetes cluster. Laurent and Manjot will cover how to use CNI plugins for efficient routing by not requiring overlays, how kube-proxy can be configured to handle clusters with thousands of services and endpoint and how ingress controllers can route traffic directly to pods without requiring nodeports. In addition, many of these solutions are at an early stage and the talk will dive into the issues faced and how they were addressed. Finally, the talk will discuss upcoming technologies that will allow Kubernetes to scale even further.
https://sched.co/MPch
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Networking at Scale - Laurent Bernaille, Datadog & Bowei Du, Google
Running large Kubernetes clusters serving high volumes of traffic (thousands of nodes serving thousands of requests/second) requires tackling scaling challenges in both the control plane and data plane. This talk will present options that allow for performant networking when the number of nodes, services, endpoints and traffic grow in your Kubernetes cluster. Laurent and Manjot will cover how to use CNI plugins for efficient routing by not requiring overlays, how kube-proxy can be configured to handle clusters with thousands of services and endpoint and how ingress controllers can route traffic directly to pods without requiring nodeports. In addition, many of these solutions are at an early stage and the talk will dive into the issues faced and how they were addressed. Finally, the talk will discuss upcoming technologies that will allow Kubernetes to scale even further.
https://sched.co/MPch
- 8 participants
- 42 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Networking: How to Write a CNI Plugin From Scratch - Eran Yanay, Twistlock
CNI (Container Network Interface) plugins are the cornerstone of Kubernetes networking. CNI is the standardized way used by Kubernetes to expose network devices to pods, responsible for pod to pod communication across physical nodes in your cluster. During this talk we will: - Explore the details of the CNI plugin interface - Understand how it is used with Kubernetes - Provide a detailed walkthrough of a simple CNI plugin from scratch Attendees in this talk will gain insight into the process of creating a CNI plugin and get familiar with networking decisions required for having their pods connected and reachable from within the cluster and the internet.
https://sched.co/MPd2
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Networking: How to Write a CNI Plugin From Scratch - Eran Yanay, Twistlock
CNI (Container Network Interface) plugins are the cornerstone of Kubernetes networking. CNI is the standardized way used by Kubernetes to expose network devices to pods, responsible for pod to pod communication across physical nodes in your cluster. During this talk we will: - Explore the details of the CNI plugin interface - Understand how it is used with Kubernetes - Provide a detailed walkthrough of a simple CNI plugin from scratch Attendees in this talk will gain insight into the process of creating a CNI plugin and get familiar with networking decisions required for having their pods connected and reachable from within the cluster and the internet.
https://sched.co/MPd2
- 3 participants
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Scalability Definition Evolution - Wojciech Tyczynski & Andrzej Wasylkowski, Google
When Kubernetes 1.0 was announced in 2015, Kubernetes was claimed to support 100-node clusters. In order to prove that, we made the first attempt to define what does it mean that “Kubernetes scales to X-node clusters”. The SLOs making that definition were described in more detail in the first scalability-related Kubernetes blog post. However, as Kubernetes was maturing and new features were being added to it, it turned out that the initial definition is becoming meaningless, especially for larger users. In this presentation, we will explain how the definition was evolving over time and where we are heading, what are our principles driving that evolution and what efforts were spawned as a result of that (such as new SLIs/SLOs effort, testing tooling etc.)
https://sched.co/MPck
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Scalability Definition Evolution - Wojciech Tyczynski & Andrzej Wasylkowski, Google
When Kubernetes 1.0 was announced in 2015, Kubernetes was claimed to support 100-node clusters. In order to prove that, we made the first attempt to define what does it mean that “Kubernetes scales to X-node clusters”. The SLOs making that definition were described in more detail in the first scalability-related Kubernetes blog post. However, as Kubernetes was maturing and new features were being added to it, it turned out that the initial definition is becoming meaningless, especially for larger users. In this presentation, we will explain how the definition was evolving over time and where we are heading, what are our principles driving that evolution and what efforts were spawned as a result of that (such as new SLIs/SLOs effort, testing tooling etc.)
https://sched.co/MPck
- 5 participants
- 39 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Latest Kubernetes Scalability Improvements - Shyam Jeedigunta, Amazon & Yassine Tijani, VMware
As the kubernetes project evolved, it started to increasingly gain adoption by enterprise and large scale users. Kubernetes, with a series of performance and scalability improvements, had come to support high scale an various fronts. However, a more recent onset of large-cluster use-cases highlighted some newer scalability limitations when adopting the “one big cluster” pattern. The project has made impressive progress in the last few releases on those. As scalability is a cross-cutting effort across different verticals, we would like to use this opportunity to walk you through the recent scalability/performance improvements made to kubernetes in different areas and introduce the new APIs and patterns that led to these. We will then discuss key elements that Kubernetes needs to address in order to improve adoption pace of its large-scale users.
https://sched.co/MPce
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Latest Kubernetes Scalability Improvements - Shyam Jeedigunta, Amazon & Yassine Tijani, VMware
As the kubernetes project evolved, it started to increasingly gain adoption by enterprise and large scale users. Kubernetes, with a series of performance and scalability improvements, had come to support high scale an various fronts. However, a more recent onset of large-cluster use-cases highlighted some newer scalability limitations when adopting the “one big cluster” pattern. The project has made impressive progress in the last few releases on those. As scalability is a cross-cutting effort across different verticals, we would like to use this opportunity to walk you through the recent scalability/performance improvements made to kubernetes in different areas and introduce the new APIs and patterns that led to these. We will then discuss key elements that Kubernetes needs to address in order to improve adoption pace of its large-scale users.
https://sched.co/MPce
- 5 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Learn how to Leverage Kubernetes to Support 12 Factor for Enterprise Apps - Brad Topol & Michael Elder, IBM
“12 Factor” is a software methodology for building scalable microservice applications that provides best practices designed to enable applications to be built with portability, resilience, and scalability when deployed to the web. In this talk we provide an overview of the 12 Factor methodology and describe how the core constructs provided by Kubernetes can be leveraged to support the 12 factors for scalable web apps. In this talk we will provide live demonstrations of how Kubernetes can support 12 Factor for not only newer cloud native applications, but also for legacy enterprise middleware applications that include stateful and transactional workloads.
https://sched.co/MPXZ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Learn how to Leverage Kubernetes to Support 12 Factor for Enterprise Apps - Brad Topol & Michael Elder, IBM
“12 Factor” is a software methodology for building scalable microservice applications that provides best practices designed to enable applications to be built with portability, resilience, and scalability when deployed to the web. In this talk we provide an overview of the 12 Factor methodology and describe how the core constructs provided by Kubernetes can be leveraged to support the 12 factors for scalable web apps. In this talk we will provide live demonstrations of how Kubernetes can support 12 Factor for not only newer cloud native applications, but also for legacy enterprise middleware applications that include stateful and transactional workloads.
https://sched.co/MPXZ
- 2 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lessons Learned Migrating Kubernetes from Docker to containerd Runtime - Ana Calin, Paybase
In 2016 Docker span out its core container runtime functionality into a standalone component, containerd. Using containerd developers can customize, extend and swap out functionality as needed, without unnecessary abstraction getting in their way. containerd provides all the core primitives needed to manage containers on Linux and Windows hosts allowing Docker and other leading container systems, including Kubernetes to use it as their core container runtime. containerd is fully OCI compliant. This talk covers lessons learned by migrating a Kubernetes platform from a docker runtime based OS to a containerd based OS. It includes observations around security, performance and usability, as well as the benefit of debugging using crictl - containerd’s cli, compared to the docker cli. Find out if there’s a real benefit in swapping and the kind of effort required to achieve complete migration.
https://sched.co/MPd8
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lessons Learned Migrating Kubernetes from Docker to containerd Runtime - Ana Calin, Paybase
In 2016 Docker span out its core container runtime functionality into a standalone component, containerd. Using containerd developers can customize, extend and swap out functionality as needed, without unnecessary abstraction getting in their way. containerd provides all the core primitives needed to manage containers on Linux and Windows hosts allowing Docker and other leading container systems, including Kubernetes to use it as their core container runtime. containerd is fully OCI compliant. This talk covers lessons learned by migrating a Kubernetes platform from a docker runtime based OS to a containerd based OS. It includes observations around security, performance and usability, as well as the benefit of debugging using crictl - containerd’s cli, compared to the docker cli. Find out if there’s a real benefit in swapping and the kind of effort required to achieve complete migration.
https://sched.co/MPd8
- 6 participants
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Let's Try Every CRI Runtime Available for Kubernetes. No, Really! - Phil Estes, IBM
The CRI (container runtime interface) in Kubernetes—designed to abstract the host’s runtime details from the kubelet codebase—has been around for a few years now. CRI implementations beyond the pre-existing Docker engine driver have been appearing for some time now. As of early 2019, Docker, Virtlet, containerd, cri-o and Sylab’s Singularity project all implement the CRI! If you add in Kata containers and AWS Firecracker, the unique number of CRI combinations is growing rapidly. How would you decide which CRI implementation is right for you? Clearly each have tradeoffs that are worth understanding whether you are a developer or operator. We'll live demo each CRI runtime and summarize the details and why a cluster might choose—or not choose—a particular runtime. It will be a fast-paced but hopefully informational talk for those looking to understand the CRI runtime landscape!
https://sched.co/MPdB
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Let's Try Every CRI Runtime Available for Kubernetes. No, Really! - Phil Estes, IBM
The CRI (container runtime interface) in Kubernetes—designed to abstract the host’s runtime details from the kubelet codebase—has been around for a few years now. CRI implementations beyond the pre-existing Docker engine driver have been appearing for some time now. As of early 2019, Docker, Virtlet, containerd, cri-o and Sylab’s Singularity project all implement the CRI! If you add in Kata containers and AWS Firecracker, the unique number of CRI combinations is growing rapidly. How would you decide which CRI implementation is right for you? Clearly each have tradeoffs that are worth understanding whether you are a developer or operator. We'll live demo each CRI runtime and summarize the details and why a cluster might choose—or not choose—a particular runtime. It will be a fast-paced but hopefully informational talk for those looking to understand the CRI runtime landscape!
https://sched.co/MPdB
- 1 participant
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Managing Edge Computing with Serverless - Lev Radomislensky, Iguazio
Lev Radomislensky will talk about a Kubernetes-based edge solution for retail analytics based on spinning Kubernetes clusters at the edge. The solution relies on a combination of an MQTT broker such as Google IoT Core together with an edge deployed registry, database and serverless functions. In this retail solution, all edge devices are managed in the cloud, while edge computing is managed through serverless functions. Edge storage is managed with a multi model database which stores time series and machine learning models, building applications on top of Kubernetes to benefit from a cloud-native architecture. Lev will demonstrate the update of functions through the MQTT broker, managing revisions and monitoring status. He will also demo machine learning models for image recognition and predictive analytics with serverless.
https://sched.co/MPeg
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Managing Edge Computing with Serverless - Lev Radomislensky, Iguazio
Lev Radomislensky will talk about a Kubernetes-based edge solution for retail analytics based on spinning Kubernetes clusters at the edge. The solution relies on a combination of an MQTT broker such as Google IoT Core together with an edge deployed registry, database and serverless functions. In this retail solution, all edge devices are managed in the cloud, while edge computing is managed through serverless functions. Edge storage is managed with a multi model database which stores time series and machine learning models, building applications on top of Kubernetes to benefit from a cloud-native architecture. Lev will demonstrate the update of functions through the MQTT broker, managing revisions and monitoring status. He will also demo machine learning models for image recognition and predictive analytics with serverless.
https://sched.co/MPeg
- 3 participants
- 31 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Modern CI/CD with Tekton and Prow Automated via Jenkins X - James Rawlings, Cloudbees & Christie Wilson, Google
There’s been lots of innovation in the CI/CD space around the Kubernetes ecosystem, with the introduction of Tekton (formerly Knative) Pipeline and it's deep integration with Prow from the Kubernetes testing sig. This session will show you how to get started with Pipeline on your own clusters for your CI/CD needs, leveraging Prow for webhooks and powerful ChatOps capabilities on pull requests and issues. The live demo will also show we can use Jenkins X to orchestrate and automate building applications leveraging both Pipeline and Prow, so that we can all benefit from the awesome innovation.
https://sched.co/MPZ4
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Modern CI/CD with Tekton and Prow Automated via Jenkins X - James Rawlings, Cloudbees & Christie Wilson, Google
There’s been lots of innovation in the CI/CD space around the Kubernetes ecosystem, with the introduction of Tekton (formerly Knative) Pipeline and it's deep integration with Prow from the Kubernetes testing sig. This session will show you how to get started with Pipeline on your own clusters for your CI/CD needs, leveraging Prow for webhooks and powerful ChatOps capabilities on pull requests and issues. The live demo will also show we can use Jenkins X to orchestrate and automate building applications leveraging both Pipeline and Prow, so that we can all benefit from the awesome innovation.
https://sched.co/MPZ4
- 4 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Monitoring Service Architecture and Health with BPF - Jonathan Perry, Flowmill, Inc.
Kubernetes has made it incredibly easy to build distributed applications out of large numbers of microservices. Monitoring, or even accurately tracking, the interaction between each of these services can be a significant operational challenge. In this talk, we will explain how you can get 100% visibility into the flow of data between services in your Kubernetes cluster using BPF (Berkeley Packet Filter). We will first discuss how flow data can help you monitor service architecture and assess the health of microservices. Next we will focus on how you can use BPF (extended Berkeley Packet Filter) to extract flow data without any changes to application code, aggregate it across pods, services, and namespaces, and analyze it with Prometheus. Finally, we will show this in action in our production cluster, and discuss some of challenges that emerge as you roll it out at scale.
https://sched.co/MPbs
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Monitoring Service Architecture and Health with BPF - Jonathan Perry, Flowmill, Inc.
Kubernetes has made it incredibly easy to build distributed applications out of large numbers of microservices. Monitoring, or even accurately tracking, the interaction between each of these services can be a significant operational challenge. In this talk, we will explain how you can get 100% visibility into the flow of data between services in your Kubernetes cluster using BPF (Berkeley Packet Filter). We will first discuss how flow data can help you monitor service architecture and assess the health of microservices. Next we will focus on how you can use BPF (extended Berkeley Packet Filter) to extract flow data without any changes to application code, aggregate it across pods, services, and namespaces, and analyze it with Prometheus. Finally, we will show this in action in our production cluster, and discuss some of challenges that emerge as you roll it out at scale.
https://sched.co/MPbs
- 3 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Moving People and Products with Machine Learning on Kubeflow - Jeremy Lewi, Google & Willem Pienaar, GO-JEK
GOJEK, the Southeast Asian super app, has experienced a massive increase in customer growth by leveraging machine learning throughout its products. However, building production grade machine learning systems is still fraught with challenges and delays. In order to address these challenges GOJEK has adopted Kubeflow, a fully open source cloud native platform for machine learning. In this talk you will learn how Kubeflow empowers teams at GOJEK by increasing the speed at which they turn ideas into products. One of these products, the GOJEK driver (blog post: http://bit.ly/2MhujA1) allocation system, has been built from the ground up on Kubeflow, and fully utilizes cloud native tooling. We will show how Kubeflow, which leverages Kubernetes and Istio, simplifies the process of rapidly training, deploying, and evaluating models on this multi-objective ML system.
https://sched.co/MPac
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Moving People and Products with Machine Learning on Kubeflow - Jeremy Lewi, Google & Willem Pienaar, GO-JEK
GOJEK, the Southeast Asian super app, has experienced a massive increase in customer growth by leveraging machine learning throughout its products. However, building production grade machine learning systems is still fraught with challenges and delays. In order to address these challenges GOJEK has adopted Kubeflow, a fully open source cloud native platform for machine learning. In this talk you will learn how Kubeflow empowers teams at GOJEK by increasing the speed at which they turn ideas into products. One of these products, the GOJEK driver (blog post: http://bit.ly/2MhujA1) allocation system, has been built from the ground up on Kubeflow, and fully utilizes cloud native tooling. We will show how Kubeflow, which leverages Kubernetes and Istio, simplifies the process of rapidly training, deploying, and evaluating models on this multi-objective ML system.
https://sched.co/MPac
- 2 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Network Observability with IPFIX, Prometheus and Elastic Stack - Rastislav Szabo, Pantheon Technologies
In traditional networks, protocols such as Netflow or IPFIX are used to export packet flow records from networking devices. In k8s, each node effectively becomes a switch/router of the traffic passing between the PODs. Some k8s CNI plugins allow using these protocols to export traffic flow information as well. Together with good analysis tools, this can provide better visibility into the network in the cluster (both in real time and in history), which is crucial for debugging networking issues, identifying the bottlenecks, or investigation of security incidents. In this talk, I will showcase how a powerful IPFIX collector and analyzer for k8s can be build using existing open-source tools: GoFlow and Logstash for collecting and post-processing of the flow records, Elasticsearch as the storage and search engine for the flows, and Prometheus + Kibana for easy observability of the flows.
https://sched.co/MPbp
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Network Observability with IPFIX, Prometheus and Elastic Stack - Rastislav Szabo, Pantheon Technologies
In traditional networks, protocols such as Netflow or IPFIX are used to export packet flow records from networking devices. In k8s, each node effectively becomes a switch/router of the traffic passing between the PODs. Some k8s CNI plugins allow using these protocols to export traffic flow information as well. Together with good analysis tools, this can provide better visibility into the network in the cluster (both in real time and in history), which is crucial for debugging networking issues, identifying the bottlenecks, or investigation of security incidents. In this talk, I will showcase how a powerful IPFIX collector and analyzer for k8s can be build using existing open-source tools: GoFlow and Logstash for collecting and post-processing of the flow records, Elasticsearch as the storage and search engine for the flows, and Prometheus + Kibana for easy observability of the flows.
https://sched.co/MPbp
- 3 participants
- 26 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Networking the Service Mesh Proxy: Where We Are, Where We’re Going - Tim Swanson & John Joyce, Cisco
Redirecting application traffic to/from a proxy and lifecycle management of proxy instances are common requirements for service mesh implementations. The traffic and lifecycle problems are, to a large extent, tied. Many ideas for flexibility and optimization are emerging from multiple communities. This talk will discuss the current approaches for networking application service instances with sidecar proxies including lifecycle management. It will cover those implemented by Istio & Linkerd (including the Istio CNI plugin) as well as other open projects solving the same or similar patterns.
https://sched.co/MPes
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Networking the Service Mesh Proxy: Where We Are, Where We’re Going - Tim Swanson & John Joyce, Cisco
Redirecting application traffic to/from a proxy and lifecycle management of proxy instances are common requirements for service mesh implementations. The traffic and lifecycle problems are, to a large extent, tied. Many ideas for flexibility and optimization are emerging from multiple communities. This talk will discuss the current approaches for networking application service instances with sidecar proxies including lifecycle management. It will cover those implemented by Istio & Linkerd (including the Istio CNI plugin) as well as other open projects solving the same or similar patterns.
https://sched.co/MPes
- 2 participants
- 26 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Oops!...I Did It Again — I Reinvented gRPC - Austin Lamon & Dave Zolotusky, Spotify
Does your organization have talented engineers who know the in’s and out’s of your infrastructure and operations? Do they know just the tool that will solve all your problems and want to build it? That happens every day at Spotify and is the reason we’ve built our own RPC framework… complete with it’s own CLI, protocol, rate limiting, circuit breaking, and performance tooling... that we're actively moving away from toward gRPC. Metaphorically, it’s much like choosing to build the perfect puzzle piece to fit within existing infrastructure versus tweaking infrastructure and adopting an Open Source puzzle piece. In this session we will discuss this ‘reinvention’ phenomenon, explain the tradeoffs of building foundational technologies like gRPC in-house (we accidentally built a Kubernetes competitor many years ago too, oops!), and detail the often overlooked benefits of using Open Source.
https://sched.co/MPZk
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Oops!...I Did It Again — I Reinvented gRPC - Austin Lamon & Dave Zolotusky, Spotify
Does your organization have talented engineers who know the in’s and out’s of your infrastructure and operations? Do they know just the tool that will solve all your problems and want to build it? That happens every day at Spotify and is the reason we’ve built our own RPC framework… complete with it’s own CLI, protocol, rate limiting, circuit breaking, and performance tooling... that we're actively moving away from toward gRPC. Metaphorically, it’s much like choosing to build the perfect puzzle piece to fit within existing infrastructure versus tweaking infrastructure and adopting an Open Source puzzle piece. In this session we will discuss this ‘reinvention’ phenomenon, explain the tradeoffs of building foundational technologies like gRPC in-house (we accidentally built a Kubernetes competitor many years ago too, oops!), and detail the often overlooked benefits of using Open Source.
https://sched.co/MPZk
- 4 participants
- 30 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Ouch! What I Learned From Being Hit by a Serverless, Ruby Boomerang! - Ewan Slater, Oracle
Have you ever done something that's come back and bitten you? I have (frequently). Asking an open source project to put more effort into supporting your favourite language (Ruby in my case) is asking to be hit by your own boomerang - "that's a great idea, why don't you get started?" In this talk I'll describe how I got hit by my own Ruby boomerang and wound up maintaining the Ruby FDK for the Fn project (not my day job). I'll cover: - why I believe we need open source serverless - the Fn project - the Ruby FDK (Function Development Kit) - my experience of contributing to open source - why I still want to be involved - how I've encouraged others to start - why you might want to get involved
https://sched.co/MPed
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Ouch! What I Learned From Being Hit by a Serverless, Ruby Boomerang! - Ewan Slater, Oracle
Have you ever done something that's come back and bitten you? I have (frequently). Asking an open source project to put more effort into supporting your favourite language (Ruby in my case) is asking to be hit by your own boomerang - "that's a great idea, why don't you get started?" In this talk I'll describe how I got hit by my own Ruby boomerang and wound up maintaining the Ruby FDK for the Fn project (not my day job). I'll cover: - why I believe we need open source serverless - the Fn project - the Ruby FDK (Function Development Kit) - my experience of contributing to open source - why I still want to be involved - how I've encouraged others to start - why you might want to get involved
https://sched.co/MPed
- 4 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Care and Feeding: Burnout and Self Care in our Community - Aaron Crickenberger, Google; Rithu Leena, Lyft; Ashley McNamara, Microsoft; Stephen Augustus, VMware; and Noah Kantrowitz, Ridecell
Burnout has recently been discussed a lot in both the open source community and broader tech industry, but too often these discussions simply acknowledge that burnout exists. We can do better. The care and feeding of ourselves is a start. How about the care and feeding of our community? Together we will talk about the symptoms, sources, and (sometimes) solutions that we have used within the Kubernetes community to address burnout Whether you are personally struggling, know someone that is, or just want to know more about the difficulties our community faces, please join five of our community leaders in a discussion about burnout.
https://sched.co/MPZt
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Care and Feeding: Burnout and Self Care in our Community - Aaron Crickenberger, Google; Rithu Leena, Lyft; Ashley McNamara, Microsoft; Stephen Augustus, VMware; and Noah Kantrowitz, Ridecell
Burnout has recently been discussed a lot in both the open source community and broader tech industry, but too often these discussions simply acknowledge that burnout exists. We can do better. The care and feeding of ourselves is a start. How about the care and feeding of our community? Together we will talk about the symptoms, sources, and (sometimes) solutions that we have used within the Kubernetes community to address burnout Whether you are personally struggling, know someone that is, or just want to know more about the difficulties our community faces, please join five of our community leaders in a discussion about burnout.
https://sched.co/MPZt
- 14 participants
- 49 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Going Multi-Cloud for Realz. Stories From Media, Retail, & Infrastructure - Lisa-Marie Namphy, Portworx; Eric Han, Portworx; Umair Mufti, DreamWorks Animation; Allan Naim, Google; and Joseph Sandoval, Adobe
Multi-cloud is a long-term strategy for how enterprises source infrastructure that also informs a practical approach for running across disjoint, hybrid environments. Being able to move deliver entire applications into any infrastructure requires both a mind-shift in operations and new set of tooling. It can be hard for teams to decide how to approach multi-cloud workflows, and operationalize, and push their infrastructure providers as organizations move to a multi-cloud world. This panel brings together practitioners and infrastructure providers who have built this multi-cloud world and will offer their perspective. As a panel, we will cover: --How multi-cloud changes the development process --What gains can teams expect in the early days of multi-cloud (and how to achieve them) --What kinds of workloads are being moved --What are the best successes and worst horror stories
https://sched.co/MPY9
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Going Multi-Cloud for Realz. Stories From Media, Retail, & Infrastructure - Lisa-Marie Namphy, Portworx; Eric Han, Portworx; Umair Mufti, DreamWorks Animation; Allan Naim, Google; and Joseph Sandoval, Adobe
Multi-cloud is a long-term strategy for how enterprises source infrastructure that also informs a practical approach for running across disjoint, hybrid environments. Being able to move deliver entire applications into any infrastructure requires both a mind-shift in operations and new set of tooling. It can be hard for teams to decide how to approach multi-cloud workflows, and operationalize, and push their infrastructure providers as organizations move to a multi-cloud world. This panel brings together practitioners and infrastructure providers who have built this multi-cloud world and will offer their perspective. As a panel, we will cover: --How multi-cloud changes the development process --What gains can teams expect in the early days of multi-cloud (and how to achieve them) --What kinds of workloads are being moved --What are the best successes and worst horror stories
https://sched.co/MPY9
- 5 participants
- 40 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Peribolos: How Kubernetes Uses GitOps to Manage GitHub Communities at Scale - Christoph Blecker, Red Hat & Erick Fejta, Google
With 6 organizations, 150+ repositories, 400+ GitHub teams, and 800+ unique members, the Kubernetes project has a massive GitHub footprint. Scaling this footprint without excessive manual toil or impacting project velocity is a challenge. We addressed this challenge by defining our GitHub organization as configuration in a GitHub repository. We wrote tooling, which we called peribolos, that continually applies this config, including whenever we merge changes to it. Peribolos is built on top of prow, the CI system the Kubernetes project built and runs on. We will show how it works, discuss some of its design decisions around delegation and safety and help you decide whether it can benefit your organization.
https://sched.co/MPZA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Peribolos: How Kubernetes Uses GitOps to Manage GitHub Communities at Scale - Christoph Blecker, Red Hat & Erick Fejta, Google
With 6 organizations, 150+ repositories, 400+ GitHub teams, and 800+ unique members, the Kubernetes project has a massive GitHub footprint. Scaling this footprint without excessive manual toil or impacting project velocity is a challenge. We addressed this challenge by defining our GitHub organization as configuration in a GitHub repository. We wrote tooling, which we called peribolos, that continually applies this config, including whenever we merge changes to it. Peribolos is built on top of prow, the CI system the Kubernetes project built and runs on. We will show how it works, discuss some of its design decisions around delegation and safety and help you decide whether it can benefit your organization.
https://sched.co/MPZA
- 3 participants
- 28 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Protecting the Data Lake - Ash Narkar, Styra, Inc
In today’s world, data is at the core of every business decision made. As data grows, companies have started implementing their own Data Lakes to store and run analytics on the data. Ceph is widely used to implement a Data Lake. Securing the data is a priority for every organization and is influenced by the technologies they use, legal regulations, internal conventions, and so on. Enforcing policies to protect the data is difficult because it often affects the entire stack, requires state from multiple locations, and must evolve over time as business needs change. In this talk, we will see how the Open Policy Agent (OPA) can be integrated with Ceph to guard access to sensitive data while satisfying strict latency and availability requirements. In our demo we will deploy Ceph in Kubernetes using Rook and show how to enforce custom policies over the Ceph Storage Cluster.
https://sched.co/MPdu
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Protecting the Data Lake - Ash Narkar, Styra, Inc
In today’s world, data is at the core of every business decision made. As data grows, companies have started implementing their own Data Lakes to store and run analytics on the data. Ceph is widely used to implement a Data Lake. Securing the data is a priority for every organization and is influenced by the technologies they use, legal regulations, internal conventions, and so on. Enforcing policies to protect the data is difficult because it often affects the entire stack, requires state from multiple locations, and must evolve over time as business needs change. In this talk, we will see how the Open Policy Agent (OPA) can be integrated with Ceph to guard access to sensitive data while satisfying strict latency and availability requirements. In our demo we will deploy Ceph in Kubernetes using Rook and show how to enforce custom policies over the Ceph Storage Cluster.
https://sched.co/MPdu
- 8 participants
- 38 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Public Technical Oversight Committee (TOC) Meeting - Moderated by Chris Aniszczyk, Cloud Native Computing Foundation
The Technical Oversight Committee (TOC) provides technical leadership to the cloud-native community. The CNCF will host a public TOC meeting, inviting the community to discuss the project roadmap for 2019, the upcoming TOC Election Schedule for 2019, along with holding an open Q&A for the community with TOC members.
https://sched.co/Ngtv
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Public Technical Oversight Committee (TOC) Meeting - Moderated by Chris Aniszczyk, Cloud Native Computing Foundation
The Technical Oversight Committee (TOC) provides technical leadership to the cloud-native community. The CNCF will host a public TOC meeting, inviting the community to discuss the project roadmap for 2019, the upcoming TOC Election Schedule for 2019, along with holding an open Q&A for the community with TOC members.
https://sched.co/Ngtv
- 10 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Reenforce Kubernetes Image Isolation in Multi-Tenant Service - Eric Lin, Alibaba
Serverless Computing is one of the fast-evolving technologies in Public Cloud nowadays, such as AWS fargate, Azure ACI. However, this introduces various isolation challenges as multiple tenants could share the same physical server. This talk introduces one of the key isolation issues while using k8s as a public multi-tenant service. The isolation issues within this talk are particularly focused on the image. K8s is a great project that aggregates a large number of computing nodes and providing container service to tenants, which also provides very basic isolation features. However, the isolation is still not good enough to serve the public cloud scenario. There are some flaws existing in both k8s and its dependency containerd. And in this talk, we will go through the causes of these flaws and how we fix and feedback it to upstream
https://sched.co/MPdE
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Reenforce Kubernetes Image Isolation in Multi-Tenant Service - Eric Lin, Alibaba
Serverless Computing is one of the fast-evolving technologies in Public Cloud nowadays, such as AWS fargate, Azure ACI. However, this introduces various isolation challenges as multiple tenants could share the same physical server. This talk introduces one of the key isolation issues while using k8s as a public multi-tenant service. The isolation issues within this talk are particularly focused on the image. K8s is a great project that aggregates a large number of computing nodes and providing container service to tenants, which also provides very basic isolation features. However, the isolation is still not good enough to serve the public cloud scenario. There are some flaws existing in both k8s and its dependency containerd. And in this talk, we will go through the causes of these flaws and how we fix and feedback it to upstream
https://sched.co/MPdE
- 4 participants
- 24 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Repeatable Deployments with Kubernetes, Helm & Bazel - Rohan Singh, Hustle Inc
Can you run a single command to build your applications, generate the appropriate Kube manifests, and deploy everything to each of your clusters? If you've tried to set this up, you know that you can quickly end up with a rat's nest of custom scripts and repetitive YAML blobs. Even tools like Helm don't completely solve the problem. In this talk, we'll cover how to wrangle this complexity with Bazel, a multi-platform build tool from Google. With Bazel, we can build Docker images, generate Kube objects, and deploy to a live cluster in a single step. We'll also see how to use Bazel to parameterize YAML files and deploy slightly different configurations to different environments, without having to repeat and duplicate entire manifests. Finally, we'll cover how Bazel can be extended to compile and deploy Helm charts as well.
https://sched.co/MPYs
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Repeatable Deployments with Kubernetes, Helm & Bazel - Rohan Singh, Hustle Inc
Can you run a single command to build your applications, generate the appropriate Kube manifests, and deploy everything to each of your clusters? If you've tried to set this up, you know that you can quickly end up with a rat's nest of custom scripts and repetitive YAML blobs. Even tools like Helm don't completely solve the problem. In this talk, we'll cover how to wrangle this complexity with Bazel, a multi-platform build tool from Google. With Bazel, we can build Docker images, generate Kube objects, and deploy to a live cluster in a single step. We'll also see how to use Bazel to parameterize YAML files and deploy slightly different configurations to different environments, without having to repeat and duplicate entire manifests. Finally, we'll cover how Bazel can be extended to compile and deploy Helm charts as well.
https://sched.co/MPYs
- 9 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Running Kubernetes on Ephemeral Infrastructure - Greg DeArment & Vlad Ungureanu, Palantir Technologies
Palantir runs millions of Kubernetes pods on thousands of nodes to power data platforms that, in turn, power the world's most important institutions. Palantir's infrastructure engineering team decided early in their Kubernetes journey to make infrastructure failure a feature of the deployment systems: every node gets destroyed and rebuilt every 48 hours, thus turning extraordinary events into daily routine. In this talk, Greg and Vlad present the reasoning behind implementing an ephemeral Kubernetes infrastructure, discuss the consequences for application architecture, and sketch solutions to the problems encountered along the way.
https://sched.co/MPYX
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Running Kubernetes on Ephemeral Infrastructure - Greg DeArment & Vlad Ungureanu, Palantir Technologies
Palantir runs millions of Kubernetes pods on thousands of nodes to power data platforms that, in turn, power the world's most important institutions. Palantir's infrastructure engineering team decided early in their Kubernetes journey to make infrastructure failure a feature of the deployment systems: every node gets destroyed and rebuilt every 48 hours, thus turning extraordinary events into daily routine. In this talk, Greg and Vlad present the reasoning behind implementing an ephemeral Kubernetes infrastructure, discuss the consequences for application architecture, and sketch solutions to the problems encountered along the way.
https://sched.co/MPYX
- 9 participants
- 39 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Running eBay’s High-Performance Workloads with Kubernetes - Xin Ma, eBay
In the past two years we’ve been expanding our k8s deployments significantly fast by moving more and more production workloads into kubernetes. We’re now running multiple thousand-node k8s clusters from our data centers across the world, hosting various production workloads, including software load balancers on the edge, search engine, production databases, hadoop clusters, and GPU / machine learning applications, etc. Most of these workloads are critical to eBay’s business requiring higher performance and reliability. In this presentation, I’ll share our best practices as well as lessons learned when migrating high performance production workloads into containers running with kubernetes. You will hear stories to containerize applications without code change, leverage k8s capabilities to turn them into good k8s citizens, and more importantly, how we tune and optimize their performance.
https://sched.co/MPct
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Running eBay’s High-Performance Workloads with Kubernetes - Xin Ma, eBay
In the past two years we’ve been expanding our k8s deployments significantly fast by moving more and more production workloads into kubernetes. We’re now running multiple thousand-node k8s clusters from our data centers across the world, hosting various production workloads, including software load balancers on the edge, search engine, production databases, hadoop clusters, and GPU / machine learning applications, etc. Most of these workloads are critical to eBay’s business requiring higher performance and reliability. In this presentation, I’ll share our best practices as well as lessons learned when migrating high performance production workloads into containers running with kubernetes. You will hear stories to containerize applications without code change, leverage k8s capabilities to turn them into good k8s citizens, and more importantly, how we tune and optimize their performance.
https://sched.co/MPct
- 3 participants
- 32 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scaling Edge Operations at Onefootball with Ambassador: From 0 to 6000 rps - Jonathan Juares Beber & Rodrigo Del Monte, Onefootball GmbH
Onefootball is a media company with more than 10M monthly active users delivering more than 10 TB daily content. We needed a Kubernetes-based API Gateway and Ingress solution that could handle our 6,000 rps workload reliably and efficiently. In this session, we'll talk about why we chose the open source Ambassador API gateway, and how we made the migration to it. We will cover the challenges identified and the benefits we've seen, like: Cost reduction: Reduced the number of cloud-based load balancers from >100 to 4. Observability: The combination of Ambassador and Prometheus' capabilities to empower our small SRE team. Maintainability: We took advantage of Ambassador's Kubernetes declarative configuration, and we were able to decouple the cluster settings and applications' delivery process allowing more velocity on the shipment of new features.
https://sched.co/MPYF
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scaling Edge Operations at Onefootball with Ambassador: From 0 to 6000 rps - Jonathan Juares Beber & Rodrigo Del Monte, Onefootball GmbH
Onefootball is a media company with more than 10M monthly active users delivering more than 10 TB daily content. We needed a Kubernetes-based API Gateway and Ingress solution that could handle our 6,000 rps workload reliably and efficiently. In this session, we'll talk about why we chose the open source Ambassador API gateway, and how we made the migration to it. We will cover the challenges identified and the benefits we've seen, like: Cost reduction: Reduced the number of cloud-based load balancers from >100 to 4. Observability: The combination of Ambassador and Prometheus' capabilities to empower our small SRE team. Maintainability: We took advantage of Ambassador's Kubernetes declarative configuration, and we were able to decouple the cluster settings and applications' delivery process allowing more velocity on the shipment of new features.
https://sched.co/MPYF
- 3 participants
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scaling and Securing Spark on Kubernetes at Bloomberg - Ilan Filonenko, Bloomberg
In the management of its Data Science Platform, Bloomberg has always focused on providing tenants with secure, reliable, and scalable solutions for their machine learning workflows and ETL pipelines. In adapting Kubernetes to support a diverse set of machine learning workloads, we decided to also support Apache Spark with Native Kubernetes integration. In this talk we'll discuss how we designed: a scalable and resilient External Shuffle Service for Dynamic Resource Allocation, a pluggable interface for secure worker creation, and a token renewal service that handles privacy and security across Spark jobs. These topics will address multi-tenancy, data security and privacy, and elastic resource scalability in the context of running Spark natively on Kubernetes, with an emphasis on disaggregated compute.
https://sched.co/MPal
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scaling and Securing Spark on Kubernetes at Bloomberg - Ilan Filonenko, Bloomberg
In the management of its Data Science Platform, Bloomberg has always focused on providing tenants with secure, reliable, and scalable solutions for their machine learning workflows and ETL pipelines. In adapting Kubernetes to support a diverse set of machine learning workloads, we decided to also support Apache Spark with Native Kubernetes integration. In this talk we'll discuss how we designed: a scalable and resilient External Shuffle Service for Dynamic Resource Allocation, a pluggable interface for secure worker creation, and a token renewal service that handles privacy and security across Spark jobs. These topics will address multi-tenancy, data security and privacy, and elastic resource scalability in the context of running Spark natively on Kubernetes, with an emphasis on disaggregated compute.
https://sched.co/MPal
- 5 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Secrets Store CSI Driver-Bring Your Own Enterprise Secrets Store to K8s - Rita Zhang, Microsoft & Anubhav Mishra, HashiCorp
So you are running your applications in Kubernetes, but you already have a solution for managing and storing all your application secrets. How do you tell Kubernetes to use the same source of truth for secrets? Meet Secrets Store CSI driver, a simple way to retrieve sensitive data from enterprise-grade external stores such as Azure Key Vault and HashiCorp Vault using volumes. Learn how to use Secrets Store CSI Driver to mount secrets, keys, and certs stored in common external stores into their Kubernetes applications using a volume. We will also look at how you can add your own external secret store via the provider interface.
https://sched.co/MPdZ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Secrets Store CSI Driver-Bring Your Own Enterprise Secrets Store to K8s - Rita Zhang, Microsoft & Anubhav Mishra, HashiCorp
So you are running your applications in Kubernetes, but you already have a solution for managing and storing all your application secrets. How do you tell Kubernetes to use the same source of truth for secrets? Meet Secrets Store CSI driver, a simple way to retrieve sensitive data from enterprise-grade external stores such as Azure Key Vault and HashiCorp Vault using volumes. Learn how to use Secrets Store CSI Driver to mount secrets, keys, and certs stored in common external stores into their Kubernetes applications using a volume. We will also look at how you can add your own external secret store via the provider interface.
https://sched.co/MPdZ
- 6 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Securing Kubernetes with Trusted Platform Module (TPM) - Alex Tcherniakhovski & Andrew Lytvynov, Google
TPM is a discrete tamper-resistant device soldered to the motherboard and it operates independently of its host. TPM devices are designed to protect sensitive credentials at the hardware level: credentials created and stored within TPM devices cannot be extracted, even if host is compromised. Additionally, TPM devices provide a suite of cryptographic operations for applications to leverage. In this demo heavy session, we will review core TPM capabilities and how they could be used in for extending Kubernetes security. Attendees will leave with understanding how to utilize TPM in the context of Kubernetes. Concretely, the following scenarios will be covered: - Bootstrap trusted identity of cluster nodes - Seal sensitive data - Generate cryptographically protected logs - Generate unexportable TLS credentials
https://sched.co/MPdN
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Securing Kubernetes with Trusted Platform Module (TPM) - Alex Tcherniakhovski & Andrew Lytvynov, Google
TPM is a discrete tamper-resistant device soldered to the motherboard and it operates independently of its host. TPM devices are designed to protect sensitive credentials at the hardware level: credentials created and stored within TPM devices cannot be extracted, even if host is compromised. Additionally, TPM devices provide a suite of cryptographic operations for applications to leverage. In this demo heavy session, we will review core TPM capabilities and how they could be used in for extending Kubernetes security. Attendees will leave with understanding how to utilize TPM in the context of Kubernetes. Concretely, the following scenarios will be covered: - Bootstrap trusted identity of cluster nodes - Seal sensitive data - Generate cryptographically protected logs - Generate unexportable TLS credentials
https://sched.co/MPdN
- 4 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Securing Multi-Cloud Cross-Cluster Communication with SPIFFE and SPIRE - Evan Gilman, Scytale, Inc.
Securing network traffic that traverses multiple software stacks and platforms is challenging. Difficulties involving platform-aware applications, supporting multiple authentication schemes, and maintaining complex authorization logic are all commonplace, despite the fact that we'd really rather avoid these things. SPIFFE provides a platform-agnostic identity layer that can be used to authenticate and secure workload communication regardless of where the workload lives. AWS, Azure, and on-prem? Ok! Kubernetes, Mesos, and bare metal? No problem! SPIFFE allows you to mix and match without the need to worry about how workloads within them will securely communicate with each other. In this talk, we will leverage SPIRE to demonstrate automated issuance of SPIFFE identity across disparate orchestrators and platforms, allowing for seamless authentication of systems within and between them.
https://sched.co/MPdr
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Securing Multi-Cloud Cross-Cluster Communication with SPIFFE and SPIRE - Evan Gilman, Scytale, Inc.
Securing network traffic that traverses multiple software stacks and platforms is challenging. Difficulties involving platform-aware applications, supporting multiple authentication schemes, and maintaining complex authorization logic are all commonplace, despite the fact that we'd really rather avoid these things. SPIFFE provides a platform-agnostic identity layer that can be used to authenticate and secure workload communication regardless of where the workload lives. AWS, Azure, and on-prem? Ok! Kubernetes, Mesos, and bare metal? No problem! SPIFFE allows you to mix and match without the need to worry about how workloads within them will securely communicate with each other. In this talk, we will leverage SPIRE to demonstrate automated issuance of SPIFFE identity across disparate orchestrators and platforms, allowing for seamless authentication of systems within and between them.
https://sched.co/MPdr
- 7 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Serverless Operations: From Dev to Production - Erwin van Eyk, Platform9
FaaS functions on Kubernetes are increasingly popular. We often talk about the developer productivity advantages, such as the time to create a useful application from scratch without learning a lot about Kubernetes. In this talk we will focus on the operational aspects of serverless applications on Kubernetes. What does it take to use serverless functions in Production, with safety, and at scale? This talk covers 6 specific approaches, patterns and best practices that you can use with any FaaS/Serverless framework. These practices are geared towards improving quality, reducing risk, optimizing costs, and generally moving you closer towards production-readiness with serverless systems.
https://sched.co/MPej
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Serverless Operations: From Dev to Production - Erwin van Eyk, Platform9
FaaS functions on Kubernetes are increasingly popular. We often talk about the developer productivity advantages, such as the time to create a useful application from scratch without learning a lot about Kubernetes. In this talk we will focus on the operational aspects of serverless applications on Kubernetes. What does it take to use serverless functions in Production, with safety, and at scale? This talk covers 6 specific approaches, patterns and best practices that you can use with any FaaS/Serverless framework. These practices are geared towards improving quality, reducing risk, optimizing costs, and generally moving you closer towards production-readiness with serverless systems.
https://sched.co/MPej
- 1 participant
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sharing is Caring: Your Kubernetes Cluster, Namespaces, and You - Amy Chen & Eryn Muetzel, VMware
Kubernetes namespaces partition workloads into virtual clusters, so multiple teams or applications can safely share a physical cluster. Today, there is no consensus on how to use namespaces in relation to identity, resource limits, and security. This leads to vulnerable applications and inefficient usage of cluster resources. As the number of teams, clusters, and namespaces grows, it becomes difficult to maintain coherence. By aligning identity, resource limits, and your application’s security posture, cluster operators can get more organizational mileage out of Kubernetes namespaces. In this talk, we will… · Walk through common scenarios of how organizations use namespaces today · Show how to enforce RBAC, resource limits, and your application’s security posture (e.g. networking, service accounts) within namespaces · Outline friction in existing namespace management workflows
https://sched.co/MPXl
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sharing is Caring: Your Kubernetes Cluster, Namespaces, and You - Amy Chen & Eryn Muetzel, VMware
Kubernetes namespaces partition workloads into virtual clusters, so multiple teams or applications can safely share a physical cluster. Today, there is no consensus on how to use namespaces in relation to identity, resource limits, and security. This leads to vulnerable applications and inefficient usage of cluster resources. As the number of teams, clusters, and namespaces grows, it becomes difficult to maintain coherence. By aligning identity, resource limits, and your application’s security posture, cluster operators can get more organizational mileage out of Kubernetes namespaces. In this talk, we will… · Walk through common scenarios of how organizations use namespaces today · Show how to enforce RBAC, resource limits, and your application’s security posture (e.g. networking, service accounts) within namespaces · Outline friction in existing namespace management workflows
https://sched.co/MPXl
- 2 participants
- 35 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
State of Kubernetes Contributor Community - Paris Pittman, Google
The Kubernetes contributor community spans the globe reaching over 26,000 people since the start of the project. If we grow on the same trajectory as years past, expect to cross 30,000 by Barcelona. (eek - a prediction!) What does the contributor landscape look like after 5 years in the land of open source? In this talk, I'll highlight: -who are our contributors now?, -new programs that have been created to help scale the community, -stories as told through data on our communication platforms, -and give recognition throughout
https://sched.co/MPZb
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
State of Kubernetes Contributor Community - Paris Pittman, Google
The Kubernetes contributor community spans the globe reaching over 26,000 people since the start of the project. If we grow on the same trajectory as years past, expect to cross 30,000 by Barcelona. (eek - a prediction!) What does the contributor landscape look like after 5 years in the land of open source? In this talk, I'll highlight: -who are our contributors now?, -new programs that have been created to help scale the community, -stories as told through data on our communication platforms, -and give recognition throughout
https://sched.co/MPZb
- 4 participants
- 33 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Storage Provisioning for Kubernetes on Windows - Anusha Ragunathan & Jean Rouge, Docker
As support for Windows container workloads on Kubernetes heads to GA, we need robust storage interfaces for the many Windows apps that need to manage state. In this session, we will:
1. Start with the foundational constructs around persistent storage in Kubernetes and go over existing mechanisms in-tree that support stateful Windows workloads .
2. Dive into enhancements necessary in existing external storage provisioners to support dynamic volume provisioning for Windows workloads and demonstrate the enhancements through end2end examples with the open source targetd iscsi target as a reference for what is required in plugins for storage backends.
3. Wrap up with what the future of this space looks like in the context of the modern Container Storage Interface, delve into platform changes in Windows necessary to support CSI plugins and short-term workarounds to overcome this.
https://sched.co/MPfV
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Storage Provisioning for Kubernetes on Windows - Anusha Ragunathan & Jean Rouge, Docker
As support for Windows container workloads on Kubernetes heads to GA, we need robust storage interfaces for the many Windows apps that need to manage state. In this session, we will:
1. Start with the foundational constructs around persistent storage in Kubernetes and go over existing mechanisms in-tree that support stateful Windows workloads .
2. Dive into enhancements necessary in existing external storage provisioners to support dynamic volume provisioning for Windows workloads and demonstrate the enhancements through end2end examples with the open source targetd iscsi target as a reference for what is required in plugins for storage backends.
3. Wrap up with what the future of this space looks like in the context of the modern Container Storage Interface, delve into platform changes in Windows necessary to support CSI plugins and short-term workarounds to overcome this.
https://sched.co/MPfV
- 2 participants
- 37 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tailor-Made Security: Building a Kubernetes Specific Hypervisor - Samuel Ortiz, Intel & Andreea Florescu, Amazon
One of the many benefits of the recently introduced RuntimeClass feature is the ability for operators to run hypervisor isolated container workloads in order to build secure multi-tenant deployments.. While projects like Kata Containers allow operators to run their Kubernetes workloads through a growing list of hypervisors, none of them is designed with Kubernetes specific use cases in mind. This session will describe how to improve container workloads performance, security and density by building a Kubernetes dedicated hypervisor. At first we will describe what running a Kubernetes compatible hypervisor requires. Then we will show how the recently formed rust-vmm project allows for designing KVM based hypervisors for very customized use cases, including the Kubernetes ones. Finally we will use the serverless example to show what a reduced Kubernetes hypervisor looks like.
https://sched.co/MPd5
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tailor-Made Security: Building a Kubernetes Specific Hypervisor - Samuel Ortiz, Intel & Andreea Florescu, Amazon
One of the many benefits of the recently introduced RuntimeClass feature is the ability for operators to run hypervisor isolated container workloads in order to build secure multi-tenant deployments.. While projects like Kata Containers allow operators to run their Kubernetes workloads through a growing list of hypervisors, none of them is designed with Kubernetes specific use cases in mind. This session will describe how to improve container workloads performance, security and density by building a Kubernetes dedicated hypervisor. At first we will describe what running a Kubernetes compatible hypervisor requires. Then we will show how the recently formed rust-vmm project allows for designing KVM based hypervisors for very customized use cases, including the Kubernetes ones. Finally we will use the serverless example to show what a reduced Kubernetes hypervisor looks like.
https://sched.co/MPd5
- 3 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Testing your K8s apps with KIND - Benjamin Elder, Google & James Munnelly, Jetstack.io
Part of the promise of Docker is being able to run tests in the same environment as production. For applications running on Kubernetes, though, development and testing is still a challenge. Developers of these applications have to choose between three poor options: an external, stateful cluster, spinning up a cluster for each test, or running tests outside of Kubernetes. All of these have significant drawbacks that hinder the acceptance of Kubernetes in new environments. kind presents a fourth option: a small, compliant Kubernetes that comes up in one minute, not twenty. Using kind, CI signal can be more reliable, integration tests faster, and local development streamlined.
https://sched.co/MPYy
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Testing your K8s apps with KIND - Benjamin Elder, Google & James Munnelly, Jetstack.io
Part of the promise of Docker is being able to run tests in the same environment as production. For applications running on Kubernetes, though, development and testing is still a challenge. Developers of these applications have to choose between three poor options: an external, stateful cluster, spinning up a cluster for each test, or running tests outside of Kubernetes. All of these have significant drawbacks that hinder the acceptance of Kubernetes in new environments. kind presents a fourth option: a small, compliant Kubernetes that comes up in one minute, not twenty. Using kind, CI signal can be more reliable, integration tests faster, and local development streamlined.
https://sched.co/MPYy
- 14 participants
- 36 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Uber x Security: Why and How We Built Our Workload Identity Platform - Tyler Julian, Uber & Daniel Feldman, Scytale
Since launching in 2009, Uber has become the poster child for explosive growth - in revenue, headcount, and operational complexity. This growth has created new challenges for Uber’s engineering team and the services they maintain. How can these services reliably identify and authenticate to each other? How can we ensure isolation for critical systems? How can we achieve compliance with regulations like GDPR and SOX? How can we efficiently incorporate identity into unsupported legacy systems? Most importantly, how can we do all of this in a way that doesn’t get in the way of engineers? This talk will explore what led Uber to build out an automated, API-driven, cloud native approach to workload identity with SPIFFE that provides the critical bridge of trust within Uber's next-gen infrastructure, and the impact it’s had on Uber’s internal security and developer efficiency.
https://sched.co/MPe6
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Uber x Security: Why and How We Built Our Workload Identity Platform - Tyler Julian, Uber & Daniel Feldman, Scytale
Since launching in 2009, Uber has become the poster child for explosive growth - in revenue, headcount, and operational complexity. This growth has created new challenges for Uber’s engineering team and the services they maintain. How can these services reliably identify and authenticate to each other? How can we ensure isolation for critical systems? How can we achieve compliance with regulations like GDPR and SOX? How can we efficiently incorporate identity into unsupported legacy systems? Most importantly, how can we do all of this in a way that doesn’t get in the way of engineers? This talk will explore what led Uber to build out an automated, API-driven, cloud native approach to workload identity with SPIFFE that provides the critical bridge of trust within Uber's next-gen infrastructure, and the impact it’s had on Uber’s internal security and developer efficiency.
https://sched.co/MPe6
- 3 participants
- 30 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Unblocking the Release Train with Istio Traffic Management - Dave Shepherd & Pierre Meunier, Wealth Wizards
Wealth Wizards employs a microservice architecture, with each service being actively developed. As soon as a change is in the mainline it’s on the release train and any subsequent changes traditionally ended up in a queue. If that change has a delay, then all subsequent changes get stuck and then have to be released together. There are many ways to try and avoid these problems, but one way is to stop items getting on the release train until it's ready. Istio does many things, but the traffic management functionality is the key to this solution. It allows traffic to be routed to different versions of the same service. The Wealth Wizards implementation will route all traffic to the mainline or master version of a service by default. However, if the hostname includes a version prefix then it will route traffic to the corresponding version of the service, if it exists.
https://sched.co/MPfY
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Unblocking the Release Train with Istio Traffic Management - Dave Shepherd & Pierre Meunier, Wealth Wizards
Wealth Wizards employs a microservice architecture, with each service being actively developed. As soon as a change is in the mainline it’s on the release train and any subsequent changes traditionally ended up in a queue. If that change has a delay, then all subsequent changes get stuck and then have to be released together. There are many ways to try and avoid these problems, but one way is to stop items getting on the release train until it's ready. Istio does many things, but the traffic management functionality is the key to this solution. It allows traffic to be routed to different versions of the same service. The Wealth Wizards implementation will route all traffic to the mainline or master version of a service by default. However, if the hostname includes a version prefix then it will route traffic to the corresponding version of the service, if it exists.
https://sched.co/MPfY
- 8 participants
- 35 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
What Goes in a Release: Kubernetes 1.14 in Code, Conversations, and Hearts - Maria Ntalla, Pivotal
During the run of a Kubernetes release, a huge group of people comes together to suggest features, agree on implementation details, develop, integrate and ship the next version of Kubernetes. People from all over the world, from various companies and backgrounds come together to make it happen. This talk will look at publicly available data from github, slack and mailing lists to tell a story about the makeup and diversity of the Kubernetes community, as well as the code, the interactions, the effectiveness and the dedication of the work that goes into building a Kubernetes release.
https://sched.co/MPZS
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
What Goes in a Release: Kubernetes 1.14 in Code, Conversations, and Hearts - Maria Ntalla, Pivotal
During the run of a Kubernetes release, a huge group of people comes together to suggest features, agree on implementation details, develop, integrate and ship the next version of Kubernetes. People from all over the world, from various companies and backgrounds come together to make it happen. This talk will look at publicly available data from github, slack and mailing lists to tell a story about the makeup and diversity of the Kubernetes community, as well as the code, the interactions, the effectiveness and the dedication of the work that goes into building a Kubernetes release.
https://sched.co/MPZS
- 4 participants
- 25 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Where's My Pod, Already? A Tale of Cold-Start Struggles on Kubernetes - Gregory Haynes, IBM
A core component of serverless platforms is scale-to-zero functionality which provides users with near 0 application cost when idle. With this comes the dreaded cold-start problem: When a user's application is not in use for an extended period an activating request can take significantly longer to complete. Knative is no different in this respect and until recently our cold-start time was measured in seconds due to the cost of Kubernetes deployments. Recently, a large effort was undertaken to improve this delay and the result is a system which scales Kubernetes deployments up from 0 in nearly a second. We will dive deep into what actually goes on inside Kubernetes when a deployment is scaled up, how we determined where time is spent, and then some of our novel techniques to drastically speed up this process.
https://sched.co/MPcb
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Where's My Pod, Already? A Tale of Cold-Start Struggles on Kubernetes - Gregory Haynes, IBM
A core component of serverless platforms is scale-to-zero functionality which provides users with near 0 application cost when idle. With this comes the dreaded cold-start problem: When a user's application is not in use for an extended period an activating request can take significantly longer to complete. Knative is no different in this respect and until recently our cold-start time was measured in seconds due to the cost of Kubernetes deployments. Recently, a large effort was undertaken to improve this delay and the result is a system which scales Kubernetes deployments up from 0 in nearly a second. We will dive deep into what actually goes on inside Kubernetes when a deployment is scaled up, how we determined where time is spent, and then some of our novel techniques to drastically speed up this process.
https://sched.co/MPcb
- 6 participants
- 34 minutes
24 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
You Might Just be a Functional Programmer Now - Cornelia Davis, Pivotal
The declarative programming model of Kubernetes is markedly different from what most developers are used to. That the API is a set of resources rather than a list of methods on objects is a bit mind bending. But this programming model is not entirely new – rather, it smacks quite heavily of functional programming. Functional programming had mostly been relegated to academic endeavors until recently. What’s changed that is that our apps are now distributed systems and are simply too complex for us to reason about without help. Kubernetes helps. In order to effectively use Kubernetes to deploy and manage your workloads you need to understand some of the principles of functional programming and how they surface in K8s. In this session I will cover these underlying principles of the K8s programming model so that you can up the robustness and manageability of your application deployments.
https://sched.co/MPXT
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
You Might Just be a Functional Programmer Now - Cornelia Davis, Pivotal
The declarative programming model of Kubernetes is markedly different from what most developers are used to. That the API is a set of resources rather than a list of methods on objects is a bit mind bending. But this programming model is not entirely new – rather, it smacks quite heavily of functional programming. Functional programming had mostly been relegated to academic endeavors until recently. What’s changed that is that our apps are now distributed systems and are simply too complex for us to reason about without help. Kubernetes helps. In order to effectively use Kubernetes to deploy and manage your workloads you need to understand some of the principles of functional programming and how they surface in K8s. In this session I will cover these underlying principles of the K8s programming model so that you can up the robustness and manageability of your application deployments.
https://sched.co/MPXT
- 2 participants
- 36 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You - Laurent Bernaille & Robert Boll, Datadog
Kubernetes is a very powerful and complicated system, and many users don’t understand the underlying systems. Come learn how your users can abuse container runtimes, overwhelm your control plane, and cause outages - it’s actually quite easy! In the last year, we have containerized hundreds of applications and deployed them in large scale clusters (more than 1000 nodes). The journey was eventful and we learned a lot along the way. We’ll share stories of our ten favorite Kubernetes foot guns, including the dangers of cargo culting, rolling updates gone wrong, the pitfalls of initContainers, and nightmarish daemonset upgrades. The talk will present solutions we adopted to avoid or work around some these problems and will finally show several improvements we plan deploy in the future.
https://sched.co/MPYL
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You - Laurent Bernaille & Robert Boll, Datadog
Kubernetes is a very powerful and complicated system, and many users don’t understand the underlying systems. Come learn how your users can abuse container runtimes, overwhelm your control plane, and cause outages - it’s actually quite easy! In the last year, we have containerized hundreds of applications and deployed them in large scale clusters (more than 1000 nodes). The journey was eventful and we learned a lot along the way. We’ll share stories of our ten favorite Kubernetes foot guns, including the dangers of cargo culting, rolling updates gone wrong, the pitfalls of initContainers, and nightmarish daemonset upgrades. The talk will present solutions we adopted to avoid or work around some these problems and will finally show several improvements we plan deploy in the future.
https://sched.co/MPYL
- 2 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
5 Steps to Building Inclusive Communities - Ashlynn Polini, Docker
5 Steps to Building an Inclusive Communities
The drive to connect is fundamental to human nature. But how do you build a community that your users want to be a part of? With 10 DockerCon’s under her belt, Ashlynn Polini shares the secrets behind creating inclusive events and programs for developers and operator communities, including:
- How to create an inclusive and welcoming community that users want to be a part of
- What to prioritize for a great user experience
- How virtual and in person events should be fundamental to your community strategy
Attendees will leave this talk with a checklist of tried and true methods to help them build experiences and programs for their next meetup or conference.
https://sched.co/MPZV
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
5 Steps to Building Inclusive Communities - Ashlynn Polini, Docker
5 Steps to Building an Inclusive Communities
The drive to connect is fundamental to human nature. But how do you build a community that your users want to be a part of? With 10 DockerCon’s under her belt, Ashlynn Polini shares the secrets behind creating inclusive events and programs for developers and operator communities, including:
- How to create an inclusive and welcoming community that users want to be a part of
- What to prioritize for a great user experience
- How virtual and in person events should be fundamental to your community strategy
Attendees will leave this talk with a checklist of tried and true methods to help them build experiences and programs for their next meetup or conference.
https://sched.co/MPZV
- 8 participants
- 30 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
A Kubernetes Application End-to-End: DevStats - Łukasz Gryglicki, CNCF & Josh Berkus, Red Hat
You may know DevStats as a repository of contributor statistics for Kubernetes (devstats.cncf.io), but you're about to find out that it is also a great demonstration case of migrating a complete application to orchestrated microservices. Our community has lacked solid, production-quality, end-to-end, all-open-source application examples, so we decided to make DevStats into one.
https://sched.co/MPZG
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
A Kubernetes Application End-to-End: DevStats - Łukasz Gryglicki, CNCF & Josh Berkus, Red Hat
You may know DevStats as a repository of contributor statistics for Kubernetes (devstats.cncf.io), but you're about to find out that it is also a great demonstration case of migrating a complete application to orchestrated microservices. Our community has lacked solid, production-quality, end-to-end, all-open-source application examples, so we decided to make DevStats into one.
https://sched.co/MPZG
- 3 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Accelerating the Journey of an AI Algorithm to Production with OpenFaaS - Joost Noppen, BT PLC & Alex Ellis, OpenFaaS Ltd
At BT it used to take us 2-3 years to get from a research idea to an AI algorithm that can be consumed by an end-user in production. We needed to reduce the risk and the investment required to bring our products to market and get essential feedback. We addressed three key areas to improve: having a diverse range of developer skills amongst us researchers, a lack of modern packaging & CI/CD practice, a need for a cloud-native model to shrink-wrap and run our code in production at scale. Our journey lead us to Serverless Functions, come to our talk to hear how we implemented our pipeline for development and deployment of AI algorithms using OpenFaaS. We can now ship to production in just two months improving the rate of delivery by 90%. The talk will also cover how BT built their platform using the UNIX-like primitives made available through the OpenFaaS eco-system and include a live demo.
https://sched.co/MPeF
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Accelerating the Journey of an AI Algorithm to Production with OpenFaaS - Joost Noppen, BT PLC & Alex Ellis, OpenFaaS Ltd
At BT it used to take us 2-3 years to get from a research idea to an AI algorithm that can be consumed by an end-user in production. We needed to reduce the risk and the investment required to bring our products to market and get essential feedback. We addressed three key areas to improve: having a diverse range of developer skills amongst us researchers, a lack of modern packaging & CI/CD practice, a need for a cloud-native model to shrink-wrap and run our code in production at scale. Our journey lead us to Serverless Functions, come to our talk to hear how we implemented our pipeline for development and deployment of AI algorithms using OpenFaaS. We can now ship to production in just two months improving the rate of delivery by 90%. The talk will also cover how BT built their platform using the UNIX-like primitives made available through the OpenFaaS eco-system and include a live demo.
https://sched.co/MPeF
- 2 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Benefits of a Service Mesh When Integrating Kubernetes with Legacy Services - Stephan Fudeus & David Meder-Marouelli, 1&1 Mail & Media Development & Technology GmbH
Having Kubernetes for your service landscape is great. Having a service mesh technology inside is even better - but there are legacy services, too. Leveraging the benefits of a service mesh is possible even without migrating all your legacy services into your kubernetes cluster - you can integrate them into the mesh. We'll give a brief overview of the properties and benefits of service meshes in general and specifically how they are configurable in Istio. Then we'll have a look at the expansion of the mesh to services outside of kubernetes. We'll go into how the expansion is done, what needs to be done in the legacy systems and what obstacles we had to overcome. On a sidetrack we'll show a "service mesh light", a mechanism to make legacy services protected by IP ACLs accessible from your kubernetes cluster, without deploying a full fledged service mesh implementation.
https://sched.co/MPep
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Benefits of a Service Mesh When Integrating Kubernetes with Legacy Services - Stephan Fudeus & David Meder-Marouelli, 1&1 Mail & Media Development & Technology GmbH
Having Kubernetes for your service landscape is great. Having a service mesh technology inside is even better - but there are legacy services, too. Leveraging the benefits of a service mesh is possible even without migrating all your legacy services into your kubernetes cluster - you can integrate them into the mesh. We'll give a brief overview of the properties and benefits of service meshes in general and specifically how they are configurable in Istio. Then we'll have a look at the expansion of the mesh to services outside of kubernetes. We'll go into how the expansion is done, what needs to be done in the legacy systems and what obstacles we had to overcome. On a sidetrack we'll show a "service mesh light", a mechanism to make legacy services protected by IP ACLs accessible from your kubernetes cluster, without deploying a full fledged service mesh implementation.
https://sched.co/MPep
- 3 participants
- 33 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Birds of a Feather: Do You Really Need on Premises Serverless ? - Igor Khapov, IBM
Speaker will describe serverless technology, most popular use cases and how international companies use serverless in the public and private clouds.
Serverless can be used on premises and in the cloud. It can help you to create the most cost effective model. Serverless on premises provides you ability to utilize your own resources.
Speaker will also demonstrate how to create infrastructure with multiple architecture support for serverless application and describe situations when you need it.
https://sched.co/MPeX
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Birds of a Feather: Do You Really Need on Premises Serverless ? - Igor Khapov, IBM
Speaker will describe serverless technology, most popular use cases and how international companies use serverless in the public and private clouds.
Serverless can be used on premises and in the cloud. It can help you to create the most cost effective model. Serverless on premises provides you ability to utilize your own resources.
Speaker will also demonstrate how to create infrastructure with multiple architecture support for serverless application and describe situations when you need it.
https://sched.co/MPeX
- 2 participants
- 31 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Build a Kubernetes Based Cloud Native Storage Solution From Scratch - Sheng Yang, Rancher Labs
When it comes to cloud-native and container-ready storage, most industry discussions focus on how to make existing storage systems work with Kubernetes/Docker. But the rapid development of SSD technology, along with container and Kubernetes, make it possible to create a more elegant solution from scratch, compared to the storage technologies exist tens of years ago.
So they have created a storage solution based on Kubernetes
In Longhorn, control flow is driven by Kubernetes's controller model; deployment is done using Kubernetes workload; HA is backed by Kubernetes's HA capability. Though sometimes it's easy to say than done. As a result, lots of insights were gained on how to write an application based on Kubernetes. In this talk, Sheng Yang will give a talk about the experience and insights he has gained as a part of building a Cloud Native storage solution on Kubernetes.
https://sched.co/MPXK
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Build a Kubernetes Based Cloud Native Storage Solution From Scratch - Sheng Yang, Rancher Labs
When it comes to cloud-native and container-ready storage, most industry discussions focus on how to make existing storage systems work with Kubernetes/Docker. But the rapid development of SSD technology, along with container and Kubernetes, make it possible to create a more elegant solution from scratch, compared to the storage technologies exist tens of years ago.
So they have created a storage solution based on Kubernetes
In Longhorn, control flow is driven by Kubernetes's controller model; deployment is done using Kubernetes workload; HA is backed by Kubernetes's HA capability. Though sometimes it's easy to say than done. As a result, lots of insights were gained on how to write an application based on Kubernetes. In this talk, Sheng Yang will give a talk about the experience and insights he has gained as a part of building a Cloud Native storage solution on Kubernetes.
https://sched.co/MPXK
- 5 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building Cloud Native GDPR Friendly Systems for Data Collection - Zsolt Homorodi, VTT
For organizations collecting EU users’ data, the General Data Protection Regulation presents considerable challenges. Data must be anonymized and only essential data can be collected. Users must be able to see, download, and delete their data. Setting up the infrastructure to meet GDPR compliance is complicated and time consuming, particularly for resource constrained teams. In this talk, Zsolt Homorodi from VTT (Technical Research Centre of Finland) will explain how he created a reproducible GDPR compliant lightweight data collection and processing infrastructure that is based on Kubernetes and other Cloud Native technologies. Zsolt will show how he combines Linkerd 2.0, Pulumi, Contour, Prometheus, Grafana, Argo, gRPC and other tools to architect reliable, predictable, observable and reproducible environments for data collection and processing that comply with GDPR.
https://sched.co/MPYC
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building Cloud Native GDPR Friendly Systems for Data Collection - Zsolt Homorodi, VTT
For organizations collecting EU users’ data, the General Data Protection Regulation presents considerable challenges. Data must be anonymized and only essential data can be collected. Users must be able to see, download, and delete their data. Setting up the infrastructure to meet GDPR compliance is complicated and time consuming, particularly for resource constrained teams. In this talk, Zsolt Homorodi from VTT (Technical Research Centre of Finland) will explain how he created a reproducible GDPR compliant lightweight data collection and processing infrastructure that is based on Kubernetes and other Cloud Native technologies. Zsolt will show how he combines Linkerd 2.0, Pulumi, Contour, Prometheus, Grafana, Argo, gRPC and other tools to architect reliable, predictable, observable and reproducible environments for data collection and processing that comply with GDPR.
https://sched.co/MPYC
- 1 participant
- 39 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building Cross-Cloud ML Pipelines with Kubeflow with Spark & Tensorflow - Holden Karau, Google & Trevor Grant, IBM
Data Science, Machine Learning, and Artificial Intelligence has exploded in popularity in the last five years, but the nagging question remains, “How to put models into production?” In this talk, we present KubeFlow- an open source project aims to answer this. This talk will examine how the intricacies involved in taking your pipeline and running it between clouds, mixing data from multiple sources, and building multi-component pipelines. We’ll examine how to tie together multiple tools to prepare your data and train the final model, as well as how to create a serving system to match. The audience will learn how to use kubernetes as a replacement for YARN simplifying your big data stack and empowering your data scientists to self-serve libraries and avoid being responsible for maintaining 20 different incompatible conda environments.
https://sched.co/MPaZ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building Cross-Cloud ML Pipelines with Kubeflow with Spark & Tensorflow - Holden Karau, Google & Trevor Grant, IBM
Data Science, Machine Learning, and Artificial Intelligence has exploded in popularity in the last five years, but the nagging question remains, “How to put models into production?” In this talk, we present KubeFlow- an open source project aims to answer this. This talk will examine how the intricacies involved in taking your pipeline and running it between clouds, mixing data from multiple sources, and building multi-component pipelines. We’ll examine how to tie together multiple tools to prepare your data and train the final model, as well as how to create a serving system to match. The audience will learn how to use kubernetes as a replacement for YARN simplifying your big data stack and empowering your data scientists to self-serve libraries and avoid being responsible for maintaining 20 different incompatible conda environments.
https://sched.co/MPaZ
- 2 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building HA Multi-Cloud Clusters Using WireGuard as a Network Overlay - Lucas Servén Marín, Red Hat
Kubernetes abstracts away infrastructure, enabling the community to leverage a single, powerful interface anywhere we like, from bare-metal to public clouds like AWS or GCP. However, not all infrastructure is alike: some clouds do not provide GPUs, while others do not offer data-centers in certain regions. As a result, users often have to choose between running their entire workload on a single cloud provider or region, and managing multiple clusters in different clouds. In this presentation, Lucas Servén explains how to solve this issue at the network level and create a single cluster that spans cloud providers and regions, facilitating high availability and avoiding lock-in, by using WireGuard as a network overlay.
https://sched.co/MPbF
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building HA Multi-Cloud Clusters Using WireGuard as a Network Overlay - Lucas Servén Marín, Red Hat
Kubernetes abstracts away infrastructure, enabling the community to leverage a single, powerful interface anywhere we like, from bare-metal to public clouds like AWS or GCP. However, not all infrastructure is alike: some clouds do not provide GPUs, while others do not offer data-centers in certain regions. As a result, users often have to choose between running their entire workload on a single cloud provider or region, and managing multiple clusters in different clouds. In this presentation, Lucas Servén explains how to solve this issue at the network level and create a single cluster that spans cloud providers and regions, facilitating high availability and avoiding lock-in, by using WireGuard as a network overlay.
https://sched.co/MPbF
- 7 participants
- 33 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building Images Efficiently and Securely on Kubernetes with BuildKit - Akihiro Suda, NTT Corporation
BuildKit is a modern container image builder that focuses on efficiency and security, mostly known as the backend of Docker 18.06+ and Jessie Frazelle's `img`. (But it is even useful as a standalone tool!) In this talk, Akihiro Suda, one of founding maintainers of BuildKit, shows practical tips for running BuildKit on Kubernetes clusters. His talk will contain: * Quick introduction to BuildKit * Why you should build images on your Kubernetes cluster * Load balancing and distributed caching * Deployment w/ and w/o Kubernetes Service * Rootless mode w/ and w/o Kubernetes securityContext/PSP * Build secret management (e.g. git and S3 credentials) * Comparison with other image builder tools * Buildpacks integration * Knative integration
https://sched.co/MPX5
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building Images Efficiently and Securely on Kubernetes with BuildKit - Akihiro Suda, NTT Corporation
BuildKit is a modern container image builder that focuses on efficiency and security, mostly known as the backend of Docker 18.06+ and Jessie Frazelle's `img`. (But it is even useful as a standalone tool!) In this talk, Akihiro Suda, one of founding maintainers of BuildKit, shows practical tips for running BuildKit on Kubernetes clusters. His talk will contain: * Quick introduction to BuildKit * Why you should build images on your Kubernetes cluster * Load balancing and distributed caching * Deployment w/ and w/o Kubernetes Service * Rootless mode w/ and w/o Kubernetes securityContext/PSP * Build secret management (e.g. git and S3 credentials) * Comparison with other image builder tools * Buildpacks integration * Knative integration
https://sched.co/MPX5
- 1 participant
- 29 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building an Edge Control Plane with Kubernetes and Envoy - Flynn, Datawire
The Envoy proxy is fast becoming ubiquitous as the universal data plane API for cloud-native networking and communications. However, the power of Envoy comes at the cost of configuration complexity. In this talk, I’ll discuss what we learned from designing and implementing the Ambassador edge control plane for Envoy, built around the Kubernetes API and Envoy’s v2 configuration. I’ll talk about the evolution of Ambassador from a simple Envoy configuration engine built around Jinja2 templates and variable substitution to the more sophisticated, multi-pass, compiler-type architecture that is in use today. I’ll also discuss how engineers today are using Ambassador, the community that has developed around this project, and where we see the requirements and technology evolving.
https://sched.co/MPfA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building an Edge Control Plane with Kubernetes and Envoy - Flynn, Datawire
The Envoy proxy is fast becoming ubiquitous as the universal data plane API for cloud-native networking and communications. However, the power of Envoy comes at the cost of configuration complexity. In this talk, I’ll discuss what we learned from designing and implementing the Ambassador edge control plane for Envoy, built around the Kubernetes API and Envoy’s v2 configuration. I’ll talk about the evolution of Ambassador from a simple Envoy configuration engine built around Jinja2 templates and variable substitution to the more sophisticated, multi-pass, compiler-type architecture that is in use today. I’ll also discuss how engineers today are using Ambassador, the community that has developed around this project, and where we see the requirements and technology evolving.
https://sched.co/MPfA
- 3 participants
- 20 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Caller ID in Kubernetes - Michael Danese, Google
Kubernetes lets every Pod have a Service Account identity, but previously, that identity has only really been usable to authenticate to the Kubernete API server. The newly-released pod proof of identity can be used to securely establish trusted communication between workloads running in a Kubernetes cluster, to external services, or even to bootstrap the identity of higher level services like Istio. This talk will delve into the design of workload identity in Kubernetes and how you can use it to build more secure systems.
https://sched.co/MPdl
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Caller ID in Kubernetes - Michael Danese, Google
Kubernetes lets every Pod have a Service Account identity, but previously, that identity has only really been usable to authenticate to the Kubernete API server. The newly-released pod proof of identity can be used to securely establish trusted communication between workloads running in a Kubernetes cluster, to external services, or even to bootstrap the identity of higher level services like Istio. This talk will delve into the design of workload identity in Kubernetes and how you can use it to build more secure systems.
https://sched.co/MPdl
- 7 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Co-Evolution of Kubernetes and GCP Networking - Purvi Desai & Tim Hockin, Google
This talk will explore the trials and tribulations behind the evolution of GCP Networking for Kubernetes and evolution of Kubernetes to meet provider requirements. Our key guiding principle is to provide managed solution while maintaining portability and consistency. Question of consistency with OSS vs provider’s solution is not just on providers’ minds but also on our users’ minds as they decide whether to use OSS or managed offering. We have gone through the journey from supporting subset of features to making Kubernetes a first-class platform for networking. But there are still open questions. With ecosystem extending to hybrid, multi-cluster and service mesh, these questions become even more relevant. Talk will cover learnings on how we see GCP networking evolving in offering Kubernetes solution and in evolving Kubernetes to provide better extensibility for providers.
https://sched.co/MPb9
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Co-Evolution of Kubernetes and GCP Networking - Purvi Desai & Tim Hockin, Google
This talk will explore the trials and tribulations behind the evolution of GCP Networking for Kubernetes and evolution of Kubernetes to meet provider requirements. Our key guiding principle is to provide managed solution while maintaining portability and consistency. Question of consistency with OSS vs provider’s solution is not just on providers’ minds but also on our users’ minds as they decide whether to use OSS or managed offering. We have gone through the journey from supporting subset of features to making Kubernetes a first-class platform for networking. But there are still open questions. With ecosystem extending to hybrid, multi-cluster and service mesh, these questions become even more relevant. Talk will cover learnings on how we see GCP networking evolving in offering Kubernetes solution and in evolving Kubernetes to provide better extensibility for providers.
https://sched.co/MPb9
- 2 participants
- 42 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Container Forensics: What to Do When Your Cluster is a Cluster - Maya Kaczorowski & Ann Wallace, Google
When responding to an incident in your containers, you don’t necessarily have the same tools at your disposal that you do with VMs - and so your incident investigation process and forensics are different. In a best case scenario, you have access to application logs, orchestrator logs, node snapshots, and more. In this talk, we’ll go over where to get information about what’s happening in your cluster, including logs and open source tools you can install, and how to tie this information together to get a better idea of what’s happening in your infrastructure. Armed with this info, we’ll review the common mitigation options such as to alert, isolate, pause, restart, or kill a container. For common types of container attacks, we'll discuss what options are best and why. Lastly, we’ll talk about restoring services after an incident, and the best steps to take to prevent the next one.
https://sched.co/MPdK
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Container Forensics: What to Do When Your Cluster is a Cluster - Maya Kaczorowski & Ann Wallace, Google
When responding to an incident in your containers, you don’t necessarily have the same tools at your disposal that you do with VMs - and so your incident investigation process and forensics are different. In a best case scenario, you have access to application logs, orchestrator logs, node snapshots, and more. In this talk, we’ll go over where to get information about what’s happening in your cluster, including logs and open source tools you can install, and how to tie this information together to get a better idea of what’s happening in your infrastructure. Armed with this info, we’ll review the common mitigation options such as to alert, isolate, pause, restart, or kill a container. For common types of container attacks, we'll discuss what options are best and why. Lastly, we’ll talk about restoring services after an incident, and the best steps to take to prevent the next one.
https://sched.co/MPdK
- 6 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Crafty Requests: Deep Dive Into Kubernetes CVE-2018-1002105 - Ian Coldwater, Heroku
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? This deep dive will walk the audience through the Kubernetes back end, going over relevant concepts like aggregated API servers, the kubelet API, and permissions for namespace-constrained users. We will explain the details of how this flaw works, how a cluster’s moving parts can fit together to create a vulnerable context, and the risks involved in leaving this CVE unpatched in the wild. A live demonstration will show the audience exactly how easy it is to exploit this vulnerability. After explaining the attack pathways, the audience will leave with practical advice about mitigation and how to protect their clusters.
https://sched.co/MPdc
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Crafty Requests: Deep Dive Into Kubernetes CVE-2018-1002105 - Ian Coldwater, Heroku
You may have heard about CVE-2018-1002105, one of the most severe Kubernetes security vulnerabilities of all time. But how does this flaw work? How can it be exploited, and what does it all mean? This deep dive will walk the audience through the Kubernetes back end, going over relevant concepts like aggregated API servers, the kubelet API, and permissions for namespace-constrained users. We will explain the details of how this flaw works, how a cluster’s moving parts can fit together to create a vulnerable context, and the risks involved in leaving this CVE unpatched in the wild. A live demonstration will show the audience exactly how easy it is to exploit this vulnerability. After explaining the attack pathways, the audience will leave with practical advice about mitigation and how to protect their clusters.
https://sched.co/MPdc
- 1 participant
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Data Without Borders - Using Rook Storage Orchestration at a Global Scale - Jared Watts, Upbound
The Rook project has established robust and reliable patterns for orchestrating storage systems running on-top of Kubernetes clusters. However, storage systems often need to extend beyond a single cluster to provide data to end users in many different locations. How can these globally distributed storage systems best be orchestrated and managed to meet the needs of their users on a global scale? In this talk, we will examine the key concepts of storage orchestration for cloud native applications in multicloud environments, as well as the major benefits of these types of deployments. We will learn about the challenges that arise and best practices to address them, such as replication, mirroring, snapshots, and disaster recovery. All of these lessons will be in the context of the Rook project, including a live demonstration of storage orchestration on a global scale.
https://sched.co/MPfq
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Data Without Borders - Using Rook Storage Orchestration at a Global Scale - Jared Watts, Upbound
The Rook project has established robust and reliable patterns for orchestrating storage systems running on-top of Kubernetes clusters. However, storage systems often need to extend beyond a single cluster to provide data to end users in many different locations. How can these globally distributed storage systems best be orchestrated and managed to meet the needs of their users on a global scale? In this talk, we will examine the key concepts of storage orchestration for cloud native applications in multicloud environments, as well as the major benefits of these types of deployments. We will learn about the challenges that arise and best practices to address them, such as replication, mirroring, snapshots, and disaster recovery. All of these lessons will be in the context of the Rook project, including a live demonstration of storage orchestration on a global scale.
https://sched.co/MPfq
- 1 participant
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deconstructing Apache Hadoop: A Dialogue About a Cloud-Native Refactor - Anu Engineer & Marton Elek, Cloudera
Many existing applications like the Big Data stack is in a community debate over moving to K8s. They see it as the future, but there are lots of unknowns and complex problems to solve. This is a dialogue between two developers who are exploring and trying to finding the true path to becoming Cloud Native. In this talk, we will discuss in detail our experiences and issues that we have faced in moving the Hadoop Object store Ozone as a Cloud native storage solution that runs on top of K8s. We will take a deep dive into the advantages and challenges that we faced during this journey — having a cluster manager like K8s allows us to move away from managing physical details and instead focus on the storage part. Some of the challenges were things like security and how we tackle that.
https://sched.co/MPYI
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deconstructing Apache Hadoop: A Dialogue About a Cloud-Native Refactor - Anu Engineer & Marton Elek, Cloudera
Many existing applications like the Big Data stack is in a community debate over moving to K8s. They see it as the future, but there are lots of unknowns and complex problems to solve. This is a dialogue between two developers who are exploring and trying to finding the true path to becoming Cloud Native. In this talk, we will discuss in detail our experiences and issues that we have faced in moving the Hadoop Object store Ozone as a Cloud native storage solution that runs on top of K8s. We will take a deep dive into the advantages and challenges that we faced during this journey — having a cluster manager like K8s allows us to move away from managing physical details and instead focus on the storage part. Some of the challenges were things like security and how we tackle that.
https://sched.co/MPYI
- 4 participants
- 40 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive Fluent Bit: Logging & Stream Processing - Eduardo Silva, ARM Treasure Data
Fluent Bit is a Fluentd sub-project that aims to solve hard data challenges in the cloud space. On this deep dive session, we will talk about its architecture, how data workflows operate and the ability to perform advanced data transformation. Also, we will demonstrate the new ability to perform Stream Processing on the Edge.
https://sched.co/MPjW
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive Fluent Bit: Logging & Stream Processing - Eduardo Silva, ARM Treasure Data
Fluent Bit is a Fluentd sub-project that aims to solve hard data challenges in the cloud space. On this deep dive session, we will talk about its architecture, how data workflows operate and the ability to perform advanced data transformation. Also, we will demonstrate the new ability to perform Stream Processing on the Edge.
https://sched.co/MPjW
- 5 participants
- 38 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CNCF CI - Lucina Stricko & Denver Williams, Vulk Coop & CNCF
The CNCF CI status dashboard -- cncf.ci -- provides a third party validation of builds, deployments and end-to-end testing for CNCF’s Graduated and Incubating projects. CNCF welcomed Arm as Gold member in February 2019. The cncf.ci dashboard helps ensure that Kubernetes and other CNCF-hosted projects run well on Arm-based platforms. Attendees will leave this deep dive with an understanding of how the cncf.ci dashboard builds and tests projects on Arm and x86 architectures.
https://sched.co/MPj8
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CNCF CI - Lucina Stricko & Denver Williams, Vulk Coop & CNCF
The CNCF CI status dashboard -- cncf.ci -- provides a third party validation of builds, deployments and end-to-end testing for CNCF’s Graduated and Incubating projects. CNCF welcomed Arm as Gold member in February 2019. The cncf.ci dashboard helps ensure that Kubernetes and other CNCF-hosted projects run well on Arm-based platforms. Attendees will leave this deep dive with an understanding of how the cncf.ci dashboard builds and tests projects on Arm and x86 architectures.
https://sched.co/MPj8
- 4 participants
- 26 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CNCF Security SIG – Justin Cappos, New York University & Zhipeng Huang, Huawei
CNCF Security SIG representing cross-cutting concerns including authentication, authorization, auditing, policy enforcement, privacy and compliance. This session will present the state of cloud native authentication, authorization, policy controls and verification, highlighting CNCF projects that can help reduce risks for cloud native deployments and the ecosystem of tools and services.
https://sched.co/Oscd
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CNCF Security SIG – Justin Cappos, New York University & Zhipeng Huang, Huawei
CNCF Security SIG representing cross-cutting concerns including authentication, authorization, auditing, policy enforcement, privacy and compliance. This session will present the state of cloud native authentication, authorization, policy controls and verification, highlighting CNCF projects that can help reduce risks for cloud native deployments and the ecosystem of tools and services.
https://sched.co/Oscd
- 3 participants
- 40 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CNCF Serverless WG/CloudEvents - Clemens Vasters, Microsoft & Vlad Ionescu, Independent
This session will provide a more in-depth discussion of the Serverless working group, the CloudEvents specification and the new Workflow sub-group. It will include a more interactive discussion with the audience around some of the technical challenges we're facing and to solicit feedback as to the needs of the community.
https://sched.co/MPjB
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CNCF Serverless WG/CloudEvents - Clemens Vasters, Microsoft & Vlad Ionescu, Independent
This session will provide a more in-depth discussion of the Serverless working group, the CloudEvents specification and the new Workflow sub-group. It will include a more interactive discussion with the audience around some of the technical challenges we're facing and to solicit feedback as to the needs of the community.
https://sched.co/MPjB
- 2 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cloud Native Buildpacks - Terence Lee, Heroku & Stephen Levine, Pivotal
Learn why you need a buildpack and how to create one. We'll write a simple Python buildpack we can use to build an image from a Django app. We'll take advantage of caching and Docker layers to speed up rebuilds and deploys. Unlike Dockerfiles, buildpacks are composable. We'll create a build pipeline with our Python buildpack and the Node.js buildpack, which we'll use to prepare asset bundles. Finally, you'll learn how to rebase your application layers on a new image. This allow operators to efficiently handle the delivery of OS-level dependency upgrades.
https://sched.co/MPj2
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cloud Native Buildpacks - Terence Lee, Heroku & Stephen Levine, Pivotal
Learn why you need a buildpack and how to create one. We'll write a simple Python buildpack we can use to build an image from a Django app. We'll take advantage of caching and Docker layers to speed up rebuilds and deploys. Unlike Dockerfiles, buildpacks are composable. We'll create a build pipeline with our Python buildpack and the Node.js buildpack, which we'll use to prepare asset bundles. Finally, you'll learn how to rebase your application layers on a new image. This allow operators to efficiently handle the delivery of OS-level dependency upgrades.
https://sched.co/MPj2
- 3 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cluster Lifecycle SIG (Kubeadm) - Fabrizio Pandini & Lubomir I. Ivanov, VMware
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying Kubernetes clusters. Our objective is to simplify creation, configuration, upgrade, downgrade, and teardown of Kubernetes clusters and their components. In this deep dive, we will take a look at recent changes in kubeadm, examine how kubeadm is going to implement support for high availability clusters, and finally peek through the window to see what will come next. We’ll reserve time to talk about how to get involved with SIG Cluster Lifecycle and kubeadm, for your questions, concerns, and feature requests!
https://sched.co/MPj5
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cluster Lifecycle SIG (Kubeadm) - Fabrizio Pandini & Lubomir I. Ivanov, VMware
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying Kubernetes clusters. Our objective is to simplify creation, configuration, upgrade, downgrade, and teardown of Kubernetes clusters and their components. In this deep dive, we will take a look at recent changes in kubeadm, examine how kubeadm is going to implement support for high availability clusters, and finally peek through the window to see what will come next. We’ll reserve time to talk about how to get involved with SIG Cluster Lifecycle and kubeadm, for your questions, concerns, and feature requests!
https://sched.co/MPj5
- 8 participants
- 41 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Contributor Experience SIG - Elsie Phillips, Red Hat & Paris Pittman, Google
Join us for a live session of the weekly contributor experience meeting! Meet members of the SIG in person and learn how you can contribute. Check out the agenda [here] (https://docs.google.com/document/d/1qf-02B7EOrItQgwXFxgqZ5qjW0mtfu5qkYIF1Hl4ZLI/edit)
https://sched.co/MPjE
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Contributor Experience SIG - Elsie Phillips, Red Hat & Paris Pittman, Google
Join us for a live session of the weekly contributor experience meeting! Meet members of the SIG in person and learn how you can contribute. Check out the agenda [here] (https://docs.google.com/document/d/1qf-02B7EOrItQgwXFxgqZ5qjW0mtfu5qkYIF1Hl4ZLI/edit)
https://sched.co/MPjE
- 20 participants
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CoreDNS - Yong Tang, MobileIron & John Belamaric, Google
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. It is written in Go and has a unique plugin-based architecture. This means CoreDNS could be easily extended with customized plugins for new functionalities. If some functionality is not provided out of the box, you can add it if you know how to write in Go. In this deep dive session, we take a detailed look at the service discovery and plugin system of CoreDNS. We will demo a simplified version of a plugin that achieves source IP based service discovery. By walking through the complete code base of this demo plugin, we will showcase the ease of convenience to implement a custom plugin for serving new functionalities.
https://sched.co/MPjH
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: CoreDNS - Yong Tang, MobileIron & John Belamaric, Google
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. It is written in Go and has a unique plugin-based architecture. This means CoreDNS could be easily extended with customized plugins for new functionalities. If some functionality is not provided out of the box, you can add it if you know how to write in Go. In this deep dive session, we take a detailed look at the service discovery and plugin system of CoreDNS. We will demo a simplified version of a plugin that achieves source IP based service discovery. By walking through the complete code base of this demo plugin, we will showcase the ease of convenience to implement a custom plugin for serving new functionalities.
https://sched.co/MPjH
- 8 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cortex - Tom Wilkie, Grafana Labs & Bryan Boreham, Weaveworks
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus metrics, and a horizontally scalable, Prometheus-compatible query API. Cortex allows users to deploy a centralised, globally aggregated view of all their Prometheus instances, storing data indefinitely. In this talk we will discuss the benefits of, and how to deploy, a fully disaggregated, microservice oriented Cortex architecture. We'll also discuss some of the challenges operating Cortex at scale, and what the future holds for Cortex. Cortex is a CNCF sandbox project.
https://sched.co/MPjK
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Cortex - Tom Wilkie, Grafana Labs & Bryan Boreham, Weaveworks
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus metrics, and a horizontally scalable, Prometheus-compatible query API. Cortex allows users to deploy a centralised, globally aggregated view of all their Prometheus instances, storing data indefinitely. In this talk we will discuss the benefits of, and how to deploy, a fully disaggregated, microservice oriented Cortex architecture. We'll also discuss some of the challenges operating Cortex at scale, and what the future holds for Cortex. Cortex is a CNCF sandbox project.
https://sched.co/MPjK
- 7 participants
- 39 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Dragonfly - Jin Zhang, Alibaba Cloud & Haibing Zhou, eBay
Dragonfly is an intelligent P2P based container image distribution system which provides a native image distribution solution for cloud native scenarios. In this session, we will cover some advanced features of Dragonfly in details, such as image distribution in a cloud environment, the scheduling strategy in P2P distribution, highly-available deployments and so on. Besides these, we also encourage developers and end-users to extend Dragonfly's usage with other softwares in cloud native ecosystem. Furthermore, the team would love to get feedback from users and contributors about current features and future roadmap.
https://sched.co/MPjN
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Dragonfly - Jin Zhang, Alibaba Cloud & Haibing Zhou, eBay
Dragonfly is an intelligent P2P based container image distribution system which provides a native image distribution solution for cloud native scenarios. In this session, we will cover some advanced features of Dragonfly in details, such as image distribution in a cloud environment, the scheduling strategy in P2P distribution, highly-available deployments and so on. Besides these, we also encourage developers and end-users to extend Dragonfly's usage with other softwares in cloud native ecosystem. Furthermore, the team would love to get feedback from users and contributors about current features and future roadmap.
https://sched.co/MPjN
- 3 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Falco - Michael Ducy, Sysdig
In any Cloud Native architecture there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream. Finally, we will cover how to create additional event streams leveraging the generic implementation Falco provides. Attendees will gain deep understanding of Falco’s architecture, and how it custom Falco for additional events sources.
https://sched.co/MPjT
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Falco - Michael Ducy, Sysdig
In any Cloud Native architecture there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream. Finally, we will cover how to create additional event streams leveraging the generic implementation Falco provides. Attendees will gain deep understanding of Falco’s architecture, and how it custom Falco for additional events sources.
https://sched.co/MPjT
- 5 participants
- 39 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Harbor - Steven Zou & Daniel Jiang, VMware
Harbor is an open source trusted cloud-native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve both the container image and Helm Chart management challenges. In this session, we will cover some advanced features of using Harbor, such as OIDC support, improved content replication among Harbor and other non-Harbor registries, content management in a cloud environment, unified management of Helm Chart and container images, highly-available deployments and DevOps supporting etc.. Additionally, we'd like to share some Harbor community-related things like the governance model and contributing guide the Harbor community following with you in case you want to deeply participate in the regular contributing and/or maintaining activities of Harbor community in future. Furthermore, the team would love to get feedback from users and contributors about current features and future roadmap.
https://sched.co/MPjZ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Harbor - Steven Zou & Daniel Jiang, VMware
Harbor is an open source trusted cloud-native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve both the container image and Helm Chart management challenges. In this session, we will cover some advanced features of using Harbor, such as OIDC support, improved content replication among Harbor and other non-Harbor registries, content management in a cloud environment, unified management of Helm Chart and container images, highly-available deployments and DevOps supporting etc.. Additionally, we'd like to share some Harbor community-related things like the governance model and contributing guide the Harbor community following with you in case you want to deeply participate in the regular contributing and/or maintaining activities of Harbor community in future. Furthermore, the team would love to get feedback from users and contributors about current features and future roadmap.
https://sched.co/MPjZ
- 3 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (Instrumentation) SIG - Frederic Branczyk & Max Inden, Red Hat
The SIG Instrumentation deep dive is going to cover some of the details of performance optimizations we have recently been working on, both on a technical level of how they were achieved, but also the results of said optimizations. Beyond that we will dive into advanced topics of how to make use of the data Kubernetes exposes for advanced querying in order to perform monitoring and alerting on Kubernetes clusters.
https://sched.co/MPjo
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (Instrumentation) SIG - Frederic Branczyk & Max Inden, Red Hat
The SIG Instrumentation deep dive is going to cover some of the details of performance optimizations we have recently been working on, both on a technical level of how they were achieved, but also the results of said optimizations. Beyond that we will dive into advanced topics of how to make use of the data Kubernetes exposes for advanced querying in order to perform monitoring and alerting on Kubernetes clusters.
https://sched.co/MPjo
- 4 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (PM) SIG - Ihor Dvoretskyi, CNCF & Stephen Augustus, VMware
Kubernetes is one of the most high-velocity open source projects in the world, and one of the most unique features of this community project - that it has its own PM team and PM process. SIG-PM, originally established as a Product Management Group, today covers multiple aspects of Product, Program and Project Management of Kubernetes. In this session, the SIG-PM co-chairs will run a deep dive session on the SIG-PM community-wide responsibilities, day-to-day responsibilities, together with working on the real-world cases.
https://sched.co/MPjc
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (PM) SIG - Ihor Dvoretskyi, CNCF & Stephen Augustus, VMware
Kubernetes is one of the most high-velocity open source projects in the world, and one of the most unique features of this community project - that it has its own PM team and PM process. SIG-PM, originally established as a Product Management Group, today covers multiple aspects of Product, Program and Project Management of Kubernetes. In this session, the SIG-PM co-chairs will run a deep dive session on the SIG-PM community-wide responsibilities, day-to-day responsibilities, together with working on the real-world cases.
https://sched.co/MPjc
- 3 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (Release) SIG - Tim Pepper & Stephen Augustus, VMware
Kubernetes is built through a motley collection of tools used in parallel and redundant ways on different cadences by a decentralized, global developer community. This runs counter to the established quality software engineering practice of a constantly exercised single build/test/release workflow. Our Release Engineering subproject aspires to a unified, deterministic, reproducible, verifiable build system used continually for dev/test as well as periodic official releases. In this SIG Release Deep Dive session we will briefly discuss the history of release engineering in Kubernetes and the build tooling and workflows present today, and then move on to our plans and progress towards commonizing build tooling and workflows, the positive benefits we expect will come in the next few release cycles from this effort, and how you can engage to better the future of Kubernetes.
https://sched.co/MPjf
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (Release) SIG - Tim Pepper & Stephen Augustus, VMware
Kubernetes is built through a motley collection of tools used in parallel and redundant ways on different cadences by a decentralized, global developer community. This runs counter to the established quality software engineering practice of a constantly exercised single build/test/release workflow. Our Release Engineering subproject aspires to a unified, deterministic, reproducible, verifiable build system used continually for dev/test as well as periodic official releases. In this SIG Release Deep Dive session we will briefly discuss the history of release engineering in Kubernetes and the build tooling and workflows present today, and then move on to our plans and progress towards commonizing build tooling and workflows, the positive benefits we expect will come in the next few release cycles from this effort, and how you can engage to better the future of Kubernetes.
https://sched.co/MPjf
- 5 participants
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (VMware) SIG - Loc Nguyen & Sidharth Surana, VMware
Deep Dive into the Cluster API Provider for vSphere The Cluster API is a Kubernetes project to bring declarative, Kubernetes-style APIs to cluster creation, configuration, and management. This is designed to support automated provisioning, scaling and updating of the underlying infrastructure supporting Kubernetes clusters. Cluster API providers exist for public cloud and on-premise platforms. SIG-VMware hosts a working group that maintains a Cluster API provider for the vSphere hypervisor. This session will take a deep dive into the design and use of the provider.
https://sched.co/MPji
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes (VMware) SIG - Loc Nguyen & Sidharth Surana, VMware
Deep Dive into the Cluster API Provider for vSphere The Cluster API is a Kubernetes project to bring declarative, Kubernetes-style APIs to cluster creation, configuration, and management. This is designed to support automated provisioning, scaling and updating of the underlying infrastructure supporting Kubernetes clusters. Cluster API providers exist for public cloud and on-premise platforms. SIG-VMware hosts a working group that maintains a Cluster API provider for the vSphere hypervisor. This session will take a deep dive into the design and use of the provider.
https://sched.co/MPji
- 4 participants
- 40 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes Architecture SIG - Timothy St. Clair, VMware
This will go into deep coverage of SIG Architecture's subprojects including the KEP process, the API review process, conformance testing review, and code organization. Other topics may include the evolving definition of what is in and out of scope for the project, as well as the latest visualizations of the ecosystem. Attendees should have a much better understanding of project architectural layering, governance, and goals.
https://sched.co/MPjl
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes Architecture SIG - Timothy St. Clair, VMware
This will go into deep coverage of SIG Architecture's subprojects including the KEP process, the API review process, conformance testing review, and code organization. Other topics may include the evolving definition of what is in and out of scope for the project, as well as the latest visualizations of the ecosystem. Attendees should have a much better understanding of project architectural layering, governance, and goals.
https://sched.co/MPjl
- 3 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes Metric APIs using Prometheus - Matthias Loibl & Sergiusz Urbaniak, Red Hat
Kubernetes traditionally uses metrics for its core scheduling decisions - in the beginning all of this started with an opinionated internal stack. Since then Kubernetes has introduced 3 orthogonal standardized metrics APIs. As of today many implementations exist - i.e. for cloud providers and on premise. In this talk we will first show the community process around metrics in Kubernetes, how the Special Interest Group (SIG) for instrumentation works and how to get involved. We will do an overview and deep dive in all 3 metric APIs, with a concrete fully open source Prometheus based deployment example. Once we have Prometheus running we will show how to bridge the gap between Prometheus and Kubernetes to use these APIs. Finally, we will conclude the talk with an example on scaling your deployments based on custom metrics served by your Prometheus with the Horizontal Pod Autoscaler.
https://sched.co/MPc1
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes Metric APIs using Prometheus - Matthias Loibl & Sergiusz Urbaniak, Red Hat
Kubernetes traditionally uses metrics for its core scheduling decisions - in the beginning all of this started with an opinionated internal stack. Since then Kubernetes has introduced 3 orthogonal standardized metrics APIs. As of today many implementations exist - i.e. for cloud providers and on premise. In this talk we will first show the community process around metrics in Kubernetes, how the Special Interest Group (SIG) for instrumentation works and how to get involved. We will do an overview and deep dive in all 3 metric APIs, with a concrete fully open source Prometheus based deployment example. Once we have Prometheus running we will show how to bridge the gap between Prometheus and Kubernetes to use these APIs. Finally, we will conclude the talk with an example on scaling your deployments based on custom metrics served by your Prometheus with the Horizontal Pod Autoscaler.
https://sched.co/MPc1
- 6 participants
- 33 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes WG for Multitenancy - Sanjeev Rampal, Cisco & Ryan Bezdicek, Cray, Inc.
The deep dive will be an interactive session to discuss the status of multitenancy in kubernetes, run unconference style, with attendees proposing topics of conversation and participating in a group conversation about the most popular topics. We will discuss the on-going work the multitenancy working group is working on and more future focused issues around the various SIGs that have a vested interest in multitenancy.
https://sched.co/MPjr
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Kubernetes WG for Multitenancy - Sanjeev Rampal, Cisco & Ryan Bezdicek, Cray, Inc.
The deep dive will be an interactive session to discuss the status of multitenancy in kubernetes, run unconference style, with attendees proposing topics of conversation and participating in a group conversation about the most popular topics. We will discuss the on-going work the multitenancy working group is working on and more future focused issues around the various SIGs that have a vested interest in multitenancy.
https://sched.co/MPjr
- 14 participants
- 47 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: NATS - Waldemar Quevedo, Synadia Communications, Inc
The NATS project took a big leap in 2018 towards making it possible to be used as the core component build a global overlay network to connect services securely. In NATS v2.0, its feature set has been considerably expanded, some of these features include, gateways to create super clusters, decentralized management via JWTs and ed25519 keys for auth, subject based isolation using accounts, a new clustering protocol and system accounts for operators. In this talk you will learn how about the internals of many of these features, the current state of the project and what is the next in its roadmap.
https://sched.co/MPjx
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: NATS - Waldemar Quevedo, Synadia Communications, Inc
The NATS project took a big leap in 2018 towards making it possible to be used as the core component build a global overlay network to connect services securely. In NATS v2.0, its feature set has been considerably expanded, some of these features include, gateways to create super clusters, decentralized management via JWTs and ed25519 keys for auth, subject based isolation using accounts, a new clustering protocol and system accounts for operators. In this talk you will learn how about the internals of many of these features, the current state of the project and what is the next in its roadmap.
https://sched.co/MPjx
- 4 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Network Service Mesh (NSM) - Nikolay Nikolaev, VMware & Frederick Kautz, Doc.ai
Network Service Mesh (NSM) is a young and ambitious project, offering solutions to many current problems around Cloud-Native Networking Connectivity in the L2/L3 layers. In this talk, we walk the audience through the process of solving practical problems with NSM using three scenarios:
Enabling an existing service-based solution to run on top of NSM with no code changes
Building a Network Service with the existing tools, with minimum coding
Using composition to build complex Network Services out of a collection of simple ones
The focus is on explaining the principles and offering practical advice on how to design for and integrate with NSM. Some source code and YAML manifest excerpts may be shown to illustrate the ideas.
Finally, a quick demo of a pre-implemented example will be show a link to all examples and materials will be shared for further exploration by the audience.
https://sched.co/NxZi
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Network Service Mesh (NSM) - Nikolay Nikolaev, VMware & Frederick Kautz, Doc.ai
Network Service Mesh (NSM) is a young and ambitious project, offering solutions to many current problems around Cloud-Native Networking Connectivity in the L2/L3 layers. In this talk, we walk the audience through the process of solving practical problems with NSM using three scenarios:
Enabling an existing service-based solution to run on top of NSM with no code changes
Building a Network Service with the existing tools, with minimum coding
Using composition to build complex Network Services out of a collection of simple ones
The focus is on explaining the principles and offering practical advice on how to design for and integrate with NSM. Some source code and YAML manifest excerpts may be shown to illustrate the ideas.
Finally, a quick demo of a pre-implemented example will be show a link to all examples and materials will be shared for further exploration by the audience.
https://sched.co/NxZi
- 2 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Open Policy Agent - Torin Sandall & Tim Hinrichs, Styra
Come to this session to hear from Tim Hinrichs and Torin Sandall, the co-creators of the OPA project. This session will provide a quick overview of OPA and then dive into recent developments and plans for the future. If you want to learn more about OPA or get involved, this session is for you!
https://sched.co/MPk0
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Open Policy Agent - Torin Sandall & Tim Hinrichs, Styra
Come to this session to hear from Tim Hinrichs and Torin Sandall, the co-creators of the OPA project. This session will provide a quick overview of OPA and then dive into recent developments and plans for the future. If you want to learn more about OPA or get involved, this session is for you!
https://sched.co/MPk0
- 4 participants
- 38 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Rook - Jared Watts & Bassam Tabbara, Upbound
In this talk, we will be taking a deep-dive through both the architecture and some of the more recent developments of the Rook project. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. We will learn in more depth about the recently added support for new storage providers, such as Cassandra and EdgeFS. We will also explore how Rook can implement new abstractions of storage to enable dynamic provisioning of more persistent resources in your applications, making them more portable and able to deploy consistently no matter what the environment is. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.
https://sched.co/MPk3
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Rook - Jared Watts & Bassam Tabbara, Upbound
In this talk, we will be taking a deep-dive through both the architecture and some of the more recent developments of the Rook project. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. We will learn in more depth about the recently added support for new storage providers, such as Cassandra and EdgeFS. We will also explore how Rook can implement new abstractions of storage to enable dynamic provisioning of more persistent resources in your applications, making them more portable and able to deploy consistently no matter what the environment is. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.
https://sched.co/MPk3
- 1 participant
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: SPIFFE - Scott Emmons & Emiliano Bernbaum, Scytale
SPIFFE (Secure Production Identity Framework For Everyone) is an open source standard for giving identities to services in dynamic and heterogeneous environments. SPIRE (SPIFFE Runtime Environment) is an implementation of SPIFFE that can be deployed to attest service workloads and the infrastructure that runs them. Is it best to deploy SPIRE components in daemonsets, statefulsets, or regular container deployments? How should configmaps be used to configure the SPIRE server and agent? How is the SPIRE agent deployed and configured so the workload API is available to service containers? What is the recommended mechanism for persisting SPIRE data for resiliency and security? In this deep dive, we’ll discuss these best practices plus more suggestions and recommendations for deploying SPIRE in Kubernetes.
https://sched.co/MPk9
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: SPIFFE - Scott Emmons & Emiliano Bernbaum, Scytale
SPIFFE (Secure Production Identity Framework For Everyone) is an open source standard for giving identities to services in dynamic and heterogeneous environments. SPIRE (SPIFFE Runtime Environment) is an implementation of SPIFFE that can be deployed to attest service workloads and the infrastructure that runs them. Is it best to deploy SPIRE components in daemonsets, statefulsets, or regular container deployments? How should configmaps be used to configure the SPIRE server and agent? How is the SPIRE agent deployed and configured so the workload API is available to service containers? What is the recommended mechanism for persisting SPIRE data for resiliency and security? In this deep dive, we’ll discuss these best practices plus more suggestions and recommendations for deploying SPIRE in Kubernetes.
https://sched.co/MPk9
- 2 participants
- 27 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Scalability SIG - Shyam Jeedigunta, Amazon Web Services & Wojciech Tyczynski, Google
This session will focus on the vision and strategy for the scalability effort. We will touch upon work the Scalability Special Interest Group has been doing over the past year. This involves work done along various fronts like improvements to scale-testing tooling, introduction of newer and more user-focused SLOs and performance/scalability improvements to Kubernetes. Following that, we will discuss what’s next in our roadmap. We will leave time for Q&A and receive input from the audience that can help guide our priorities.
https://sched.co/MPkd
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Scalability SIG - Shyam Jeedigunta, Amazon Web Services & Wojciech Tyczynski, Google
This session will focus on the vision and strategy for the scalability effort. We will touch upon work the Scalability Special Interest Group has been doing over the past year. This involves work done along various fronts like improvements to scale-testing tooling, introduction of newer and more user-focused SLOs and performance/scalability improvements to Kubernetes. Following that, we will discuss what’s next in our roadmap. We will leave time for Q&A and receive input from the audience that can help guide our priorities.
https://sched.co/MPkd
- 5 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Service Catalog SIG - Jonathan Berkhahn, IBM
Join us for a deep dive into how the Kubernetes Service Catalog works under the covers. Starting with a quick overview of Service Catalog and some of the challenges we faced while bridging the different processing models between Kubernetes and the Open Service Broker API, we will then look at more advanced scenarios and new features from the perspective of cluster operators, application developers and helm chart authors. You’ll come away with a solid understanding of how Service Catalog works and recommended workflows and practices for using it. Finally we would love for anyone considering contributing to stop by and get an introduction to all the parts of Service Catalog, meet the maintainers and learn how to become a contributor!
https://sched.co/MPk6
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Service Catalog SIG - Jonathan Berkhahn, IBM
Join us for a deep dive into how the Kubernetes Service Catalog works under the covers. Starting with a quick overview of Service Catalog and some of the challenges we faced while bridging the different processing models between Kubernetes and the Open Service Broker API, we will then look at more advanced scenarios and new features from the perspective of cluster operators, application developers and helm chart authors. You’ll come away with a solid understanding of how Service Catalog works and recommended workflows and practices for using it. Finally we would love for anyone considering contributing to stop by and get an introduction to all the parts of Service Catalog, meet the maintainers and learn how to become a contributor!
https://sched.co/MPk6
- 4 participants
- 38 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: TUF / Notary - Justin Cappos & Lukas Puehringer, NYU
When repositories are compromised, TUF and Notary provide protection so that users are not at risk. This talk focuses on some of the key innovations that make this possible, including self-revocation, key rotation, and integration into supply chain validation software such as in-toto.
https://sched.co/MPkF
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: TUF / Notary - Justin Cappos & Lukas Puehringer, NYU
When repositories are compromised, TUF and Notary provide protection so that users are not at risk. This talk focuses on some of the key innovations that make this possible, including self-revocation, key rotation, and integration into supply chain validation software such as in-toto.
https://sched.co/MPkF
- 8 participants
- 41 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Testing SIG - Benjamin Elder, Google & James Munnelly, Jetstack
The kind (Kubernetes-In-Docker) project virtualizes entire multi-node Kubernetes clusters in containers to allow for a lightweight deployment topology in order to facilitate testing. This presentation will explore how the kind project is used to support testing for the Kubernetes project, how it works, and how developers can make use of kind to facilitate their own testing needs.
https://sched.co/MPkC
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Testing SIG - Benjamin Elder, Google & James Munnelly, Jetstack
The kind (Kubernetes-In-Docker) project virtualizes entire multi-node Kubernetes clusters in containers to allow for a lightweight deployment topology in order to facilitate testing. This presentation will explore how the kind project is used to support testing for the Kubernetes project, how it works, and how developers can make use of kind to facilitate their own testing needs.
https://sched.co/MPkC
- 4 participants
- 21 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Virtual Kubelet - Jeremy Rickard, Microsoft & Lei Zhang, Alibaba Cloud
Virtual Kubelet has most recently been accepted into the CNCF as a sandboxed project. As the project continues to grow in contributors and users we are always looking for ways to educate folks on how to contribute back to Virtual Kubelet. In this talk we will focus on the core interface of Virtual Kubelet and how a developer could get started with building his/her first provider! The talk will include an engineer from Alibaba who contributed the Elastic Container Instance provider and a maintainer of Virtual Kubelet, so we have a spectrum of perspectives represented.
https://sched.co/MPkI
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Virtual Kubelet - Jeremy Rickard, Microsoft & Lei Zhang, Alibaba Cloud
Virtual Kubelet has most recently been accepted into the CNCF as a sandboxed project. As the project continues to grow in contributors and users we are always looking for ways to educate folks on how to contribute back to Virtual Kubelet. In this talk we will focus on the core interface of Virtual Kubelet and how a developer could get started with building his/her first provider! The talk will include an engineer from Alibaba who contributed the Elastic Container Instance provider and a maintainer of Virtual Kubelet, so we have a spectrum of perspectives represented.
https://sched.co/MPkI
- 5 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Extending Knative for Fun and Profit - Matt Moore & Ville Aikas, Google
Come learn how the Knative building blocks work together with zero baked in knowledge of one another. We will cover a new model for loose coupling in Kubernetes, and show how it is used throughout Knative. We will demonstrate how this model can be used to read and manipulate whole classes of Kubernetes resources. We will also demonstrate how this model can be used with Knative, e.g. to create a new abstractions to receive Events.
https://sched.co/MPaK
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Extending Knative for Fun and Profit - Matt Moore & Ville Aikas, Google
Come learn how the Knative building blocks work together with zero baked in knowledge of one another. We will cover a new model for loose coupling in Kubernetes, and show how it is used throughout Knative. We will demonstrate how this model can be used to read and manipulate whole classes of Kubernetes resources. We will also demonstrate how this model can be used with Knative, e.g. to create a new abstractions to receive Events.
https://sched.co/MPaK
- 3 participants
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
FaaS is Not Only the Serverless: Stream Processing with Serverless - Jun Makishi & Kensaku Komatsu, NTT Communications
Function as a Service is the popular solution of Serverless, which runs a short-lived function. In contrast, we will show a new Serverless: run long-lived function to deal with stream data. Our proposal is unique since it starts multiple Serverless functions for single stream, and let them keep processing the stream one after another. This enables a new use case like enriching an application with AI-powered analytics using video stream in real-time. NTT Communications has developed a new platform with Kubernetes and gRPC. We will throw a live demo to send voice stream from browser to this platform and run media processing functions in real-time. The functions will be open sourced, and all participants can try it out from tomorrow.
https://sched.co/MPeU
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
FaaS is Not Only the Serverless: Stream Processing with Serverless - Jun Makishi & Kensaku Komatsu, NTT Communications
Function as a Service is the popular solution of Serverless, which runs a short-lived function. In contrast, we will show a new Serverless: run long-lived function to deal with stream data. Our proposal is unique since it starts multiple Serverless functions for single stream, and let them keep processing the stream one after another. This enables a new use case like enriching an application with AI-powered analytics using video stream in real-time. NTT Communications has developed a new platform with Kubernetes and gRPC. We will throw a live demo to send voice stream from browser to this platform and run media processing functions in real-time. The functions will be open sourced, and all participants can try it out from tomorrow.
https://sched.co/MPeU
- 2 participants
- 28 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Fluent Bit: Extending Your Logging Pipeline with Go - Warren Fernandes & Jason Keene, Pivotal
Fluent Bit is a high-performance and lightweight logging agent implemented in C. Unlike its better known sibling Fluentd, it has fewer plugins for processing and forwarding logs. To facilitate the need for plugins, Fluent Bit has exposed interfaces for writing output plugins in Go. In this talk Warren and Jason describe how they implemented an output plugin for the syslog protocol whilst explaining the challenges they faced. Topics Include: - Why Fluent Bit - An overview of Fluent Bit’s architecture - How Fluent Bit interfaces between C and Go - How to write a Go output plugin - What are the current limitations of Go plugins - Recent and future improvements to Fluent Bit’s Go interface This talk would interest those evaluating Fluent Bit to be a part of their logging solution. You’ll learn how extensible it can be by using third-party plugins or by building one of your own!
https://sched.co/MPby
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Fluent Bit: Extending Your Logging Pipeline with Go - Warren Fernandes & Jason Keene, Pivotal
Fluent Bit is a high-performance and lightweight logging agent implemented in C. Unlike its better known sibling Fluentd, it has fewer plugins for processing and forwarding logs. To facilitate the need for plugins, Fluent Bit has exposed interfaces for writing output plugins in Go. In this talk Warren and Jason describe how they implemented an output plugin for the syslog protocol whilst explaining the challenges they faced. Topics Include: - Why Fluent Bit - An overview of Fluent Bit’s architecture - How Fluent Bit interfaces between C and Go - How to write a Go output plugin - What are the current limitations of Go plugins - Recent and future improvements to Fluent Bit’s Go interface This talk would interest those evaluating Fluent Bit to be a part of their logging solution. You’ll learn how extensible it can be by using third-party plugins or by building one of your own!
https://sched.co/MPby
- 5 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
From New Cluster to Insight. Deploying Monitoring and Logging to Kubernetes - Eddie Zaneski, DigitalOcean
The question that most people ask after spinning up their first Kubernetes cluster is "how do I do monitoring and logging". In this session we'll utilize open source tools like Prometheus, Helm, Grafana, and Loki to quickly go from being in the dark to having full visibility into the happenings of our clusters and workloads. We'll deploy an entire monitoring and logging stack to a fresh cluster live and discuss the pros and cons of such tools. You'll leave this session with a playbook on how to bootstrap your cluster observability and some gotchas and lesson's learned from our monitoring of large workloads at DigitalOcean.
https://sched.co/MPba
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
From New Cluster to Insight. Deploying Monitoring and Logging to Kubernetes - Eddie Zaneski, DigitalOcean
The question that most people ask after spinning up their first Kubernetes cluster is "how do I do monitoring and logging". In this session we'll utilize open source tools like Prometheus, Helm, Grafana, and Loki to quickly go from being in the dark to having full visibility into the happenings of our clusters and workloads. We'll deploy an entire monitoring and logging stack to a fresh cluster live and discuss the pros and cons of such tools. You'll leave this session with a playbook on how to bootstrap your cluster observability and some gotchas and lesson's learned from our monitoring of large workloads at DigitalOcean.
https://sched.co/MPba
- 6 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
GPU Machine Learning From Laptop to Cloud - Mark Puddick, Pivotal
In this session Mark will talk about how to setup and build containers to run GPU accelerated Machine Learning workloads on your laptop and move these easily to cloud. The session will cover setting up a local GPU accelerated environment, which can be great for testing on smaller data, then moving this over to run on larger sets in the cloud. Although the concepts in this session will focus on Python and Kersas workloads this can easily be applied to other machine learning technologies.
https://sched.co/MPaW
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
GPU Machine Learning From Laptop to Cloud - Mark Puddick, Pivotal
In this session Mark will talk about how to setup and build containers to run GPU accelerated Machine Learning workloads on your laptop and move these easily to cloud. The session will cover setting up a local GPU accelerated environment, which can be great for testing on smaller data, then moving this over to run on larger sets in the cloud. Although the concepts in this session will focus on Python and Kersas workloads this can easily be applied to other machine learning technologies.
https://sched.co/MPaW
- 1 participant
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Going from 5s to 5ms: Benefits of a Node-Local DNSCache - Pavithra Ramesh, Google & Blake Barnett, Postmates
DNS is one of the most heavily used services in Kubernetes clusters.The kubernetes community has long struggled with these mysterious 5s connection delays or DNS failures. This talk discusses how this problem is (mostly!) solved with the node-local DNSCache, a feature introduced in Kubernetes 1.13. We’ll start by diving into the DNS problem, the motivation for the feature as well as the design and implementation. Attendees will learn how to use this feature on their clusters. In addition to the latency issue itself, visibility into DNS has been a pain point for many users. Not any more! The metrics exposed by the local DNSCache provides insight into user workloads' DNS needs. We’ll show some of these metrics, along with a demo of how the feature works. Finally, we will share the performance improvements observed in a large-scale production deployment running node-local DNS Cache.
https://sched.co/MPbO
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Going from 5s to 5ms: Benefits of a Node-Local DNSCache - Pavithra Ramesh, Google & Blake Barnett, Postmates
DNS is one of the most heavily used services in Kubernetes clusters.The kubernetes community has long struggled with these mysterious 5s connection delays or DNS failures. This talk discusses how this problem is (mostly!) solved with the node-local DNSCache, a feature introduced in Kubernetes 1.13. We’ll start by diving into the DNS problem, the motivation for the feature as well as the design and implementation. Attendees will learn how to use this feature on their clusters. In addition to the latency issue itself, visibility into DNS has been a pain point for many users. Not any more! The metrics exposed by the local DNSCache provides insight into user workloads' DNS needs. We’ll show some of these metrics, along with a demo of how the feature works. Finally, we will share the performance improvements observed in a large-scale production deployment running node-local DNS Cache.
https://sched.co/MPbO
- 6 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Grow with Less Pains - Meshing From Monolith to Microservices - Leo LIang, Cruise Automation
This talk will walk you through the adventure, learnings and culture shift on how we evolve A high growth sartup architecture into microservice world; We used L5D, Consul, Nginx, Prometheus, and customized L5D plugins to build up the service mesh that is taking care of billions of request every day. The service mesh manages all traffic from edge to Inter-services and is working with a heterogeneous type of service nodes from EC2 box, ECS, K8S to Lambda. The flexibility, observability and stability enable the business and teams to move fast with confidence. Contentof the presentation will be from 1st https://goo.gl/cE5e6Y 2rd https://goo.gl/czHkex 3rd https://goo.gl/c2ucMu
https://sched.co/MPfS
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Grow with Less Pains - Meshing From Monolith to Microservices - Leo LIang, Cruise Automation
This talk will walk you through the adventure, learnings and culture shift on how we evolve A high growth sartup architecture into microservice world; We used L5D, Consul, Nginx, Prometheus, and customized L5D plugins to build up the service mesh that is taking care of billions of request every day. The service mesh manages all traffic from edge to Inter-services and is working with a heterogeneous type of service nodes from EC2 box, ECS, K8S to Lambda. The flexibility, observability and stability enable the business and teams to move fast with confidence. Contentof the presentation will be from 1st https://goo.gl/cE5e6Y 2rd https://goo.gl/czHkex 3rd https://goo.gl/c2ucMu
https://sched.co/MPfS
- 2 participants
- 39 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Hacking Helm - Paul Czarkowski, Pivotal & Scott Rigby, Codeacademy
Helm is the best way to build, package, and run Kubernetes manifests. However it has been considered by some as a fairly insecure way to deploy software, mostly due to its server component Tiller. Let’s put that to the test and hack (and then protect from those hacks) Helm. Paul will talk about the architecture behind Helm (v2) and how it is seen as particularly vulnerable to hacks designed to either gather information about deployed applications and even access the kubernetes cluster itself. Paul will then demonstrate several hacks in growing sophistication that do exactly that and then show how to protect yourself from those attacks. Paul will finish with a summary of how you can use Helm as securely as possible.
https://sched.co/MPXN
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Hacking Helm - Paul Czarkowski, Pivotal & Scott Rigby, Codeacademy
Helm is the best way to build, package, and run Kubernetes manifests. However it has been considered by some as a fairly insecure way to deploy software, mostly due to its server component Tiller. Let’s put that to the test and hack (and then protect from those hacks) Helm. Paul will talk about the architecture behind Helm (v2) and how it is seen as particularly vulnerable to hacks designed to either gather information about deployed applications and even access the kubernetes cluster itself. Paul will then demonstrate several hacks in growing sophistication that do exactly that and then show how to protect yourself from those attacks. Paul will finish with a summary of how you can use Helm as securely as possible.
https://sched.co/MPXN
- 3 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How We Used Kubernetes to Host a Capture the Flag (CTF) - Ariel Zelivansky & Liron Levin, Twistlock
CTF competitions are now commonly used for cybersecurity education purposes, and are solved by many enthusiast researchers looking for a challenge. In Twistlock, we decided to host an online CTF competition with unique challenges that required a live, dedicated persistent machine, for each participant. Using Kubernetes, we managed to successfully host the challenge, publicly open, without sacrificing the security of our infrastructure. We will discuss: Introduction to the CTF and why we choose to run it on Kubernetes Attack vectors for giving users untrusted shells to pods Container isolation technologies such as gvisor and network policies. Patterns for dynamically scaling pods and routes for new CTF participates In the end, attendees will learn the security building blocks of Kubernetes, and how it can be used for non conventional purposes such as hosting a one time live challenge.
https://sched.co/MPYd
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
How We Used Kubernetes to Host a Capture the Flag (CTF) - Ariel Zelivansky & Liron Levin, Twistlock
CTF competitions are now commonly used for cybersecurity education purposes, and are solved by many enthusiast researchers looking for a challenge. In Twistlock, we decided to host an online CTF competition with unique challenges that required a live, dedicated persistent machine, for each participant. Using Kubernetes, we managed to successfully host the challenge, publicly open, without sacrificing the security of our infrastructure. We will discuss: Introduction to the CTF and why we choose to run it on Kubernetes Attack vectors for giving users untrusted shells to pods Container isolation technologies such as gvisor and network policies. Patterns for dynamically scaling pods and routes for new CTF participates In the end, attendees will learn the security building blocks of Kubernetes, and how it can be used for non conventional purposes such as hosting a one time live challenge.
https://sched.co/MPYd
- 2 participants
- 30 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Improving Availability for Stateful Applications in Kubernetes - Michelle Au, Google
Over 40% of Kubernetes clusters run stateful applications. However, there are still challenges with deployment, especially with choosing a storage backend that is best suited to support your application across multiple failure domains. In this talk, we will discuss improvements that make it easier to run stateful applications across multiple failure domains for increased availability, and demonstrate how Kubernetes automatically recovers from failure scenarios at the node and zone layers. We will also discuss different categories of storage and their pros and cons in these failure scenarios. You will walk away with a better understanding of Kubernetes’ scheduling and failure recovery capabilities with respect to stateful workloads, and which types of storage backends are most appropriate to meet your stateful application’s availability, reliability, and performance goals.
https://sched.co/MPfh
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Improving Availability for Stateful Applications in Kubernetes - Michelle Au, Google
Over 40% of Kubernetes clusters run stateful applications. However, there are still challenges with deployment, especially with choosing a storage backend that is best suited to support your application across multiple failure domains. In this talk, we will discuss improvements that make it easier to run stateful applications across multiple failure domains for increased availability, and demonstrate how Kubernetes automatically recovers from failure scenarios at the node and zone layers. We will also discuss different categories of storage and their pros and cons in these failure scenarios. You will walk away with a better understanding of Kubernetes’ scheduling and failure recovery capabilities with respect to stateful workloads, and which types of storage backends are most appropriate to meet your stateful application’s availability, reliability, and performance goals.
https://sched.co/MPfh
- 4 participants
- 42 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Infrastructure as Software - Paul Jones, Dyson
Infrastructure as code has facilitated the automated provisioning of computing resources, however the cognitive overhead of adopting new DSLs, the verbosity of declaratively defining resources in templates, and the lack of basic programming language features can be inhibitors in development time and iteration. Pulumi is a Cloud Native Infrastructure as Code SDK for creating a deploying cloud applications in general purpose languages to AWS, Azure, GCP and Kubernetes. Similarly, the AWS CDK is an open-source framework for defining cloud infrastructure in modern programming languages, by building on the CDK’s library of infrastructure constructs to compose stacks and apps. We will cover both Pulumi and the AWS CDK to explore the options to programmatically define infrastructure, as well as demonstrating their ability to facilitate more testable, extensible and secure infrastructure.
https://sched.co/MPXQ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Infrastructure as Software - Paul Jones, Dyson
Infrastructure as code has facilitated the automated provisioning of computing resources, however the cognitive overhead of adopting new DSLs, the verbosity of declaratively defining resources in templates, and the lack of basic programming language features can be inhibitors in development time and iteration. Pulumi is a Cloud Native Infrastructure as Code SDK for creating a deploying cloud applications in general purpose languages to AWS, Azure, GCP and Kubernetes. Similarly, the AWS CDK is an open-source framework for defining cloud infrastructure in modern programming languages, by building on the CDK’s library of infrastructure constructs to compose stacks and apps. We will cover both Pulumi and the AWS CDK to explore the options to programmatically define infrastructure, as well as demonstrating their ability to facilitate more testable, extensible and secure infrastructure.
https://sched.co/MPXQ
- 1 participant
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Inside the CNCF Project Security Reviews - Justin Cormack, Docker
Last year the CNCF started funding security reviews for its projects.
This talk examines the review process from the inside and looks at the outcomes and lessons from the reviews that have been performed so far. What vulnerabilities were found? What types of problem are common across projects? How should you prepare for a review? The talk will cover how to make the most of a security review, what to expect from it, what to bring to the review process, and how to maximise the benefits of a review. It will be illustrated with details of the review process for the Notary and TUF audits from the inside as I was involved in this process, and with a detailed analysis of the public reports, including Prometheus, CoreDNS, Envoy, Containerd and more. The talk will look at the issues found in the different projects, the areas in which issues were not found, and common themes.
https://sched.co/MPdf
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Inside the CNCF Project Security Reviews - Justin Cormack, Docker
Last year the CNCF started funding security reviews for its projects.
This talk examines the review process from the inside and looks at the outcomes and lessons from the reviews that have been performed so far. What vulnerabilities were found? What types of problem are common across projects? How should you prepare for a review? The talk will cover how to make the most of a security review, what to expect from it, what to bring to the review process, and how to maximise the benefits of a review. It will be illustrated with details of the review process for the Notary and TUF audits from the inside as I was involved in this process, and with a detailed analysis of the public reports, including Prometheus, CoreDNS, Envoy, Containerd and more. The talk will look at the issues found in the different projects, the areas in which issues were not found, and common themes.
https://sched.co/MPdf
- 6 participants
- 41 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Cloud-Provider SIG - Chris Hoge, OpenStack Foundation, Andrew Sy Kim, VMware, & Jago Macleod, Google
This SIG-Cloud-Provider session will begin with an introduction to the SIG activities in representing the collective interests of all participating cloud providers in the Kubernetes ecosystem. The session will then move on to the status of current efforts to remove the in-tree cloud provider code from the Kubernetes code base and replacing this code with the Cloud Controller Manager interface and external provider code. Time permitting, we will also cover collaborations with other SIGs such as Docs, Testing, and Cluster Lifecycle.
https://sched.co/MPkm
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro + Deep Dive: Cloud-Provider SIG - Chris Hoge, OpenStack Foundation, Andrew Sy Kim, VMware, & Jago Macleod, Google
This SIG-Cloud-Provider session will begin with an introduction to the SIG activities in representing the collective interests of all participating cloud providers in the Kubernetes ecosystem. The session will then move on to the status of current efforts to remove the in-tree cloud provider code from the Kubernetes code base and replacing this code with the Cloud Controller Manager interface and external provider code. Time permitting, we will also cover collaborations with other SIGs such as Docs, Testing, and Cluster Lifecycle.
https://sched.co/MPkm
- 16 participants
- 1:13 hours
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Auth SIG - Mo Khan, Red Hat & Mike Danese, Google
We will present a high level overview of the SIG with an emphasis on recent accomplishments. Furthermore we will discuss immediate goals for the next few releases to help prospective individuals understand where they can get involved. This structure of presentation is similar to what we did in KubeCon NA 2018 - we received generally positive feedback from the community members.
https://sched.co/MPh3
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Auth SIG - Mo Khan, Red Hat & Mike Danese, Google
We will present a high level overview of the SIG with an emphasis on recent accomplishments. Furthermore we will discuss immediate goals for the next few releases to help prospective individuals understand where they can get involved. This structure of presentation is similar to what we did in KubeCon NA 2018 - we received generally positive feedback from the community members.
https://sched.co/MPh3
- 4 participants
- 26 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Brigade - Radu Matei, Microsoft
Brigade is a lightweight, Kubernetes-native framework which allows the creation of event-driven workflows. Using JavaScript, Brigade chains together containers and controls their execution in an in-cluster scripting environment that enables easy error handling and data sharing. In this session, you will learn how to get started with Brigade, how to use the existing GitHub, CloudEvents and generic event support and integrate them in your workflow, and how different companies are using Brigade to automate their internal workflows (from code quality assessment and security scanning, to automatically generating preview environments for each pull request), and ultimately allow teams to build massively distributed workflows using a few lines of JavaScript.
https://sched.co/N7PI
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Brigade - Radu Matei, Microsoft
Brigade is a lightweight, Kubernetes-native framework which allows the creation of event-driven workflows. Using JavaScript, Brigade chains together containers and controls their execution in an in-cluster scripting environment that enables easy error handling and data sharing. In this session, you will learn how to get started with Brigade, how to use the existing GitHub, CloudEvents and generic event support and integrate them in your workflow, and how different companies are using Brigade to automate their internal workflows (from code quality assessment and security scanning, to automatically generating preview environments for each pull request), and ultimately allow teams to build massively distributed workflows using a few lines of JavaScript.
https://sched.co/N7PI
- 1 participant
- 28 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Envoy - Lizan Zhou, Tetrate
Envoy is a high-performance proxy in the cloud-native landscape designed to be extensible at its core. There are several possible “extension points” in Envoy as outlined in https://github.com/envoyproxy/envoy/tree/master/source/extensions. However, the currently available approaches to extend it is rather limited. Since Envoy is written in C++, the primary way to introduce new extended functionality in Envoy is by writing an extension (e.g. filters, either network or HTTP filter, as one of the most relevant use-cases in Envoy), in C++. It is possible to write an extension for Envoy using Lua (https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/lua_filter.html), but the current scope of this extension is only for HTTP traffic.
https://sched.co/MPhd
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Envoy - Lizan Zhou, Tetrate
Envoy is a high-performance proxy in the cloud-native landscape designed to be extensible at its core. There are several possible “extension points” in Envoy as outlined in https://github.com/envoyproxy/envoy/tree/master/source/extensions. However, the currently available approaches to extend it is rather limited. Since Envoy is written in C++, the primary way to introduce new extended functionality in Envoy is by writing an extension (e.g. filters, either network or HTTP filter, as one of the most relevant use-cases in Envoy), in C++. It is possible to write an extension for Envoy using Lua (https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/lua_filter.html), but the current scope of this extension is only for HTTP traffic.
https://sched.co/MPhd
- 8 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (AWS) SIG - Justin Santa Barbara, Google
sig-aws is responsible for the interfaces between kubernetes and AWS. The kubernetes project is itself increasingly moving momentum outside of the main kubernetes/kubernetes repository into subprojects. sig-aws is one of the leaders here, with 5 subprojects at the start of the year (broadly: cloudprovider, ALB, IAM, encryption, EBS) and likely at least one new one by Barcelona (EFS, FSx). We'll also discuss the cloudprovider extraction and our collaboration with sig-cloudprovider. We'll provide an update on the progress of those subprojects and discuss the future plans and roadmap together. And if you want to, we can describe how to get involved in these projects!
https://sched.co/MPhs
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (AWS) SIG - Justin Santa Barbara, Google
sig-aws is responsible for the interfaces between kubernetes and AWS. The kubernetes project is itself increasingly moving momentum outside of the main kubernetes/kubernetes repository into subprojects. sig-aws is one of the leaders here, with 5 subprojects at the start of the year (broadly: cloudprovider, ALB, IAM, encryption, EBS) and likely at least one new one by Barcelona (EFS, FSx). We'll also discuss the cloudprovider extraction and our collaboration with sig-cloudprovider. We'll provide an update on the progress of those subprojects and discuss the future plans and roadmap together. And if you want to, we can describe how to get involved in these projects!
https://sched.co/MPhs
- 7 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (VMware) SIG - David vonThenen & Steven Wong, VMware
Intro to the vSphere CSI Volume Driver The Container Storage Interface (CSI) is a specification designed to enable persistent storage volume management, using a plugin maintained independently of Kubernetes. Kubernetes CSI support recently advanced to GA. In the longer term, there is a plan to deprecate existing legacy storage plugins. New storage-related functionality, such as snapshot support, is now being targeted for CSI only. The “in-tree” vSphere storage plugin remains fully supported at this time. but users running Kubernetes on vSphere may wish to change to CSI to gain new features. At some point in the future, migration to the CSI plugin will become mandatory. This session will explain and demonstrate deployment, configuration and use of the new vSphere CSI driver. We will also cover migration and the roadmap for new functionality including snapshots, and other topics (e.g. interaction with scheduling and zones).
https://sched.co/MPi1
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (VMware) SIG - David vonThenen & Steven Wong, VMware
Intro to the vSphere CSI Volume Driver The Container Storage Interface (CSI) is a specification designed to enable persistent storage volume management, using a plugin maintained independently of Kubernetes. Kubernetes CSI support recently advanced to GA. In the longer term, there is a plan to deprecate existing legacy storage plugins. New storage-related functionality, such as snapshot support, is now being targeted for CSI only. The “in-tree” vSphere storage plugin remains fully supported at this time. but users running Kubernetes on vSphere may wish to change to CSI to gain new features. At some point in the future, migration to the CSI plugin will become mandatory. This session will explain and demonstrate deployment, configuration and use of the new vSphere CSI driver. We will also cover migration and the roadmap for new functionality including snapshots, and other topics (e.g. interaction with scheduling and zones).
https://sched.co/MPi1
- 5 participants
- 45 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes SIG - Da Ma, Huawei & Zefeng Wang, Huawei
Kubernetes started as a general purpose orchestration framework with a focus on serving jobs. But as it gains popularity, users want to run high performance workloads on Kubernetes, such as Spark, TensorFlow, etc. When running these workloads in Kubernetes, several advanced capability are required, e.g. fair-share sharing, queue, job management (suspend/resume), data management. This Intro will present the work in community to bring "batch" capability.
https://sched.co/MPi7
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes SIG - Da Ma, Huawei & Zefeng Wang, Huawei
Kubernetes started as a general purpose orchestration framework with a focus on serving jobs. But as it gains popularity, users want to run high performance workloads on Kubernetes, such as Spark, TensorFlow, etc. When running these workloads in Kubernetes, several advanced capability are required, e.g. fair-share sharing, queue, job management (suspend/resume), data management. This Intro will present the work in community to bring "batch" capability.
https://sched.co/MPi7
- 2 participants
- 26 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Scheduling SIG - Da Ma & Shivram Srivastava, Huawei
A novel Flow Network Graph based Scheduling approach in Kubernetes: Today’s Kubernetes clusters can comprise of 5,000-10,000 nodes, increase by an order of magnitude from original design specs. The default Kubernetes scheduler dates back from earlier more modest deployments. It is queue-based, processing unscheduled pods in sequential fashion. For a large Kubernetes clusters, such scheduler processing logic can introduce long, even unbounded scheduling latencies, negatively affecting overall throughput for workload deployments. This talk outlines how Kubernetes is a victim of its own success, scheduling-wise. It lays out the current pod queuing challenges and describes a novel scheduling approach based on Flow Network Graph technique, enabling low workload scheduling latencies at scale. The presentation details the resulting extreme efficiencies and high quality placement decisions of such an approach and the accompanying pluggable scheduling policies.
https://sched.co/MPiV
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Scheduling SIG - Da Ma & Shivram Srivastava, Huawei
A novel Flow Network Graph based Scheduling approach in Kubernetes: Today’s Kubernetes clusters can comprise of 5,000-10,000 nodes, increase by an order of magnitude from original design specs. The default Kubernetes scheduler dates back from earlier more modest deployments. It is queue-based, processing unscheduled pods in sequential fashion. For a large Kubernetes clusters, such scheduler processing logic can introduce long, even unbounded scheduling latencies, negatively affecting overall throughput for workload deployments. This talk outlines how Kubernetes is a victim of its own success, scheduling-wise. It lays out the current pod queuing challenges and describes a novel scheduling approach based on Flow Network Graph technique, enabling low workload scheduling latencies at scale. The presentation details the resulting extreme efficiencies and high quality placement decisions of such an approach and the accompanying pluggable scheduling policies.
https://sched.co/MPiV
- 4 participants
- 46 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Service Catalog SIG - Jonathan Berkhahn, IBM
This is an introduction to the Kubernetes Service Catalog project. Service Catalog lets you provision cloud services, regardless of where they are hosted, directly from the comfort of native Kubernetes tooling. This works across platforms because we follow the Open Service Broker API, an open standard to provision and manage cloud services. Learn how you can use Service Catalog to access third-party services from your Kubernetes applications. We will walk through provisioning a database directly through Kubernetes and and then connect to it from an application running on the cluster.
https://sched.co/MPiY
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Service Catalog SIG - Jonathan Berkhahn, IBM
This is an introduction to the Kubernetes Service Catalog project. Service Catalog lets you provision cloud services, regardless of where they are hosted, directly from the comfort of native Kubernetes tooling. This works across platforms because we follow the Open Service Broker API, an open standard to provision and manage cloud services. Learn how you can use Service Catalog to access third-party services from your Kubernetes applications. We will walk through provisioning a database directly through Kubernetes and and then connect to it from an application running on the cluster.
https://sched.co/MPiY
- 2 participants
- 30 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Telepresence - Richard Li, Datawire
We'll talk about development workflows for Kubernetes. We'll discuss the differences between traditional development, and different approaches people take to building Kubernetes services. We'll then introduce Telepresence and discuss how it integrates with different organizational development workflows. Finally, we'll talk about the evolution of Telepresence and how we are actively moving Telepresence forward from its heritage as a VPN-type approach into a more sophisticated L7 routing layer for developers.
https://sched.co/MPie
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Telepresence - Richard Li, Datawire
We'll talk about development workflows for Kubernetes. We'll discuss the differences between traditional development, and different approaches people take to building Kubernetes services. We'll then introduce Telepresence and discuss how it integrates with different organizational development workflows. Finally, we'll talk about the evolution of Telepresence and how we are actively moving Telepresence forward from its heritage as a VPN-type approach into a more sophisticated L7 routing layer for developers.
https://sched.co/MPie
- 2 participants
- 31 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Vitess - Sugu Sougoumarane & Deepthi Sigireddi, PlanetScale
This session will cover a high level overview of all the Vitess features. Following this, we'll go over a tutorial on how to bring up a fully functional Vitess cluster in Kubernetes. Once up, we'll go through the steps to reshard the database while it's serving live traffic. Following this, we'll demonstrate the newest and most exciting feature of Vitess: VReplication, which allows you to materialize sharded views and rollups in real-time.
https://sched.co/MPiq
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Vitess - Sugu Sougoumarane & Deepthi Sigireddi, PlanetScale
This session will cover a high level overview of all the Vitess features. Following this, we'll go over a tutorial on how to bring up a fully functional Vitess cluster in Kubernetes. Once up, we'll go through the steps to reshard the database while it's serving live traffic. Following this, we'll demonstrate the newest and most exciting feature of Vitess: VReplication, which allows you to materialize sharded views and rollups in real-time.
https://sched.co/MPiq
- 3 participants
- 38 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio Multi-Cluster Service Mesh Patterns Explained - Daniel Berg & Ram Vennam, IBM
This session will review the various multi-cluster service mesh deployment patterns that are available with Istio. We will explain the pros and cons of each approach to ensure that you have the information necessary to properly apply one or more of these patterns for your own needs. We will provide a demonstration to show how one would setup a multi-cluster Istio mesh using Kubernetes clusters. This session is a must see if you currently are, or considering, implementing a hybrid cloud solution. Even if you are not yet using a service mesh, this session will provide valuable information to help you on your own hybrid journey.
https://sched.co/MPf1
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio Multi-Cluster Service Mesh Patterns Explained - Daniel Berg & Ram Vennam, IBM
This session will review the various multi-cluster service mesh deployment patterns that are available with Istio. We will explain the pros and cons of each approach to ensure that you have the information necessary to properly apply one or more of these patterns for your own needs. We will provide a demonstration to show how one would setup a multi-cluster Istio mesh using Kubernetes clusters. This session is a must see if you currently are, or considering, implementing a hybrid cloud solution. Even if you are not yet using a service mesh, this session will provide valuable information to help you on your own hybrid journey.
https://sched.co/MPf1
- 2 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
JustFootball’s Journey to gRPC + Linkerd in Production - Ben Lambert, JustFootball & Kevin Lingerfelt, Buoyant
Ben (Just Football) will talk about their journey with Kubernetes and microservices from the world of HTTP/1.1 to HTTP/2.0 and gRPC. He will talk about the reasons for moving, and the best practices Just Football adopted for using gRPC in production, including monitoring + design decisions and distribution of gRPC proto + clients. Kevin (Buoyant) will cover how Linkerd provides Just Football with observability and load balancing for their gRPC services. He'll also describe how the Linkerd project itself employs multiple gRPC features to facilitate robust communication between its control plane and its data plane.
https://sched.co/MPf4
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
JustFootball’s Journey to gRPC + Linkerd in Production - Ben Lambert, JustFootball & Kevin Lingerfelt, Buoyant
Ben (Just Football) will talk about their journey with Kubernetes and microservices from the world of HTTP/1.1 to HTTP/2.0 and gRPC. He will talk about the reasons for moving, and the best practices Just Football adopted for using gRPC in production, including monitoring + design decisions and distribution of gRPC proto + clients. Kevin (Buoyant) will cover how Linkerd provides Just Football with observability and load balancing for their gRPC services. He'll also describe how the Linkerd project itself employs multiple gRPC features to facilitate robust communication between its control plane and its data plane.
https://sched.co/MPf4
- 10 participants
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keep the Space Shuttle Flying: Writing Robust Operators - Illya Chekrygin, Upbound
As the operator pattern becomes the de-facto pattern for extending Kubernetes, the community is increasingly adding new declarative APIs for external resources that are managed by traditional imperative API.
In this talk, we will explore a set of lessons learned from building Operators that bridge Kubernetes’ declarative API with external imperative API. We’ll cover some of the challenges around resource identity, long-running changes, retries, progress, handling failures, validation, dry-runs, deletions, and finalizers. These lessons are based on the real-world experience of building multiple complex operators within the Rook (https://rook.io), Crossplane (https://crossplane.io).
https://sched.co/MPaN
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keep the Space Shuttle Flying: Writing Robust Operators - Illya Chekrygin, Upbound
As the operator pattern becomes the de-facto pattern for extending Kubernetes, the community is increasingly adding new declarative APIs for external resources that are managed by traditional imperative API.
In this talk, we will explore a set of lessons learned from building Operators that bridge Kubernetes’ declarative API with external imperative API. We’ll cover some of the challenges around resource identity, long-running changes, retries, progress, handling failures, validation, dry-runs, deletions, and finalizers. These lessons are based on the real-world experience of building multiple complex operators within the Rook (https://rook.io), Crossplane (https://crossplane.io).
https://sched.co/MPaN
- 5 participants
- 36 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Koping with Change: What kops Learned Adopting etcd3, cluster-api and CRDs - Justin Santa Barbara, Google & Mike Splain, Sonos
Kubernetes continues to adds features rapidly, but this makes it hard to install and operating a reliable kubernetes cluster. kops is an official OSS installation tool that makes kubernetes installation and operation turn-key. But doing that requires that kops manage that complexity. We’ve had a busy year, migrating to etcd3, moving from an aggregated-apiserver to CRDs, starting to adopt the cluster-api. At the same time we’re taking the best pieces of kops and contributing them "upstream" into reusable modules - contributing to etcd-management and addon-management tools, as well as to the cluster-api. We’ll give an overview of these changes and some of the challenges we faced, and share our strategies for dealing with the relentless pace of kubernetes change. We’ll also talk about how the upcoming roadmap for kubernetes, kops and for the components we’re spinning out of kops.
https://sched.co/MPcD
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Koping with Change: What kops Learned Adopting etcd3, cluster-api and CRDs - Justin Santa Barbara, Google & Mike Splain, Sonos
Kubernetes continues to adds features rapidly, but this makes it hard to install and operating a reliable kubernetes cluster. kops is an official OSS installation tool that makes kubernetes installation and operation turn-key. But doing that requires that kops manage that complexity. We’ve had a busy year, migrating to etcd3, moving from an aggregated-apiserver to CRDs, starting to adopt the cluster-api. At the same time we’re taking the best pieces of kops and contributing them "upstream" into reusable modules - contributing to etcd-management and addon-management tools, as well as to the cluster-api. We’ll give an overview of these changes and some of the challenges we faced, and share our strategies for dealing with the relentless pace of kubernetes change. We’ll also talk about how the upcoming roadmap for kubernetes, kops and for the components we’re spinning out of kops.
https://sched.co/MPcD
- 6 participants
- 36 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Storage 101 - Jan Šafránek, Red Hat & David Zhu, Google
Just getting started with Kubernetes?
In this introductory talk we’ll cover usage of persistent storage in Kubernetes so you can avoid its steep learning curve and common gotchas. Why does it look so complicated? What is a PersistentVolume? What is a PersistentVolumeClaim? Why are there two separate objects instead of just one? How is storage presented into my containers? How do I write scalable persistent applications? Where do I look to debug when storage is not working? How do I connect Kubernetes to my storage backend? What is this Container Storage Interface (CSI) thing that everybody is talking about??? We will answer all of these questions and more. You will leave this talk with a solid foundation for thinking about storage in Kubernetes as well as a greater understanding of how you can put the various pieces together to fit your unique use case.
https://sched.co/MPfk
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Storage 101 - Jan Šafránek, Red Hat & David Zhu, Google
Just getting started with Kubernetes?
In this introductory talk we’ll cover usage of persistent storage in Kubernetes so you can avoid its steep learning curve and common gotchas. Why does it look so complicated? What is a PersistentVolume? What is a PersistentVolumeClaim? Why are there two separate objects instead of just one? How is storage presented into my containers? How do I write scalable persistent applications? Where do I look to debug when storage is not working? How do I connect Kubernetes to my storage backend? What is this Container Storage Interface (CSI) thing that everybody is talking about??? We will answer all of these questions and more. You will leave this talk with a solid foundation for thinking about storage in Kubernetes as well as a greater understanding of how you can put the various pieces together to fit your unique use case.
https://sched.co/MPfk
- 6 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Large Scale Distributed Deep Learning with Kubernetes Operators - Yuan Tang, Ant Financial & Yong Tang, MobileIron
The focus of this talk is the usage of Kubernetes operators to manage and automate training process for machine learning tasks. Two open source Kubernetes operators, tf-operator and mpi-operator, will be discussed. Both operators manage training jobs for TensorFlow but they have different distribution strategies. The tf-operator fits the parameter server distribution strategy which has a centralized parameter server for coordination. The mpi-operator, on the other hand, utilize MPI allreduce primitive implementation. While the parameter server strategy requires a right ratio of CPU (for parameter servers) and GPU (for workers) to reach network-optimal, the all reduce distribution might be easier to optimize network cost. We will share our performance numbers in out talk for comparison of those two operators.
https://sched.co/MPaT
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Large Scale Distributed Deep Learning with Kubernetes Operators - Yuan Tang, Ant Financial & Yong Tang, MobileIron
The focus of this talk is the usage of Kubernetes operators to manage and automate training process for machine learning tasks. Two open source Kubernetes operators, tf-operator and mpi-operator, will be discussed. Both operators manage training jobs for TensorFlow but they have different distribution strategies. The tf-operator fits the parameter server distribution strategy which has a centralized parameter server for coordination. The mpi-operator, on the other hand, utilize MPI allreduce primitive implementation. While the parameter server strategy requires a right ratio of CPU (for parameter servers) and GPU (for workers) to reach network-optimal, the all reduce distribution might be easier to optimize network cost. We will share our performance numbers in out talk for comparison of those two operators.
https://sched.co/MPaT
- 4 participants
- 29 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Large Synoptic Survey Telescope: From Cloud Native to Dark Energy - Fabrice Jammes, LSST Corporation & French National Institute of Nuclear and Particle Physics (IN2P3)
Relying on the largest camera sensor ever designed, the Large Synoptic Survey Telescope (LSST) will revolutionize astronomy. The LSST data processing pipeline requires computational power of thousands of processors and several petabytes of data storage capacity per year. Celestial objects physical properties are stored in a database which will include trillions of entries. With a volume of many petabytes, this catalog will play a major role in research from identifying asteroids to understanding dark energy and matter. To meet those needs, a highly distributed software called Qserv, is being developed by an international team of engineers from USA (Stanford University) and France (IN2P3) Fabrice Jammes (IN2P3) will present the Qserv architecture, the challenges it must address, and how this disrupting database efficiently leverages Kubernetes.
https://sched.co/MPft
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Large Synoptic Survey Telescope: From Cloud Native to Dark Energy - Fabrice Jammes, LSST Corporation & French National Institute of Nuclear and Particle Physics (IN2P3)
Relying on the largest camera sensor ever designed, the Large Synoptic Survey Telescope (LSST) will revolutionize astronomy. The LSST data processing pipeline requires computational power of thousands of processors and several petabytes of data storage capacity per year. Celestial objects physical properties are stored in a database which will include trillions of entries. With a volume of many petabytes, this catalog will play a major role in research from identifying asteroids to understanding dark energy and matter. To meet those needs, a highly distributed software called Qserv, is being developed by an international team of engineers from USA (Stanford University) and France (IN2P3) Fabrice Jammes (IN2P3) will present the Qserv architecture, the challenges it must address, and how this disrupting database efficiently leverages Kubernetes.
https://sched.co/MPft
- 3 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lifecycle of a kubectl Command: Harden Kubernetes Setup with Automation - Sanjary Rahman, Booking.com
We at Booking.com run tens of on-premise multi-tenant Kubernetes clusters at scale. To automate integration with our existing bare-metal infrastructure and for running kubectl auth pipeline, we run an ecosystem using custom Kubernetes Controllers, Pod Security Policies and Kubernetes Auth & Admission Webhooks.
Kubernetes provides end users with limitless possibilities of automation to harden cluster setup, secure authentication and authorization pipelines and validate workload definition as per organization requirements which most of the users are not aware of or make use of. Most of the time hardening Kubernetes setup in a multi-tenant cluster with per namespace based setup itself can turn into a huge toil for the operators.
In this talk, you will see how we at Booking.com have achieved the aforementioned features in a fully automated fashion with zero human intervention involved.
https://sched.co/MPaH
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lifecycle of a kubectl Command: Harden Kubernetes Setup with Automation - Sanjary Rahman, Booking.com
We at Booking.com run tens of on-premise multi-tenant Kubernetes clusters at scale. To automate integration with our existing bare-metal infrastructure and for running kubectl auth pipeline, we run an ecosystem using custom Kubernetes Controllers, Pod Security Policies and Kubernetes Auth & Admission Webhooks.
Kubernetes provides end users with limitless possibilities of automation to harden cluster setup, secure authentication and authorization pipelines and validate workload definition as per organization requirements which most of the users are not aware of or make use of. Most of the time hardening Kubernetes setup in a multi-tenant cluster with per namespace based setup itself can turn into a huge toil for the operators.
In this talk, you will see how we at Booking.com have achieved the aforementioned features in a fully automated fashion with zero human intervention involved.
https://sched.co/MPaH
- 4 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
M3 and Prometheus, Monitoring at Planet Scale for Everyone - Rob Skillington, Uber
For the past few years Prometheus has solved the monitoring needs of many and it is exceptional at what it does. Prometheus has exploded in popularity and now many wish to store more metrics, at longer retention and establish a single pane of glass on top of Prometheus for their monitoring needs across regions. M3 is an open source metrics platform that you can deploy and run using Kubernetes and Helm that integrates with Prometheus. It can store petabytes of metrics data with replication for high availability in a cost efficient manner, with compaction averse time series storage and index that can efficiently index and run dimension based regexp queries on billions of metrics. Using a real world example we will cover in this talk how to deploy M3Coordinator and M3DB using the M3 Kubernetes operator and connect your Prometheus instances together into a single global monitoring system.
https://sched.co/MPbX
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
M3 and Prometheus, Monitoring at Planet Scale for Everyone - Rob Skillington, Uber
For the past few years Prometheus has solved the monitoring needs of many and it is exceptional at what it does. Prometheus has exploded in popularity and now many wish to store more metrics, at longer retention and establish a single pane of glass on top of Prometheus for their monitoring needs across regions. M3 is an open source metrics platform that you can deploy and run using Kubernetes and Helm that integrates with Prometheus. It can store petabytes of metrics data with replication for high availability in a cost efficient manner, with compaction averse time series storage and index that can efficiently index and run dimension based regexp queries on billions of metrics. Using a real world example we will cover in this talk how to deploy M3Coordinator and M3DB using the M3 Kubernetes operator and connect your Prometheus instances together into a single global monitoring system.
https://sched.co/MPbX
- 6 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Managing CRDs and Operators in Practice - Zhen Zhang, Alibaba & Wei Guo, Ant Financial
Manage one Operator is easy, but manage tons of Operators is hard, especially, when those Operators come from various teams throughout the country. In this talk, we will share experience & practices of developing and managing CRD + Operators across teams, with most of these developers are new to K8S API. We will talk about CRD standard we created to restrict common labels and fields for different kinds of CRD and ensure all CRD and Operators be formed to K8S conventions. We will share our CRD review process with code and config checking tools as well. We will then walk through a real use case to demo how these technics apply to refactoring a traditional middleware app into Operator. We will share challenges of using Helm to package these Operators, including Service Catalog integration and dependency mgmt. We believe this experience applies to any public cloud as well.
https://sched.co/MPXH
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Managing CRDs and Operators in Practice - Zhen Zhang, Alibaba & Wei Guo, Ant Financial
Manage one Operator is easy, but manage tons of Operators is hard, especially, when those Operators come from various teams throughout the country. In this talk, we will share experience & practices of developing and managing CRD + Operators across teams, with most of these developers are new to K8S API. We will talk about CRD standard we created to restrict common labels and fields for different kinds of CRD and ensure all CRD and Operators be formed to K8S conventions. We will share our CRD review process with code and config checking tools as well. We will then walk through a real use case to demo how these technics apply to refactoring a traditional middleware app into Operator. We will share challenges of using Helm to package these Operators, including Service Catalog integration and dependency mgmt. We believe this experience applies to any public cloud as well.
https://sched.co/MPXH
- 2 participants
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Merging Quickly in a Cloud Native World - Lucas Roesler, Contiamo
You are really excited by a new project, you have a great idea to contribute, you click submit ... and wait. The latest StackOverflow community report states that 80% of surveyed developers are coding in their free time but only 44% are contributing to open source projects. While this number seems good, can we do better? How can we ensure that both contributors and maintainers enjoy and benefit from participating?
In this presentation Lucas goes behind the scenes of the OpenFaaS project to share his knowledge from contributing to OpenFaaS and becoming a core contributor. We will walk through the standard git flow to understand what the maintainers of a large open-source project are looking for in new contributions, what we are doing to improve the experience, what the Kubernetes community at large is working on to help, and what you can do to get your pull request merged more quickly.
https://sched.co/MPZM
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Merging Quickly in a Cloud Native World - Lucas Roesler, Contiamo
You are really excited by a new project, you have a great idea to contribute, you click submit ... and wait. The latest StackOverflow community report states that 80% of surveyed developers are coding in their free time but only 44% are contributing to open source projects. While this number seems good, can we do better? How can we ensure that both contributors and maintainers enjoy and benefit from participating?
In this presentation Lucas goes behind the scenes of the OpenFaaS project to share his knowledge from contributing to OpenFaaS and becoming a core contributor. We will walk through the standard git flow to understand what the maintainers of a large open-source project are looking for in new contributions, what we are doing to improve the experience, what the Kubernetes community at large is working on to help, and what you can do to get your pull request merged more quickly.
https://sched.co/MPZM
- 3 participants
- 30 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Navigating the Cloud Native Community for End Users - Cheryl Hung, CNCF
As Director of Ecosystem at the CNCF, my mission is to foster the End User community, ensure end users' voices are well represented and ultimately, that organizations can adopt cloud native successfully.
Through 45 interviews conducted in December 2018, I found that end users face three broad challenges:
* Solving an immediate technical need
* Growing an engineering team
* Building business strategy around cloud native I will describe how to overcome these challenges with the help of the CNCF, and the CNCF's strategy for end users in 2019.
Attendees will learn how to participate in and contribute to the cloud native community, and how to be good open source citizens.
https://sched.co/MPZh
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Navigating the Cloud Native Community for End Users - Cheryl Hung, CNCF
As Director of Ecosystem at the CNCF, my mission is to foster the End User community, ensure end users' voices are well represented and ultimately, that organizations can adopt cloud native successfully.
Through 45 interviews conducted in December 2018, I found that end users face three broad challenges:
* Solving an immediate technical need
* Growing an engineering team
* Building business strategy around cloud native I will describe how to overcome these challenges with the help of the CNCF, and the CNCF's strategy for end users in 2019.
Attendees will learn how to participate in and contribute to the cloud native community, and how to be good open source citizens.
https://sched.co/MPZh
- 4 participants
- 22 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Network Machinery: A United-Front for Network Troubleshooting with CRDs - Adel Zaalouk, SAP
The current state of network troubleshooting in Kubernetes is complicated. The knowledge of how to troubleshoot Kubernetes networking is scattered all over the place either in the heads of highly skilled network crafts-men or as a tool that has its own learning curve and usually forged at a time of disaster in a fire-and-forget fashion. The goal of this talk is to propose and introduce a rather simpler way of pooling this common knowledge and tooling together into a well-defined, consistent and community-accepted set of resources that are available to the average Kubernetes user. These set of resources can be divided in NetworkingPerformanceTest, NetworkingDebuggingTest, NetworkSimulationTest all under the NetworkMachinery group. Finally, the resources might utilize common network knowledge and even some dark-art tooling (e.g. OpenFlow, OVS, OVN) to provide more insight on the network
https://sched.co/MPZw
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Network Machinery: A United-Front for Network Troubleshooting with CRDs - Adel Zaalouk, SAP
The current state of network troubleshooting in Kubernetes is complicated. The knowledge of how to troubleshoot Kubernetes networking is scattered all over the place either in the heads of highly skilled network crafts-men or as a tool that has its own learning curve and usually forged at a time of disaster in a fire-and-forget fashion. The goal of this talk is to propose and introduce a rather simpler way of pooling this common knowledge and tooling together into a well-defined, consistent and community-accepted set of resources that are available to the average Kubernetes user. These set of resources can be divided in NetworkingPerformanceTest, NetworkingDebuggingTest, NetworkSimulationTest all under the NetworkMachinery group. Finally, the resources might utilize common network knowledge and even some dark-art tooling (e.g. OpenFlow, OVS, OVN) to provide more insight on the network
https://sched.co/MPZw
- 1 participant
- 36 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
OpenAPI Specs – Towards Native User Experience of CRDs - Stefan Schimanski, Red Hat
Whenever kubectl creates or changes resources, OpenAPI is involved in the background. OpenAPI is a core technology for client-side validation, docs (kubectl explain), intelligent Kubernetes manifest completion in IDEs and the starting point for client generation in other languages than Go.
With 1.14, we start publishing OpenAPI specs for CRDs, kubectl explain for CRDs will start working. Providers of CRDs will want to create OpenAPI specs for their resources for a native user experience.
The talk will cover:
- Intro to OpenAPI specs
- CRD validation using OpenAPI
- OpenAPI based client generation
- Typical Kubernetes API patterns expressed in OpenAPI
- Towards a standard openapi-spec-gen to extract specs from Golang types
- Expressivity and limits of OpenAPI
Stefan is a core contributor to API machinery, client-go and CRDs, and maintainers of the OpenAPI code in Kubernetes.
https://sched.co/MPZz
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
OpenAPI Specs – Towards Native User Experience of CRDs - Stefan Schimanski, Red Hat
Whenever kubectl creates or changes resources, OpenAPI is involved in the background. OpenAPI is a core technology for client-side validation, docs (kubectl explain), intelligent Kubernetes manifest completion in IDEs and the starting point for client generation in other languages than Go.
With 1.14, we start publishing OpenAPI specs for CRDs, kubectl explain for CRDs will start working. Providers of CRDs will want to create OpenAPI specs for their resources for a native user experience.
The talk will cover:
- Intro to OpenAPI specs
- CRD validation using OpenAPI
- OpenAPI based client generation
- Typical Kubernetes API patterns expressed in OpenAPI
- Towards a standard openapi-spec-gen to extract specs from Golang types
- Expressivity and limits of OpenAPI
Stefan is a core contributor to API machinery, client-go and CRDs, and maintainers of the OpenAPI code in Kubernetes.
https://sched.co/MPZz
- 3 participants
- 36 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Democratizing HPC & AI: Startups Scale Up with Cloud Native - Emily Tanaka-Delgado, Oracle; Charlie Davies, iGeolise; Priya Shah, Sauce; Ant Kennedy, Gapsquare; and Alfonso Santiago, ELEM
Innovativeness, resourcefulness, and responsiveness are all part of the startup DNA, and with the aid of the cloud native era and ecosystem, they are unstoppable. Hear how these European startups are leveraging technologies such as Kubernetes, containers, GPUs, Singularity and more to gain efficiencies across architecture, time, and team to reach global scale, reshape user interactions, and even, save lives. In this panel, startups from Barcelona and the UK will discuss how cloud native technologies have helped unlock access to unlimited potential across such diverse case studies as identifying and fixing gender pay gap issues, creating computational models of virtual patients, reinventing cloud-based video collaboration, and interpreting travel and navigation based on time, all to transform their businesses to match behavioral patterns within their industries.
https://sched.co/MPY0
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Democratizing HPC & AI: Startups Scale Up with Cloud Native - Emily Tanaka-Delgado, Oracle; Charlie Davies, iGeolise; Priya Shah, Sauce; Ant Kennedy, Gapsquare; and Alfonso Santiago, ELEM
Innovativeness, resourcefulness, and responsiveness are all part of the startup DNA, and with the aid of the cloud native era and ecosystem, they are unstoppable. Hear how these European startups are leveraging technologies such as Kubernetes, containers, GPUs, Singularity and more to gain efficiencies across architecture, time, and team to reach global scale, reshape user interactions, and even, save lives. In this panel, startups from Barcelona and the UK will discuss how cloud native technologies have helped unlock access to unlimited potential across such diverse case studies as identifying and fixing gender pay gap issues, creating computational models of virtual patients, reinventing cloud-based video collaboration, and interpreting travel and navigation based on time, all to transform their businesses to match behavioral patterns within their industries.
https://sched.co/MPY0
- 5 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Multi-Tenancy in Kubernetes: Current State and Future Roadmap - Sanjeev Rampal, Cisco; Ryan Bezdicek, Cray Inc.; Erica von Buelow, Red Hat; and Tasha Drew, VMware
Kubernetes doesn’t currently formally support the notion of multi-tenancy. However, many companies today are using Kubernetes to provide ad hoc multi-tenant solutions, to share kubernetes cluster resources between multiple independent teams. In this panel, we will have a discussion with a mix of experts on this topic including panelists from kubernetes users, open source community contributors, vendors and providers. The panel will discuss both soft and hard multi-tenancy models and will cover solutions that are available today (such as pod security policies and rbac) as well as new features being developed by the community Multi-tenancy working group and related work such as Kata containers. Importantly we will have an open discussion between panel members and audience on requirements and issues related to end to end aspects of multi-tenancy in real world deployments.
https://sched.co/MPcY
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Multi-Tenancy in Kubernetes: Current State and Future Roadmap - Sanjeev Rampal, Cisco; Ryan Bezdicek, Cray Inc.; Erica von Buelow, Red Hat; and Tasha Drew, VMware
Kubernetes doesn’t currently formally support the notion of multi-tenancy. However, many companies today are using Kubernetes to provide ad hoc multi-tenant solutions, to share kubernetes cluster resources between multiple independent teams. In this panel, we will have a discussion with a mix of experts on this topic including panelists from kubernetes users, open source community contributors, vendors and providers. The panel will discuss both soft and hard multi-tenancy models and will cover solutions that are available today (such as pod security policies and rbac) as well as new features being developed by the community Multi-tenancy working group and related work such as Kata containers. Importantly we will have an open discussion between panel members and audience on requirements and issues related to end to end aspects of multi-tenancy in real world deployments.
https://sched.co/MPcY
- 13 participants
- 40 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Ready? A Deep Dive into Pod Readiness Gates for Service Health Management - Minhan Xia, Google & Ping Zou, Intuit
This talk will be a deep dive on “pod readiness gates”, a new Kubernetes API for extending pod readiness with custom external controllers and introduce its usage in real world scenarios with service health management. Kubernetes clusters that integrate with external network infrastructure (such as a cloud provider) need a way to coordinate Kubernetes Pod “readiness” with setup latencies in the network fabric. Not tackling this problem causes lost packets and dropped connections OR requires inserting worst-case delays to pod startup to account for external setup. It allows Foremast, an open source engine to maintain the health of applications running on K8s, to remediate similar problems in a much smoother way.
Minhan and Ping will cover the coordination problem, how the new pod readiness gate API fixes the issue and experiences from both Google and Intuit using the API with real workloads. At Google, this API is used to ensure no traffic disruption occurs for user service across changes to the workload. At Intuit, this API is used to maintain application health during canary deployment using Foremast.
https://sched.co/MPaQ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Ready? A Deep Dive into Pod Readiness Gates for Service Health Management - Minhan Xia, Google & Ping Zou, Intuit
This talk will be a deep dive on “pod readiness gates”, a new Kubernetes API for extending pod readiness with custom external controllers and introduce its usage in real world scenarios with service health management. Kubernetes clusters that integrate with external network infrastructure (such as a cloud provider) need a way to coordinate Kubernetes Pod “readiness” with setup latencies in the network fabric. Not tackling this problem causes lost packets and dropped connections OR requires inserting worst-case delays to pod startup to account for external setup. It allows Foremast, an open source engine to maintain the health of applications running on K8s, to remediate similar problems in a much smoother way.
Minhan and Ping will cover the coordination problem, how the new pod readiness gate API fixes the issue and experiences from both Google and Intuit using the API with real workloads. At Google, this API is used to ensure no traffic disruption occurs for user service across changes to the workload. At Intuit, this API is used to maintain application health during canary deployment using Foremast.
https://sched.co/MPaQ
- 3 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Reinventing Networking: A Deep Dive into Istio's Multicluster Gateways - Steve Dake, Independent
Service mesh software is challenging the current networking state of the art. With Istio’s gateways technology, it is possible to connect large numbers of Kubernetes clusters. Connectivity between clouds enables cloud native applications to connect across cloud providers on the global Internet. In this session, attendees will receive: * An introduction to multicluster service mesh technology * A technical deep dive describing how crucial technical problems with multicluster are solved including: - Multicluster service discovery - Transparent multicluster connectivity - Secure connectivity over the insecure Internet - Multicluster routing * Detailed explanations of how CoreDNS and Envoy are consumed as building blocks Finally, the attendees will receive a short demonstration of an application running seamlessly on AWS, Azure, and GKE using Istio gateway multicluster technology.
https://sched.co/MPbL
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Reinventing Networking: A Deep Dive into Istio's Multicluster Gateways - Steve Dake, Independent
Service mesh software is challenging the current networking state of the art. With Istio’s gateways technology, it is possible to connect large numbers of Kubernetes clusters. Connectivity between clouds enables cloud native applications to connect across cloud providers on the global Internet. In this session, attendees will receive: * An introduction to multicluster service mesh technology * A technical deep dive describing how crucial technical problems with multicluster are solved including: - Multicluster service discovery - Transparent multicluster connectivity - Secure connectivity over the insecure Internet - Multicluster routing * Detailed explanations of how CoreDNS and Envoy are consumed as building blocks Finally, the attendees will receive a short demonstration of an application running seamlessly on AWS, Azure, and GKE using Istio gateway multicluster technology.
https://sched.co/MPbL
- 7 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Resize Your Pods w/o Disruptions aka How to Have a Cake and Eat a Cake - Karol Gołąb & Beata Skiba, Google
Whether you’re using Vertical Pod Autoscaler or controlling Pod resources on your own, one thing is certain: applying new settings is disruptive as it requires Pods to be killed and recreated. Why should you change those setting you might ask? Stale settings, incompatible with your current load, might cause CPU starvation and Out Of Memory events or hinder cluster utilization. In this talk we’ll present In-Place Resources Update (planned) feature which allows changing Pod resources on the fly, without restarting the Pod or its containers. This way you can have the best of two worlds: up-to-date resource settings and stable workloads. You’ll learn the whys and hows of this feature, including how various core components like scheduler, kubelet or admission plugins are involved. We’ll also show the avenues it opens due to significantly lower cost of applying new resource settings.
https://sched.co/MPaE
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Resize Your Pods w/o Disruptions aka How to Have a Cake and Eat a Cake - Karol Gołąb & Beata Skiba, Google
Whether you’re using Vertical Pod Autoscaler or controlling Pod resources on your own, one thing is certain: applying new settings is disruptive as it requires Pods to be killed and recreated. Why should you change those setting you might ask? Stale settings, incompatible with your current load, might cause CPU starvation and Out Of Memory events or hinder cluster utilization. In this talk we’ll present In-Place Resources Update (planned) feature which allows changing Pod resources on the fly, without restarting the Pod or its containers. This way you can have the best of two worlds: up-to-date resource settings and stable workloads. You’ll learn the whys and hows of this feature, including how various core components like scheduler, kubelet or admission plugins are involved. We’ll also show the avenues it opens due to significantly lower cost of applying new resource settings.
https://sched.co/MPaE
- 3 participants
- 29 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Restart-Free Vertical Scaling for Kubernetes Pods - Vinay Kulkarni & Peng Du, Huawei
Currently, vertical scaling of Kubernetes pod CPU or memory resources requires pod restarts. This is disruptive to services, and expensive for long-running applications or jobs. It is very important to have the ability to scale pod resources without restarts. In this talk, Vinay and Peng will present a design for restart-free scaling of pod resources, with container restart as a policy-controlled choice rather than a necessity. They will illustrate a customer use case, a gene-sequencing application where pod restart is expensive. They will go over the changes to Kubernetes components that made this feature possible. They will discuss how they addressed some unique challenges such as multiple scheduler race conditions, and respecting pod disruption budget if pod restart is needed. They will talk about how failures are handled via smart retries, and conclude with a demo.
https://sched.co/MPcJ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Restart-Free Vertical Scaling for Kubernetes Pods - Vinay Kulkarni & Peng Du, Huawei
Currently, vertical scaling of Kubernetes pod CPU or memory resources requires pod restarts. This is disruptive to services, and expensive for long-running applications or jobs. It is very important to have the ability to scale pod resources without restarts. In this talk, Vinay and Peng will present a design for restart-free scaling of pod resources, with container restart as a policy-controlled choice rather than a necessity. They will illustrate a customer use case, a gene-sequencing application where pod restart is expensive. They will go over the changes to Kubernetes components that made this feature possible. They will discuss how they addressed some unique challenges such as multiple scheduler race conditions, and respecting pod disruption budget if pod restart is needed. They will talk about how failures are handled via smart retries, and conclude with a demo.
https://sched.co/MPcJ
- 6 participants
- 33 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Rook, Ceph, and ARM: A Caffeinated Tutorial - Federico Lucifredi & Sébastien Han, Red Hat
We picked a single-board computer with a dual-core ARM cortex A-53 and 2GB of RAM, put eight of them together, and built a low-power Ceph cluster not much bigger than the hard drives themselves. Sounds interesting? Come see us do it live right in front of you! After we review the design choices and architecture of the cluster, we will use it to showcase the use of Rook, the CNCF's incubation project designed to be a cloud-native storage orchestrator for Kubernetes, turning storage technologies into a service completely transparent to the user. A comprehensive examination of uses and open problems will complement our review of Rook's architecture. We will deep-dive into what it does well, what it does not do (yet), and what are the operational trade-offs of using a storage operator. With live access to a running cluster, we will showcase Rook in action as we discuss its capabilities.
https://sched.co/MPfn
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Rook, Ceph, and ARM: A Caffeinated Tutorial - Federico Lucifredi & Sébastien Han, Red Hat
We picked a single-board computer with a dual-core ARM cortex A-53 and 2GB of RAM, put eight of them together, and built a low-power Ceph cluster not much bigger than the hard drives themselves. Sounds interesting? Come see us do it live right in front of you! After we review the design choices and architecture of the cluster, we will use it to showcase the use of Rook, the CNCF's incubation project designed to be a cloud-native storage orchestrator for Kubernetes, turning storage technologies into a service completely transparent to the user. A comprehensive examination of uses and open problems will complement our review of Rook's architecture. We will deep-dive into what it does well, what it does not do (yet), and what are the operational trade-offs of using a storage operator. With live access to a running cluster, we will showcase Rook in action as we discuss its capabilities.
https://sched.co/MPfn
- 3 participants
- 38 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scavenging for Reusable Code in the Kubernetes Codebase - Kevin Lingerfelt, Buoyant
The magic of open source software and Go's support for remote import paths makes it trivial to import and run code from many of the most popular CNCF projects directly in your own project. Sometimes, however, the process of finding that one piece of code in a large codebase that’s just right for your use case can feel like a scavenger hunt. But the spoils of the hunt are vast. This talk explores how the Linkerd project has leveraged the Kubernetes codebase to replace their bespoke code with existing code that's more robust and better tested. Specific examples include switching the project to use Kubernetes' shared informers for caching API responses and adding rate limiting via work queues for TLS certificate distribution. Linkerd's Kevin Lingerfelt will show you how to undertake an effective Go scavenger hunt, and he'll discuss when you should skip the hunt and write it from scratch.
https://sched.co/MPXB
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scavenging for Reusable Code in the Kubernetes Codebase - Kevin Lingerfelt, Buoyant
The magic of open source software and Go's support for remote import paths makes it trivial to import and run code from many of the most popular CNCF projects directly in your own project. Sometimes, however, the process of finding that one piece of code in a large codebase that’s just right for your use case can feel like a scavenger hunt. But the spoils of the hunt are vast. This talk explores how the Linkerd project has leveraged the Kubernetes codebase to replace their bespoke code with existing code that's more robust and better tested. Specific examples include switching the project to use Kubernetes' shared informers for caching API responses and adding rate limiting via work queues for TLS certificate distribution. Linkerd's Kevin Lingerfelt will show you how to undertake an effective Go scavenger hunt, and he'll discuss when you should skip the hunt and write it from scratch.
https://sched.co/MPXB
- 1 participant
- 18 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Securing Cloud Native Communication, From End User to Service - Daniel Bryant, Datawire & Nic Jackson, HashiCorp
Everyone building or operating cloud native applications must understand the fundamentals of security issues and modern threat models. Although this topic is vast, in this talk Nic and Daniel will focus on the end-to-end communication and higher-level networking threats, and explore how the combination of an edge proxy and service mesh using TLS and mTLS can be used to mitigate many man-in-the-middle attacks. Key takeaways include: - An understanding of the "three pillars" of service mesh functionality: observability, reliability, and security. A service mesh is in a unique place to enforce security features like mTLS - Learn how to ensure that there are no exploitable "gaps" within the end-to-end/user-to-service communication path. - Explore the differences in ingress/mesh control planes, with brief demonstrations using Ambassador and Consul Connect
https://sched.co/MPev
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Securing Cloud Native Communication, From End User to Service - Daniel Bryant, Datawire & Nic Jackson, HashiCorp
Everyone building or operating cloud native applications must understand the fundamentals of security issues and modern threat models. Although this topic is vast, in this talk Nic and Daniel will focus on the end-to-end communication and higher-level networking threats, and explore how the combination of an edge proxy and service mesh using TLS and mTLS can be used to mitigate many man-in-the-middle attacks. Key takeaways include: - An understanding of the "three pillars" of service mesh functionality: observability, reliability, and security. A service mesh is in a unique place to enforce security features like mTLS - Learn how to ensure that there are no exploitable "gaps" within the end-to-end/user-to-service communication path. - Explore the differences in ingress/mesh control planes, with brief demonstrations using Ambassador and Consul Connect
https://sched.co/MPev
- 2 participants
- 37 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Service Meshes: At What Cost? - Lee Calcote, Layer5 & Girish Ranganathan, SolarWinds
“What is the performance impact that a service mesh has?" "What overhead does being on the mesh incur?” By far, this is the most common questioned by engineers coming to with the value of functionality provided by a service mesh. Generally, this question goes unanswered. We will share methodology and results of performance testing research done in collaboration with a university, through the lens an open source service mesh benchmark tool - a tool used to provide a common benchmark across service meshes (their control planes, like Istio) and modern proxies (their data planes, like Envoy). Over 10 service meshes projects will be reviewed. In addition to performance, we’ll take an in-depth look at the landscape of service meshes, characterize and contrast their functionality as well as their data plane and control plane architectures.
https://sched.co/MPf7
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Service Meshes: At What Cost? - Lee Calcote, Layer5 & Girish Ranganathan, SolarWinds
“What is the performance impact that a service mesh has?" "What overhead does being on the mesh incur?” By far, this is the most common questioned by engineers coming to with the value of functionality provided by a service mesh. Generally, this question goes unanswered. We will share methodology and results of performance testing research done in collaboration with a university, through the lens an open source service mesh benchmark tool - a tool used to provide a common benchmark across service meshes (their control planes, like Istio) and modern proxies (their data planes, like Envoy). Over 10 service meshes projects will be reviewed. In addition to performance, we’ll take an in-depth look at the landscape of service meshes, characterize and contrast their functionality as well as their data plane and control plane architectures.
https://sched.co/MPf7
- 2 participants
- 28 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Smarter Kubernetes Access Control: A Simpler Approach to Auth - Rob Scott, ReactiveOps
Configuring Kubernetes authorization policies with RBAC is an important part of securing any cluster. Unfortunately implementing effective and maintainable policies can be quite challenging. Many organizations end up struggling with a common set of challenges as they try to implement RBAC across their clusters. These challenges have often resulted in insecure configuration that grants far more access than necessary. In this talk, Rob will highlight open source tools and best practices that address many of these common challenges. This presentation aims to make RBAC more approachable for all, and will provide a straightforward path toward effective and maintainable configuration that can make your cluster more secure.
https://sched.co/MPdi
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Smarter Kubernetes Access Control: A Simpler Approach to Auth - Rob Scott, ReactiveOps
Configuring Kubernetes authorization policies with RBAC is an important part of securing any cluster. Unfortunately implementing effective and maintainable policies can be quite challenging. Many organizations end up struggling with a common set of challenges as they try to implement RBAC across their clusters. These challenges have often resulted in insecure configuration that grants far more access than necessary. In this talk, Rob will highlight open source tools and best practices that address many of these common challenges. This presentation aims to make RBAC more approachable for all, and will provide a straightforward path toward effective and maintainable configuration that can make your cluster more secure.
https://sched.co/MPdi
- 8 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Strategies to "Kubernetify" Legacy Applications - Sai Vennam, IBM
Microservice-based architectures have seen large-scale adoption and have become the industry standard for developing cloud-native applications. This growth is supplemented by key technologies like Docker, Kubernetes, Istio and many more. When modernizing legacy apps, migrating everything to a cloud-native architecture in a "Big Bang" approach is not feasible as it can be time consuming and prone to failure. In this talk, I'll outline key strategies to modernize legacy applications without sacrificing agility, quality and high-availability. In addition, I'll walk through a modernization path with a sample app.
https://sched.co/MPXo
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Strategies to "Kubernetify" Legacy Applications - Sai Vennam, IBM
Microservice-based architectures have seen large-scale adoption and have become the industry standard for developing cloud-native applications. This growth is supplemented by key technologies like Docker, Kubernetes, Istio and many more. When modernizing legacy apps, migrating everything to a cloud-native architecture in a "Big Bang" approach is not feasible as it can be time consuming and prone to failure. In this talk, I'll outline key strategies to modernize legacy applications without sacrificing agility, quality and high-availability. In addition, I'll walk through a modernization path with a sample app.
https://sched.co/MPXo
- 2 participants
- 31 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Surviving Serverless Battle By Secure Runtime, CRI and RuntimeClass - Xiaoyu Zhang & Lei Zhang, Alibaba
Why Google released gVisor, AWS developed Firecracker, and Kata is on the fire?
In this talk, we will discuss the unrevealed connection between secure container runtime and Serverless based on our observation and research in public cloud and OpenFaaS community, and then explain why we think CRI & RuntimeClass will contribute to this new "battle field". With this context, we will share a matrix of secure container runtimes from CRI perspective. For example, what's the attacking surface & isolation mechanism? Is there independent guest kernel? Does it support certain CRI feature? We will discuss which dimension will be hidden by CRI and which will not, and what this means for Serverless & its users. We will also share how we map CRI Matrix into RuntimeClass, choose proper runtime, and then setup Serverless platform. The design & adoption of RuntimeClass will be evaluated here as well.
https://sched.co/MPe9
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Surviving Serverless Battle By Secure Runtime, CRI and RuntimeClass - Xiaoyu Zhang & Lei Zhang, Alibaba
Why Google released gVisor, AWS developed Firecracker, and Kata is on the fire?
In this talk, we will discuss the unrevealed connection between secure container runtime and Serverless based on our observation and research in public cloud and OpenFaaS community, and then explain why we think CRI & RuntimeClass will contribute to this new "battle field". With this context, we will share a matrix of secure container runtimes from CRI perspective. For example, what's the attacking surface & isolation mechanism? Is there independent guest kernel? Does it support certain CRI feature? We will discuss which dimension will be hidden by CRI and which will not, and what this means for Serverless & its users. We will also share how we map CRI Matrix into RuntimeClass, choose proper runtime, and then setup Serverless platform. The design & adoption of RuntimeClass will be evaluated here as well.
https://sched.co/MPe9
- 2 participants
- 27 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Data Analytics Platform or How to Make Data Science in a Box Possible - Krzysztof Adamski & Rob Keevil, ING
The Hadoop and FOSS revolution has reshaped the data analytics landscape. In the search for creating a cutting-edge data platform at ING, we are faced with challenging new requirements such as cloud-ready deployments and frictionless progressions of Machine Learning models into production, whilst ensuring proper data governance and security principals. Please join us in this session, where we will share ING WBAA’s experience on how to make a data platform based on open source components both enterprise and cloud ready, with an overview of current state and vision of our platform. We will cover the topics such as self-service automation to support machine learning use cases, the usage of distributed frameworks like spark on top of kubernetes and how to prepare the foundation (infrastructure components) within the enterprise environment.
https://sched.co/MPao
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Data Analytics Platform or How to Make Data Science in a Box Possible - Krzysztof Adamski & Rob Keevil, ING
The Hadoop and FOSS revolution has reshaped the data analytics landscape. In the search for creating a cutting-edge data platform at ING, we are faced with challenging new requirements such as cloud-ready deployments and frictionless progressions of Machine Learning models into production, whilst ensuring proper data governance and security principals. Please join us in this session, where we will share ING WBAA’s experience on how to make a data platform based on open source components both enterprise and cloud ready, with an overview of current state and vision of our platform. We will cover the topics such as self-service automation to support machine learning use cases, the usage of distributed frameworks like spark on top of kubernetes and how to prepare the foundation (infrastructure components) within the enterprise environment.
https://sched.co/MPao
- 7 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Magic of Kubernetes Self-Healing Capabilities - Saad Ali, Google
Kubernetes is used to manage large-scale clusters with hundreds or thousands of nodes. Components will inevitably fail at this scale, but human intervention to detect and correct these failures is unsustainable. This is where Kubernetes shines. With a declarative API and guarantees of eventual consistency, Kubernetes is able to continuously monitor the system and take actions to keep the cluster healthy. This talk provides an architectural overview of the self-healing capabilities of Kubernetes. We will discuss how these capabilities are born from the declarative API, and how Kubernetes components work together to drive to the desired state. We will provide detailed examples from the volume subsystem which automatically makes storage available to containers. We will end by revealing edge cases that Kubernetes currently doesn’t handle well, and explain the plans to address these issues.
https://sched.co/MPcA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Magic of Kubernetes Self-Healing Capabilities - Saad Ali, Google
Kubernetes is used to manage large-scale clusters with hundreds or thousands of nodes. Components will inevitably fail at this scale, but human intervention to detect and correct these failures is unsustainable. This is where Kubernetes shines. With a declarative API and guarantees of eventual consistency, Kubernetes is able to continuously monitor the system and take actions to keep the cluster healthy. This talk provides an architectural overview of the self-healing capabilities of Kubernetes. We will discuss how these capabilities are born from the declarative API, and how Kubernetes components work together to drive to the desired state. We will provide detailed examples from the volume subsystem which automatically makes storage available to containers. We will end by revealing edge cases that Kubernetes currently doesn’t handle well, and explain the plans to address these issues.
https://sched.co/MPcA
- 2 participants
- 28 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Serverless Landscape and Event Driven Futures - Dee Kumar, CNCF
Serverless design patterns have grown in popularity amongst developers and enterprises alike and the ecosystem is exploding. Developers like moving faster by focusing on business logic without worrying about the underlying infrastructure. Today, there are umpteen solutions and OSS projects in the market and the space needs some organization to maximize effort. There is a lot of curiosity and confusion around serverless computing. What is it? Who is it for? Is it a replacement for IaaS, PaaS, and containers? Does that mean the days of servers are over? The CNCF created the Serverless Working Group to explore the intersection of cloud native and serverless technology. The first output of the group was creation of serverless landscape. The landscape lists some of the more common/popular Serverless projects, platforms, tooling, and services.
https://sched.co/MPeI
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Serverless Landscape and Event Driven Futures - Dee Kumar, CNCF
Serverless design patterns have grown in popularity amongst developers and enterprises alike and the ecosystem is exploding. Developers like moving faster by focusing on business logic without worrying about the underlying infrastructure. Today, there are umpteen solutions and OSS projects in the market and the space needs some organization to maximize effort. There is a lot of curiosity and confusion around serverless computing. What is it? Who is it for? Is it a replacement for IaaS, PaaS, and containers? Does that mean the days of servers are over? The CNCF created the Serverless Working Group to explore the intersection of cloud native and serverless technology. The first output of the group was creation of serverless landscape. The landscape lists some of the more common/popular Serverless projects, platforms, tooling, and services.
https://sched.co/MPeI
- 2 participants
- 28 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Spotify Story: Moving from NIH to an Active CNCF Community Member - Jim Haughwout, Spotify
Four years ago, at Spotify, we built and managed the majority of our infrastructure ourselves. We managed our own data centres. We built our own time series database. We built our own orchestration technology (ironically releasing it the same week as Google did Kubernetes). Today our world is very different. We serve over 200 million monthly users from a cloud provider. We are a CNCF member. We have more than doubled our open source initiatives in the last two years. In this talk, Jim Haughwout--Head of Infrastructure & Operations at Spotify--will talk about Spotify’s path on this journey, including how it’s “Build Infrastructure Together” strategy is helping build infrastructure faster and lower adoption costs. He will also share the challenges has Spotify faced on this continuing journey, and some early learnings that may help other CNCF member companies.
https://sched.co/MPZY
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Spotify Story: Moving from NIH to an Active CNCF Community Member - Jim Haughwout, Spotify
Four years ago, at Spotify, we built and managed the majority of our infrastructure ourselves. We managed our own data centres. We built our own time series database. We built our own orchestration technology (ironically releasing it the same week as Google did Kubernetes). Today our world is very different. We serve over 200 million monthly users from a cloud provider. We are a CNCF member. We have more than doubled our open source initiatives in the last two years. In this talk, Jim Haughwout--Head of Infrastructure & Operations at Spotify--will talk about Spotify’s path on this journey, including how it’s “Build Infrastructure Together” strategy is helping build infrastructure faster and lower adoption costs. He will also share the challenges has Spotify faced on this continuing journey, and some early learnings that may help other CNCF member companies.
https://sched.co/MPZY
- 4 participants
- 34 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Story of Why We Migrate to gRPC and How We Go About It - Matthias Grüter, Spotify
At Spotify, we have historically built services based on our own proprietary messaging protocol and framework. Last year we finally kicked off the daunting multi-year task of migrating everything to gRPC. Migrating over 1000 services to gRPC poses interesting challenges, many of them are not only technical in nature: they boil down to questions of engineering culture and leadership at scale: How do you get 200 autonomous engineering teams to align on something as fundamental and cross-cutting as a new RPC framework? How do you roll-out gRPC at scale whit minimal disruption to both the organization and to the end-user? This presentation will address these questions alongside more technical discussions of advanced gRPC concepts such as interceptors, deadlines, and effective schema management and how they are essential in large distributed systems.
https://sched.co/MPY3
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Story of Why We Migrate to gRPC and How We Go About It - Matthias Grüter, Spotify
At Spotify, we have historically built services based on our own proprietary messaging protocol and framework. Last year we finally kicked off the daunting multi-year task of migrating everything to gRPC. Migrating over 1000 services to gRPC poses interesting challenges, many of them are not only technical in nature: they boil down to questions of engineering culture and leadership at scale: How do you get 200 autonomous engineering teams to align on something as fundamental and cross-cutting as a new RPC framework? How do you roll-out gRPC at scale whit minimal disruption to both the organization and to the end-user? This presentation will address these questions alongside more technical discussions of advanced gRPC concepts such as interceptors, deadlines, and effective schema management and how they are essential in large distributed systems.
https://sched.co/MPY3
- 1 participant
- 29 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tracing is More Than Traces: The Insights in Trace Aggregates - Daniela Miao, LightStep
The value proposition for distributed tracing is well-understood: assembling and visualizing end-to-end transactions helps to identify latency bottlenecks and provides a head-start on problem diagnosis. Yet the data from traces – when aggregated – can reveal much more, and can do so with greater precision and certainty. This talk presents the profound insights trace aggregates help unlock, including sources of resource contention, latency anomalies in the context of service infrastructure, and correlations of metrics with high-cardinality characteristics of the distributed system. The talk demonstrates, using concrete examples, how novel applications of aggregated traces reveal new opportunities for performance improvements. However, aggregation is not possible without a standardized tracing output format, as well as a proliferation of traces via cloud-native service mesh integration.
https://sched.co/MPbg
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tracing is More Than Traces: The Insights in Trace Aggregates - Daniela Miao, LightStep
The value proposition for distributed tracing is well-understood: assembling and visualizing end-to-end transactions helps to identify latency bottlenecks and provides a head-start on problem diagnosis. Yet the data from traces – when aggregated – can reveal much more, and can do so with greater precision and certainty. This talk presents the profound insights trace aggregates help unlock, including sources of resource contention, latency anomalies in the context of service infrastructure, and correlations of metrics with high-cardinality characteristics of the distributed system. The talk demonstrates, using concrete examples, how novel applications of aggregated traces reveal new opportunities for performance improvements. However, aggregation is not possible without a standardized tracing output format, as well as a proliferation of traces via cloud-native service mesh integration.
https://sched.co/MPbg
- 5 participants
- 35 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Treating Network Assets as Scheduleable Resources - Vinothkumar Siddharth, Amazon
Several cloud-providers now offer a managed Kubernetes solution. Customers launch their worker nodes within a Virtual Private Cloud (VPC) and in majority of these environments, Container Network Interface (CNI) is the preferred networking solution. While the default scheduler tracks CPU and Memory as resources and allocates pods to nodes based on the availability of the required resources, it does not natively track network resources such as IP addresses. This session will describe a centralized cluster networking solution built using custom resource controllers, admission webhooks and CNI plugins to enable network assets to be treated as cluster wide Kubernetes resources. The controller and webhook are re-usable platform agnostic components that can support Linux, Windows and ARM64 worker nodes. They also serve as the foundational blocks for building special purpose extensions.
https://sched.co/MPb3
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Treating Network Assets as Scheduleable Resources - Vinothkumar Siddharth, Amazon
Several cloud-providers now offer a managed Kubernetes solution. Customers launch their worker nodes within a Virtual Private Cloud (VPC) and in majority of these environments, Container Network Interface (CNI) is the preferred networking solution. While the default scheduler tracks CPU and Memory as resources and allocates pods to nodes based on the availability of the required resources, it does not natively track network resources such as IP addresses. This session will describe a centralized cluster networking solution built using custom resource controllers, admission webhooks and CNI plugins to enable network assets to be treated as cluster wide Kubernetes resources. The controller and webhook are re-usable platform agnostic components that can support Linux, Windows and ARM64 worker nodes. They also serve as the foundational blocks for building special purpose extensions.
https://sched.co/MPb3
- 11 participants
- 29 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
What's the Performance Overhead? Answering the Biggest Question in Tracing - Gabriela Soria, Outreachy
With the increased adoption of microservices architecture, performing tracing is becoming crucial to understanding the behavior of our applications, detecting abnormalities and interpreting transactions. In this session, we'll present the results of performance tests in order to understand how the instrumentation affects the performance of applications. The scope of this research is the OpenTracing Java API, and some representative libraries that use it under the hood, e.g. Java Servlet Filter, Spring Boot and Cloud, JAX-RS and JDBC. We'll be showing tests comparing a non-instrumented application with the same example application using different tracers. We'll include the main concepts of tracing for those who are new to microservices and/or distributed tracing, but you'll benefit even if you're already familiar with OpenTracing. Familiarity with Java is useful but not strictly required.
https://sched.co/MPbd
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
What's the Performance Overhead? Answering the Biggest Question in Tracing - Gabriela Soria, Outreachy
With the increased adoption of microservices architecture, performing tracing is becoming crucial to understanding the behavior of our applications, detecting abnormalities and interpreting transactions. In this session, we'll present the results of performance tests in order to understand how the instrumentation affects the performance of applications. The scope of this research is the OpenTracing Java API, and some representative libraries that use it under the hood, e.g. Java Servlet Filter, Spring Boot and Cloud, JAX-RS and JDBC. We'll be showing tests comparing a non-instrumented application with the same example application using different tracers. We'll include the main concepts of tracing for those who are new to microservices and/or distributed tracing, but you'll benefit even if you're already familiar with OpenTracing. Familiarity with Java is useful but not strictly required.
https://sched.co/MPbd
- 6 participants
- 32 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Zero Trust Service Mesh with Calico, SPIRE, and Envoy - Shaun Crampton, Tigera & Evan Gilman, Scytale
The promise of a service mesh is to be able to delegate the hard networking problems to a uniform set of proxies and controllers. An extremely important networking problem is securing traffic within the mesh. Service meshes based on the Envoy proxy are very popular and there is a large diversity of implementations, including many home-grown solutions that focus on routing but may not include security. Shaun and Evan will demonstrate how to enhance your service mesh to follow the Zero Trust network security model using SPIRE and Calico. A Zero Trust Network emphasizes resilience to compromised services, hosts, and the network itself by treating every network connection as potentially hostile. Secure connections are established only when backed by strong cryptographic identity and approved by fine grained policies---provided by SPIRE and Calico respectively.
https://sched.co/MPe3
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Zero Trust Service Mesh with Calico, SPIRE, and Envoy - Shaun Crampton, Tigera & Evan Gilman, Scytale
The promise of a service mesh is to be able to delegate the hard networking problems to a uniform set of proxies and controllers. An extremely important networking problem is securing traffic within the mesh. Service meshes based on the Envoy proxy are very popular and there is a large diversity of implementations, including many home-grown solutions that focus on routing but may not include security. Shaun and Evan will demonstrate how to enhance your service mesh to follow the Zero Trust network security model using SPIRE and Calico. A Zero Trust Network emphasizes resilience to compromised services, hosts, and the network itself by treating every network connection as potentially hostile. Secure connections are established only when backed by strong cryptographic identity and approved by fine grained policies---provided by SPIRE and Calico respectively.
https://sched.co/MPe3
- 10 participants
- 40 minutes
23 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
gRPC load balancing and Service Mesh - Vishal Powar, Google
Service mesh architecture proposes a unique approach for control plane management (including load balancing). This talk goes over the options available for gRPC load-balancing in the context of a gRPC integration in a service mesh. In this talk, we will cover: various load balancing options available for gRPC and the tradeoff associated with each one of them. load balancing at scale with and without gRPC lookaside load balancing. proxy based load balancing and Service Mesh along with considerations when using them as an alternative to lookaside gRPC load balancing. how unified endpoint management can be achieved for Health check and load metric reporting for both gRPC load balancing and Service Mesh.
https://sched.co/MPbI
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
gRPC load balancing and Service Mesh - Vishal Powar, Google
Service mesh architecture proposes a unique approach for control plane management (including load balancing). This talk goes over the options available for gRPC load-balancing in the context of a gRPC integration in a service mesh. In this talk, we will cover: various load balancing options available for gRPC and the tradeoff associated with each one of them. load balancing at scale with and without gRPC lookaside load balancing. proxy based load balancing and Service Mesh along with considerations when using them as an alternative to lookaside gRPC load balancing. how unified endpoint management can be achieved for Health check and load metric reporting for both gRPC load balancing and Service Mesh.
https://sched.co/MPbI
- 2 participants
- 29 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Authentication and Security in gRPC Microservices - Jan Tattermusch, Google
Authenticating RPCs and securing them properly is crucial for building modern microservices. The talk will walk you through what gRPC has to offer in terms of authenticating and securing RPCs. It will explain the principles behind gRPC secure communication and show various approaches to authenticate your calls. It will also discuss the challenges of each approach. The principles will then be applied to demonstrate authentication in several scenarios in different kinds of deployment (including service-mesh). The examples will be focused on gRPC-based microservices in Kubernetes.
https://sched.co/MPbC
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Authentication and Security in gRPC Microservices - Jan Tattermusch, Google
Authenticating RPCs and securing them properly is crucial for building modern microservices. The talk will walk you through what gRPC has to offer in terms of authenticating and securing RPCs. It will explain the principles behind gRPC secure communication and show various approaches to authenticate your calls. It will also discuss the challenges of each approach. The principles will then be applied to demonstrate authentication in several scenarios in different kinds of deployment (including service-mesh). The examples will be focused on gRPC-based microservices in Kubernetes.
https://sched.co/MPbC
- 2 participants
- 31 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Benchmarking Cloud Native Storage - Josh Berkus, Red Hat
You can run your stateful apps on Kubernetes. You can even run your databases on Kubernetes. But what are you giving up in performance? Is it worth it, or should you stick to the hosting you know? For the past several months, we've been benchmarking various forms of Kubernetes storage, including host storage, network storage, cloud storage and cloud-native storage systems like Rook. Let us share with you the results of running PostgreSQL, CockroachDB and filesystem benchmarks so that you can make the best possible tradeoffs. We'll even show you how to do your own, to test your own platform. You will leave this talk with a much better idea of the quantitative tradeoffs between performance, reliability, data retention, and manageability.
https://sched.co/MPcq
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Benchmarking Cloud Native Storage - Josh Berkus, Red Hat
You can run your stateful apps on Kubernetes. You can even run your databases on Kubernetes. But what are you giving up in performance? Is it worth it, or should you stick to the hosting you know? For the past several months, we've been benchmarking various forms of Kubernetes storage, including host storage, network storage, cloud storage and cloud-native storage systems like Rook. Let us share with you the results of running PostgreSQL, CockroachDB and filesystem benchmarks so that you can make the best possible tradeoffs. We'll even show you how to do your own, to test your own platform. You will leave this talk with a much better idea of the quantitative tradeoffs between performance, reliability, data retention, and manageability.
https://sched.co/MPcq
- 7 participants
- 39 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Birds of a Feather: Radio Access Network LTE/CBRS Edge - John Studarus, Packet Host
Discussion on deploying and running Kubernetes clusters across micro datacenters supporting edge applications. In specific, we'll be talking about how Packet Host has architected its Kubernetes deployment to support these cell tower collocated clusters. We'll talk briefly about this new ecosystem of ultra-low latency networking via LTE and CBRS (Citizen Broadband Radio Service). We're interested in sharing our experience and then letting the conversation flow to hear how others are adapting to use this new ecosystem.
https://sched.co/MPXx
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Birds of a Feather: Radio Access Network LTE/CBRS Edge - John Studarus, Packet Host
Discussion on deploying and running Kubernetes clusters across micro datacenters supporting edge applications. In specific, we'll be talking about how Packet Host has architected its Kubernetes deployment to support these cell tower collocated clusters. We'll talk briefly about this new ecosystem of ultra-low latency networking via LTE and CBRS (Citizen Broadband Radio Service). We're interested in sharing our experience and then letting the conversation flow to hear how others are adapting to use this new ecosystem.
https://sched.co/MPXx
- 3 participants
- 25 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
BoF Deep Dive: Chaos Engineering - Sylvain Hellegouarch, ChaosIQ
Can we actually learn in production are we doomed to remain in panic mode? In this session, we will be exploring how Chaos Engineering can help us learn and improve our production system by experimenting against it from various angles. We will be using the Open Source Chaos Toolkit CLI to initially codify our experiments before using the Chaos Platform to schedule them and collaborate on our learnings.
https://sched.co/MPlV
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
BoF Deep Dive: Chaos Engineering - Sylvain Hellegouarch, ChaosIQ
Can we actually learn in production are we doomed to remain in panic mode? In this session, we will be exploring how Chaos Engineering can help us learn and improve our production system by experimenting against it from various angles. We will be using the Open Source Chaos Toolkit CLI to initially codify our experiments before using the Chaos Platform to schedule them and collaborate on our learnings.
https://sched.co/MPlV
- 1 participant
- 29 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building an Enterprise-ready Lambda Experience (with Hands-On Demo) - Alexandre González Rodríguez, BBVA Next Technologies & Héctor Rodes López, Adhara
To create a lambda experience is easy, to do that in a mission-critical environment is not that easy. We will talk about two parallel journies: how we implemented this at BBVA (an international 100 years old bank with more than 130 thousand employees, 10% of them being IT professionals). We´ll cover all the main decisions that we took in our path to serverless and the tradeoffs that we accepted. As a complement to this, we will implement in stage a simpler version of this experience using out of the box Kubernetes features like CRDs. There are certain thoughts that you need to keep in mind when you are planning a serverless solution in your company: usability, extensibility, security, resiliency, to use a market solution or build our own, logs, metrics… in the end, how do we make this tool part of our toolset seamlessly and production ready from the first minute.
https://sched.co/MPeC
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Building an Enterprise-ready Lambda Experience (with Hands-On Demo) - Alexandre González Rodríguez, BBVA Next Technologies & Héctor Rodes López, Adhara
To create a lambda experience is easy, to do that in a mission-critical environment is not that easy. We will talk about two parallel journies: how we implemented this at BBVA (an international 100 years old bank with more than 130 thousand employees, 10% of them being IT professionals). We´ll cover all the main decisions that we took in our path to serverless and the tradeoffs that we accepted. As a complement to this, we will implement in stage a simpler version of this experience using out of the box Kubernetes features like CRDs. There are certain thoughts that you need to keep in mind when you are planning a serverless solution in your company: usability, extensibility, security, resiliency, to use a market solution or build our own, logs, metrics… in the end, how do we make this tool part of our toolset seamlessly and production ready from the first minute.
https://sched.co/MPeC
- 6 participants
- 33 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
https://sched.co/MRz7
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
https://sched.co/MRz7
- 1 participant
- 8 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Envoy SDS: Fortifying Istio Security - Yonggang Liu & Quanjie Lin, Google
In Istio 1.1, Citadel Agent is introduced to dynamically provision x.509 certificates and private keys to workloads through the Envoy Secret Discovery Service (SDS) API. Running on Kubernetes nodes as DaemonSets and standalone on VMs, Citadel Agents improve security by making sure the generated private keys never leave the node and can be securely delivered to workloads via UDS. Citadel Agent also offers flexibility on local workload identity attestation and various adapters to integrate with custom CAs. In this talk we will demonstrate how SDS makes this model really efficient, and citadel working independently from other Istio components for both K8s and non-K8s workloads.
https://sched.co/MPe0
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Envoy SDS: Fortifying Istio Security - Yonggang Liu & Quanjie Lin, Google
In Istio 1.1, Citadel Agent is introduced to dynamically provision x.509 certificates and private keys to workloads through the Envoy Secret Discovery Service (SDS) API. Running on Kubernetes nodes as DaemonSets and standalone on VMs, Citadel Agents improve security by making sure the generated private keys never leave the node and can be securely delivered to workloads via UDS. Citadel Agent also offers flexibility on local workload identity attestation and various adapters to integrate with custom CAs. In this talk we will demonstrate how SDS makes this model really efficient, and citadel working independently from other Istio components for both K8s and non-K8s workloads.
https://sched.co/MPe0
- 3 participants
- 34 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Es-operator: Building an Elasticsearch Operator From the Bottom Up - Mikkel Larsen, Zalando SE
Operating stateful applications is a challenge and Elasticsearch clusters are no exception. At Zalando, the search infrastructure heavily rely on large scale Elasticsearch clusters consisting of 100s of nodes. In this talk Mikkel present how Zalando utilize Kubernetes and the operator pattern as introduced by CoreOS, to reliably and cost efficiently operate large scale Elasticsearch clusters. The talk will walk through how the Elasticsearch operator was designed, what problems it solves and how building it from the bottom up allowed getting it in production fast, gather more learnings and later extending the featureset to make it less manual to operate and reducing the cost of the overall infrastructure. While the talk revolves around running Elasticsearch, the ideas presented also apply to running other types of stateful applications in Kubernetes.
https://sched.co/MPcP
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Es-operator: Building an Elasticsearch Operator From the Bottom Up - Mikkel Larsen, Zalando SE
Operating stateful applications is a challenge and Elasticsearch clusters are no exception. At Zalando, the search infrastructure heavily rely on large scale Elasticsearch clusters consisting of 100s of nodes. In this talk Mikkel present how Zalando utilize Kubernetes and the operator pattern as introduced by CoreOS, to reliably and cost efficiently operate large scale Elasticsearch clusters. The talk will walk through how the Elasticsearch operator was designed, what problems it solves and how building it from the bottom up allowed getting it in production fast, gather more learnings and later extending the featureset to make it less manual to operate and reducing the cost of the overall infrastructure. While the talk revolves around running Elasticsearch, the ideas presented also apply to running other types of stateful applications in Kubernetes.
https://sched.co/MPcP
- 10 participants
- 38 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Extending Envoy with WebAssembly - John Plevyak & Dhi Aurrahman, Tetrate
Envoy is a high-performance proxy in the cloud-native landscape designed to be extensible at its core. There are several possible “extension points” in Envoy as outlined in data-saferedirecturl="https://www.google.com/url?q=https://github.com/envoyproxy/envoy/tree/master/source/extensions&source=gmail&ust=1556395125347000&usg=AFQjCNFHQR9CrsgtJI-Xw0wgTplXqCad3w" href="https://github.com/envoyproxy/envoy/tree/master/source/extensions" target="_blank" https://github.com/envoyproxy/envoy/tree/master/source/extensions. However, the currently available approaches to extend it is rather limited. Since Envoy is written in C++, the primary way to introduce new extended functionality in Envoy is by writing an extension (e.g. filters, either network or HTTP filter, as one of the most relevant use-cases in Envoy), in C++. It is also possible to write an extension for Envoy using Lua, but the current scope of this extension is only for HTTP traffic. This talk introduces the possibility to extend Envoy with WebAssembly-based extension and report the current progression of it.
https://sched.co/MPbR
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Extending Envoy with WebAssembly - John Plevyak & Dhi Aurrahman, Tetrate
Envoy is a high-performance proxy in the cloud-native landscape designed to be extensible at its core. There are several possible “extension points” in Envoy as outlined in data-saferedirecturl="https://www.google.com/url?q=https://github.com/envoyproxy/envoy/tree/master/source/extensions&source=gmail&ust=1556395125347000&usg=AFQjCNFHQR9CrsgtJI-Xw0wgTplXqCad3w" href="https://github.com/envoyproxy/envoy/tree/master/source/extensions" target="_blank" https://github.com/envoyproxy/envoy/tree/master/source/extensions. However, the currently available approaches to extend it is rather limited. Since Envoy is written in C++, the primary way to introduce new extended functionality in Envoy is by writing an extension (e.g. filters, either network or HTTP filter, as one of the most relevant use-cases in Envoy), in C++. It is also possible to write an extension for Envoy using Lua, but the current scope of this extension is only for HTTP traffic. This talk introduces the possibility to extend Envoy with WebAssembly-based extension and report the current progression of it.
https://sched.co/MPbR
- 3 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
From Snowflake Servers to Snowflake Clusters - The GitOps Journey - Allison Richardet, Asteris, LLC & Fabio Giannetti, MasterCard
At MasterCard, we have a unique hard requirement of one dedicated cluster per application due to security and other challenges. In an effort to prevent snowflake clusters, we provided a base set of services for logging, monitoring, etc.; however, application teams inevitably want to customize their logging solution or add a monitoring dashboard. We realized this mix of standard and optional services could quickly get out of control and needed normalization. In early 2018, we exposed application teams to Kubernetes manifests; they were excited about control over deployments, but unprepared for the complexity. By late 2018, we needed to minimize complexity and find a way to express high-level application needs, while providing secure, scalable and redundant deployments. This is our journey of how we embraced GitOps, and the challenges we faced making deployment descriptions minimalistic.
https://sched.co/MPc4
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
From Snowflake Servers to Snowflake Clusters - The GitOps Journey - Allison Richardet, Asteris, LLC & Fabio Giannetti, MasterCard
At MasterCard, we have a unique hard requirement of one dedicated cluster per application due to security and other challenges. In an effort to prevent snowflake clusters, we provided a base set of services for logging, monitoring, etc.; however, application teams inevitably want to customize their logging solution or add a monitoring dashboard. We realized this mix of standard and optional services could quickly get out of control and needed normalization. In early 2018, we exposed application teams to Kubernetes manifests; they were excited about control over deployments, but unprepared for the complexity. By late 2018, we needed to minimize complexity and find a way to express high-level application needs, while providing secure, scalable and redundant deployments. This is our journey of how we embraced GitOps, and the challenges we faced making deployment descriptions minimalistic.
https://sched.co/MPc4
- 5 participants
- 34 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro to CNAB: Packaging Cloud Native Applications with Multiple Toolchains - Chris Crone, Docker
When you deploy a cloud native application, you probably use a variety of tools for each part of the application. Terraform or ARM templates for the infrastructure, Helm or Compose for containers, etc. No single tool handles all your needs and each one has its own package manager! This talk will introduce the Cloud Native Application Bundle (CNAB) specification and tooling: - duffle: Reference implementation of CNAB installer - duffle-bag: GUI for installing CNABs - cnab-to-oci: Convert CNAB to an OCI index CNAB embraces the multi-tool world and allows one to package up multiple formats and their toolchains into a single artifact. Imagine a single installable application package that uses Terraform to launch an RDS instance and Helm to deploy the application that uses it. CNAB allows you to package this all together, cryptographically sign it, and share it via any container registry.
https://sched.co/MPX8
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro to CNAB: Packaging Cloud Native Applications with Multiple Toolchains - Chris Crone, Docker
When you deploy a cloud native application, you probably use a variety of tools for each part of the application. Terraform or ARM templates for the infrastructure, Helm or Compose for containers, etc. No single tool handles all your needs and each one has its own package manager! This talk will introduce the Cloud Native Application Bundle (CNAB) specification and tooling: - duffle: Reference implementation of CNAB installer - duffle-bag: GUI for installing CNABs - cnab-to-oci: Convert CNAB to an OCI index CNAB embraces the multi-tool world and allows one to package up multiple formats and their toolchains into a single artifact. Imagine a single installable application package that uses Terraform to launch an RDS instance and Helm to deploy the application that uses it. CNAB allows you to package this all together, cryptographically sign it, and share it via any container registry.
https://sched.co/MPX8
- 8 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Autoscaling SIG - Marcin Wielgus, Google
Join members of SIG Autoscaling to learn how to automatically adjust your Kubernetes cluster and pods to match your current capacity needs. We'll discuss all available types of autoscaling - horizontal, vertical, and cluster. We will also explain ways to use them, when they are applicable and how they fit together.
https://sched.co/MPh6
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Autoscaling SIG - Marcin Wielgus, Google
Join members of SIG Autoscaling to learn how to automatically adjust your Kubernetes cluster and pods to match your current capacity needs. We'll discuss all available types of autoscaling - horizontal, vertical, and cluster. We will also explain ways to use them, when they are applicable and how they fit together.
https://sched.co/MPh6
- 8 participants
- 36 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Azure SIG - Stephen Augustus, VMware & Craig Peters, Microsoft
In the SIG Azure Intro, we’re going to tell you all about why SIG Azure exists and the team behind managing it. From there, we’ll talk about what’s happened over the last few releases, Kubernetes 1.14 and Kubernetes 1.15, as well as some of what’s planned for Kubernetes 1.16. Additionally, we’ll cover some user stories of implementing Kubernetes on Azure. Finally, and most importantly, we’ll talk all about some of the best ways to get involved with SIG Azure and all of the forums that we’re communicating on!
https://sched.co/MPh9
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Azure SIG - Stephen Augustus, VMware & Craig Peters, Microsoft
In the SIG Azure Intro, we’re going to tell you all about why SIG Azure exists and the team behind managing it. From there, we’ll talk about what’s happened over the last few releases, Kubernetes 1.14 and Kubernetes 1.15, as well as some of what’s planned for Kubernetes 1.16. Additionally, we’ll cover some user stories of implementing Kubernetes on Azure. Finally, and most importantly, we’ll talk all about some of the best ways to get involved with SIG Azure and all of the forums that we’re communicating on!
https://sched.co/MPh9
- 7 participants
- 36 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CLI SIG - Maciej Szulik, Red Hat & Phillip Wittrock, Google
This "intro" session will provide basic information to facilitate new SIG CLI contributors. This session will present an overview of the "kubectl" code base, as well as the basics of the development process. We will give a short history of this project. We will leave a significant amount of time for Q&A.
https://sched.co/MPhC
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CLI SIG - Maciej Szulik, Red Hat & Phillip Wittrock, Google
This "intro" session will provide basic information to facilitate new SIG CLI contributors. This session will present an overview of the "kubectl" code base, as well as the basics of the development process. We will give a short history of this project. We will leave a significant amount of time for Q&A.
https://sched.co/MPhC
- 2 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CNCF CI - Lucina Stricko & Denver Williams, Vulk Coop & CNCF
The new and improved CNCF CI status dashboard -- cncf.ci -- provides a third party validation of builds, deployments and end-to-end testing for CNCF’s Graduated and Incubating projects. The CNCF CI status dashboard continually validates each CNCF project, for any commit on stable and head, running on Kubernetes clusters which are provisioned to a bare metal environment. The results of each testing stage are published to the cncf.ci status dashboard. An Intro session will give an overview of the cncf.ci status dashboard’s key features, goals, technologies used, and allow time for Q&A.
https://sched.co/MPhL
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CNCF CI - Lucina Stricko & Denver Williams, Vulk Coop & CNCF
The new and improved CNCF CI status dashboard -- cncf.ci -- provides a third party validation of builds, deployments and end-to-end testing for CNCF’s Graduated and Incubating projects. The CNCF CI status dashboard continually validates each CNCF project, for any commit on stable and head, running on Kubernetes clusters which are provisioned to a bare metal environment. The results of each testing stage are published to the cncf.ci status dashboard. An Intro session will give an overview of the cncf.ci status dashboard’s key features, goals, technologies used, and allow time for Q&A.
https://sched.co/MPhL
- 6 participants
- 24 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CNCF Security SIG – Sarah Allen & Jeyappragash Jeyakeerthi, Tetrate.io
CNCF Security SIG representing cross-cutting concerns including authentication, authorization, auditing, policy enforcement, privacy and compliance. The SAFE WG has transformed into CNCF SIG, and this presentation will share the history of the group, accomplishments, on-going efforts and plans for 2019.
https://sched.co/OB0K
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CNCF Security SIG – Sarah Allen & Jeyappragash Jeyakeerthi, Tetrate.io
CNCF Security SIG representing cross-cutting concerns including authentication, authorization, auditing, policy enforcement, privacy and compliance. The SAFE WG has transformed into CNCF SIG, and this presentation will share the history of the group, accomplishments, on-going efforts and plans for 2019.
https://sched.co/OB0K
- 5 participants
- 34 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CNCF Serverless WG/CloudEvents - Scott Nichols, Google & Klaus Deissner, SAP
This session will provide an introduction to the CNCF Serverless Working Group, the CloudEvents specification and the new Workflow sub-group. It will give an overview of our history, status of the work, demo of CloudEvents spec and future plans for the WG and CloudEvents project.
https://sched.co/MPhO
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CNCF Serverless WG/CloudEvents - Scott Nichols, Google & Klaus Deissner, SAP
This session will provide an introduction to the CNCF Serverless Working Group, the CloudEvents specification and the new Workflow sub-group. It will give an overview of our history, status of the work, demo of CloudEvents spec and future plans for the WG and CloudEvents project.
https://sched.co/MPhO
- 4 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Cloud Native Buildpacks - Terence Lee, Heroku & Stephen Levine, Pivotal
You're great at running containers but you shouldn't have to be great at building them. In this talk, you'll learn about Cloud Native Buildpacks, a higher-level abstraction for building apps compared to Dockerfiles. Buildpacks are a standardized tool for creating images in a secure, reproducible, and efficient manner. As an app developer, you don't need to know best practices around ordering commands for layer reuse. As an operator, you don't need to worry about exposing developers to the responsibilities that come with Dockerfile. Come learn how buildpacks meet developers at their source code, automate the delivery of both OS-level and application-level dependency upgrades, and help you efficiently handle day-2 app operations.
https://sched.co/MPhF
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Cloud Native Buildpacks - Terence Lee, Heroku & Stephen Levine, Pivotal
You're great at running containers but you shouldn't have to be great at building them. In this talk, you'll learn about Cloud Native Buildpacks, a higher-level abstraction for building apps compared to Dockerfiles. Buildpacks are a standardized tool for creating images in a secure, reproducible, and efficient manner. As an app developer, you don't need to know best practices around ordering commands for layer reuse. As an operator, you don't need to worry about exposing developers to the responsibilities that come with Dockerfile. Come learn how buildpacks meet developers at their source code, automate the delivery of both OS-level and application-level dependency upgrades, and help you efficiently handle day-2 app operations.
https://sched.co/MPhF
- 3 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Cluster Lifecycle SIG - Lucas Käldström, Independent & Tim St. Clair, VMware
SIG Cluster Lifecycle is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and building a Cluster API to provide an abstraction of machines across different deployment environments and a common control plane configuration. In this introduction session, we will present the SIG's mission statement, review recent accomplishments, and discuss our future plans, where you are very welcome to contribute to the discussion. We will also focus on how new contributors can get involved in helping shape the future of Kubernetes' cluster lifecycle management.
https://sched.co/MPhI
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Cluster Lifecycle SIG - Lucas Käldström, Independent & Tim St. Clair, VMware
SIG Cluster Lifecycle is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and building a Cluster API to provide an abstraction of machines across different deployment environments and a common control plane configuration. In this introduction session, we will present the SIG's mission statement, review recent accomplishments, and discuss our future plans, where you are very welcome to contribute to the discussion. We will also focus on how new contributors can get involved in helping shape the future of Kubernetes' cluster lifecycle management.
https://sched.co/MPhI
- 2 participants
- 40 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Contributor Experience SIG - Elsie Phillips, Red Hat & Paris Pittman, Google
In this 30 minute session, we will explore the projects we have been working on with Contributor Experience and the future work we have on deck. We will provide an update to the following [projects](https://git.k8s.io/sig-contributor-experience/projects.md) and have information on how to get involved.
https://sched.co/MPhR
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Contributor Experience SIG - Elsie Phillips, Red Hat & Paris Pittman, Google
In this 30 minute session, we will explore the projects we have been working on with Contributor Experience and the future work we have on deck. We will provide an update to the following [projects](https://git.k8s.io/sig-contributor-experience/projects.md) and have information on how to get involved.
https://sched.co/MPhR
- 4 participants
- 25 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CoreDNS - Daniel Garcia, Infoblox & Michael Grosser, Okkur Labs
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. Best known for its ability to serve as the cluster DNS of Kubernetes, CoreDNS is now the default DNS and part of the Kubernetes release since 1.13. The flexibility and extensibility of CoreDNS comes from its unique plugin-based architecture and its easy to use Corefile configurations. In this Intro session, we will update the current state and the road map of CoreDNS for the near future. We will share feedbacks from the community about CoreDNS intergration in Kubernetes 1.13. The progress of DNS resolver support will be discussed heavily as well, since there are lots of interests from the community. At the end of the session we will show several Corefile examples that is commonly configured and used in different scenarios to help getting started with CoreDNS.
https://sched.co/MPhU
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: CoreDNS - Daniel Garcia, Infoblox & Michael Grosser, Okkur Labs
CoreDNS is a flexible and extensible DNS server with a focus on service discovery. Best known for its ability to serve as the cluster DNS of Kubernetes, CoreDNS is now the default DNS and part of the Kubernetes release since 1.13. The flexibility and extensibility of CoreDNS comes from its unique plugin-based architecture and its easy to use Corefile configurations. In this Intro session, we will update the current state and the road map of CoreDNS for the near future. We will share feedbacks from the community about CoreDNS intergration in Kubernetes 1.13. The progress of DNS resolver support will be discussed heavily as well, since there are lots of interests from the community. At the end of the session we will show several Corefile examples that is commonly configured and used in different scenarios to help getting started with CoreDNS.
https://sched.co/MPhU
- 2 participants
- 29 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Cortex - Tom Wilkie, Grafana Labs & Bryan Boreham, Weaveworks
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus metrics, and a horizontally scalable, Prometheus-compatible query API. Cortex allows users to deploy a centralised, globally aggregated view of all their Prometheus instances, storing data indefinitely. In this talk we will discuss a bit of Cortex's history, Cortex's architecture and how to get started with Cortex. Cortex is a CNCF sandbox project.
https://sched.co/MPhX
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Cortex - Tom Wilkie, Grafana Labs & Bryan Boreham, Weaveworks
Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus metrics, and a horizontally scalable, Prometheus-compatible query API. Cortex allows users to deploy a centralised, globally aggregated view of all their Prometheus instances, storing data indefinitely. In this talk we will discuss a bit of Cortex's history, Cortex's architecture and how to get started with Cortex. Cortex is a CNCF sandbox project.
https://sched.co/MPhX
- 3 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Dragonfly - Allen Sun & Zuozheng Hu, Alibaba Cloud
As cloud native becomes more and more popular in industry, how to distribute images efficiently and safely is a new challenge for enterprises. Dragonfly is an open source intelligent P2P based image and file distribution system. Its goal is to tackle all distribution problems in cloud native scenarios. Dragonfly focuses on: • Simple: well-defined user-facing API (HTTP), non-invasive to all container engines • Efficient: CDN support, P2P based file distribution to save enterprise bandwidth • Intelligent: host level speed limit, intelligent flow control due to host dection • Secure: block transmission encrytion, HTTPS connection support we will focus on the introduction and live demo of Dragonfly, review and provide solutions for enterprises, including mass distribution, secure transmission, bandwidth cost. Real use cases will be discussed in the session.
https://sched.co/MPha
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Dragonfly - Allen Sun & Zuozheng Hu, Alibaba Cloud
As cloud native becomes more and more popular in industry, how to distribute images efficiently and safely is a new challenge for enterprises. Dragonfly is an open source intelligent P2P based image and file distribution system. Its goal is to tackle all distribution problems in cloud native scenarios. Dragonfly focuses on: • Simple: well-defined user-facing API (HTTP), non-invasive to all container engines • Efficient: CDN support, P2P based file distribution to save enterprise bandwidth • Intelligent: host level speed limit, intelligent flow control due to host dection • Secure: block transmission encrytion, HTTPS connection support we will focus on the introduction and live demo of Dragonfly, review and provide solutions for enterprises, including mass distribution, secure transmission, bandwidth cost. Real use cases will be discussed in the session.
https://sched.co/MPha
- 5 participants
- 43 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Falco - Jorge Salamero Sanz, Sysdig
Host intrusion detection (HID) has been around for some time. What if we rethought the problems HID solves in the context of Cloud Native platforms? What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, we’ll present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security & incident response.
https://sched.co/MPhj
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Falco - Jorge Salamero Sanz, Sysdig
Host intrusion detection (HID) has been around for some time. What if we rethought the problems HID solves in the context of Cloud Native platforms? What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, we’ll present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security & incident response.
https://sched.co/MPhj
- 7 participants
- 36 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Fluentd - Masahiro Nakagawa, ARM Treasure Data
Logging for cloud-native applications and environments is a continuous challenge from an operational perspective. Fluentd offers a full logging layer than can be accommodated and extended as required to solve any logging need. In this Fluentd session, you will learn about its administration and log processing from a general perspective.
https://sched.co/MPhm
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Fluentd - Masahiro Nakagawa, ARM Treasure Data
Logging for cloud-native applications and environments is a continuous challenge from an operational perspective. Fluentd offers a full logging layer than can be accommodated and extended as required to solve any logging need. In this Fluentd session, you will learn about its administration and log processing from a general perspective.
https://sched.co/MPhm
- 3 participants
- 32 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Harbor - Henry Zhang & Steven Ren, VMware
As container technology become widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage containerized application packages with either container image or Helm Chart format. Project Harbor is an open source trusted cloud-native registry project that stores, manages, signs, and scans content, thus resolving common image or Helm Chart management challenges. In this presentation, we will focus on the management of container images and Helm Charts through Harbor. We will review and provide solutions to the challenges faced by organizations, including RBAC (Role Based Access Control), vulnerability scanning, large scale content distribution, content replication, content trust (notary) and DevOps integrations etc.. Real world use cases will be discussed in the session. Of course, fantastic demos will be shown to let you easily understand the related use cases.
https://sched.co/MPhp
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Harbor - Henry Zhang & Steven Ren, VMware
As container technology become widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage containerized application packages with either container image or Helm Chart format. Project Harbor is an open source trusted cloud-native registry project that stores, manages, signs, and scans content, thus resolving common image or Helm Chart management challenges. In this presentation, we will focus on the management of container images and Helm Charts through Harbor. We will review and provide solutions to the challenges faced by organizations, including RBAC (Role Based Access Control), vulnerability scanning, large scale content distribution, content replication, content trust (notary) and DevOps integrations etc.. Real world use cases will be discussed in the session. Of course, fantastic demos will be shown to let you easily understand the related use cases.
https://sched.co/MPhp
- 8 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Helm - Michelle Noorali & Matt Fisher, Microsoft
In this session, we will introduce the basics of the CNCF Helm project. Helm is a Kubernetes package manager and it allows you to install and manages packages of Kubernetes configuration called Charts. Charts provide a way to deploy configurable, out-of-the-box applications and even package your own applications for Kubernetes. We will walk through how to get started with Helm and how to package your own applications as Charts. Helm was first introduced in 2015 and has since grown to meet the needs of its own rich ecosystem. We'll also discuss how Helm has evolved, why, and lessons we've learned along the way.
https://sched.co/N4ke
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Helm - Michelle Noorali & Matt Fisher, Microsoft
In this session, we will introduce the basics of the CNCF Helm project. Helm is a Kubernetes package manager and it allows you to install and manages packages of Kubernetes configuration called Charts. Charts provide a way to deploy configurable, out-of-the-box applications and even package your own applications for Kubernetes. We will walk through how to get started with Helm and how to package your own applications as Charts. Helm was first introduced in 2015 and has since grown to meet the needs of its own rich ecosystem. We'll also discuss how Helm has evolved, why, and lessons we've learned along the way.
https://sched.co/N4ke
- 2 participants
- 34 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: KubeEdge - Cindy Xing, Futurewei & Dejan Bosanac, Red Hat
Recently KubEdge was accepted as a CNCF sandbox project. As one of the reference architecture, KubeEdge provides customers a way to manage Edge nodes from cloud and build fundamental infrastructure targeted for IOT/Edge.Developers and end users can be empowered to build & run all kinds of potentials through KubeEdge. We welcome communities to join us and make innovations in IOT/Edge computing. In this talk, Dejan Bosanac from Redhat will share background and design principles for KubeEdge. The technical challenges in IOT/Edge computing and how KubeEdge tackle the problems will be discussed. Through real life use cases, Dejan Bosanac, the lead of Kubernetes IOT/Edge workgroup, will share the WG vision and how KubeEdge aligns.
https://sched.co/Ngpl
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: KubeEdge - Cindy Xing, Futurewei & Dejan Bosanac, Red Hat
Recently KubEdge was accepted as a CNCF sandbox project. As one of the reference architecture, KubeEdge provides customers a way to manage Edge nodes from cloud and build fundamental infrastructure targeted for IOT/Edge.Developers and end users can be empowered to build & run all kinds of potentials through KubeEdge. We welcome communities to join us and make innovations in IOT/Edge computing. In this talk, Dejan Bosanac from Redhat will share background and design principles for KubeEdge. The technical challenges in IOT/Edge computing and how KubeEdge tackle the problems will be discussed. Through real life use cases, Dejan Bosanac, the lead of Kubernetes IOT/Edge workgroup, will share the WG vision and how KubeEdge aligns.
https://sched.co/Ngpl
- 8 participants
- 32 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (Instrumentation) SIG - Frederic Branczyk, Red Hat
The intro to SIG Instrumentation is going to be a lightweight introduction to what sig-instrumentation is responsible for within Kubernetes and give guidance on how to contribute to SIG Instrumentation. Beyond that it will cover a high level overview of the work SIG instrumentation has done over the years and elaborate on current efforts including the sub projects being worked on.
https://sched.co/MPiA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (Instrumentation) SIG - Frederic Branczyk, Red Hat
The intro to SIG Instrumentation is going to be a lightweight introduction to what sig-instrumentation is responsible for within Kubernetes and give guidance on how to contribute to SIG Instrumentation. Beyond that it will cover a high level overview of the work SIG instrumentation has done over the years and elaborate on current efforts including the sub projects being worked on.
https://sched.co/MPiA
- 2 participants
- 30 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (PM) SIG - Ihor Dvoretskyi, CNCF & Stephen Augustus, VMware
Kubernetes is one of the most high-velocity open source projects in the world, and one of the most unique features of this community project - that it has it's own PM team and PM process. SIG-PM, originally established as a Product Management Group, today covers multiple aspects of Product, Program and Project Management of Kubernetes. In this session, the SIG-PM co-chairs will provide a brief overview of SIG-PM history and basic principles, the areas of interaction with the Kubernetes community, together with the information on how to start contributing to Kubernetes as a PM.
https://sched.co/MPhv
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (PM) SIG - Ihor Dvoretskyi, CNCF & Stephen Augustus, VMware
Kubernetes is one of the most high-velocity open source projects in the world, and one of the most unique features of this community project - that it has it's own PM team and PM process. SIG-PM, originally established as a Product Management Group, today covers multiple aspects of Product, Program and Project Management of Kubernetes. In this session, the SIG-PM co-chairs will provide a brief overview of SIG-PM history and basic principles, the areas of interaction with the Kubernetes community, together with the information on how to start contributing to Kubernetes as a PM.
https://sched.co/MPhv
- 2 participants
- 27 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (Release) SIG - Tim Pepper, VMware & Claire Laurence, Pivotal
SIG Release and the Release Team are looking for volunteers! This session will feature past and current release team members describing what the Release Team does: We will discuss how Kubernetes project volunteers manage the quarterly release cadence of the project, give an overview of the release process, release team roles, and how these support the SIG Release goal of producing high quality Kubernetes releases on a reliable schedule. We will highlight the opportunities for both new and experienced community members (like you, including especially folks in Europe!) to get involved, across a broad range of specialties and technical work.
https://sched.co/MPhy
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes (Release) SIG - Tim Pepper, VMware & Claire Laurence, Pivotal
SIG Release and the Release Team are looking for volunteers! This session will feature past and current release team members describing what the Release Team does: We will discuss how Kubernetes project volunteers manage the quarterly release cadence of the project, give an overview of the release process, release team roles, and how these support the SIG Release goal of producing high quality Kubernetes releases on a reliable schedule. We will highlight the opportunities for both new and experienced community members (like you, including especially folks in Europe!) to get involved, across a broad range of specialties and technical work.
https://sched.co/MPhy
- 3 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes Architecture SIG - Jaice Singer DuMars, Google
This will introduce the core areas of architectural governance for the Kubernetes project. This will include an introduction to the KEP process, the API review process, conformance testing review, and code organization. Attendees will have a better understanding of how to contribute and participate, as well as what concerns are specific to the SIG.
https://sched.co/MPi4
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes Architecture SIG - Jaice Singer DuMars, Google
This will introduce the core areas of architectural governance for the Kubernetes project. This will include an introduction to the KEP process, the API review process, conformance testing review, and code organization. Attendees will have a better understanding of how to contribute and participate, as well as what concerns are specific to the SIG.
https://sched.co/MPi4
- 4 participants
- 31 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes WG for Multitenancy - Tasha Drew, VMware
This presentation will be an overview of the work the multitenancy group has been doing, defining soft and hard multitenancy and reviewing the project plan for addressing both that the working group is putting forward. We will explain how people new to the working group can get engaged and review the various KEPs that the working group is involved with.
https://sched.co/MPiD
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Kubernetes WG for Multitenancy - Tasha Drew, VMware
This presentation will be an overview of the work the multitenancy group has been doing, defining soft and hard multitenancy and reviewing the project plan for addressing both that the working group is putting forward. We will explain how people new to the working group can get engaged and review the various KEPs that the working group is involved with.
https://sched.co/MPiD
- 4 participants
- 24 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Linkerd - William Morgan, Buoyant
In this session, William Morgan and Linkerd maintainers, will provide an introduction to Linkerd and the service mesh model. We'll hear some lightning talks from current Linkerd production users, and finish with a brief Q&A.
https://sched.co/MPiG
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Linkerd - William Morgan, Buoyant
In this session, William Morgan and Linkerd maintainers, will provide an introduction to Linkerd and the service mesh model. We'll hear some lightning talks from current Linkerd production users, and finish with a brief Q&A.
https://sched.co/MPiG
- 1 participant
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: NATS - Waldemar Quevedo, Synadia Communications, Inc
NATS is a high performance publish/subscribe messaging system that has as one of its main goals connecting services in the simplest, most secure and reliable way possible. The project has a long history of being part of production deployments as the core component for the internal communication of a distributed system, and in its latest release NATS v2.0, its feature set was enhanced so that it can also be used to create a global and decentralized communication network. In this talk, you will learn about the multiple communication patterns that NATS offers and how it can help you simplify and decouple the architecture of your cloud native application.
https://sched.co/MPiJ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: NATS - Waldemar Quevedo, Synadia Communications, Inc
NATS is a high performance publish/subscribe messaging system that has as one of its main goals connecting services in the simplest, most secure and reliable way possible. The project has a long history of being part of production deployments as the core component for the internal communication of a distributed system, and in its latest release NATS v2.0, its feature set was enhanced so that it can also be used to create a global and decentralized communication network. In this talk, you will learn about the multiple communication patterns that NATS offers and how it can help you simplify and decouple the architecture of your cloud native application.
https://sched.co/MPiJ
- 2 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Network Service Mesh (NSM) - Frederick Kautz, Doc.ai & Ed Warnicke, Cisco
Network Service Mesh (NSM) is a novel approach solving L2/L3 network use cases in Kubernetes that are tricky to address with the existing Kubernetes Network Model. Inspired by Istio, Network Service Mesh maps the concept of a service mesh to L2/L3 payloads. Network Service Mesh enables a variety of types of Use Cases such as: * Connecting Pods to: -VPN Gateways -Non-Kubernetes virtual bridge domains -The *right* physical NIC or SR-IOV VF for their needs -Multiple-interfaces * Cloud-native NFV use cases Network Service Mesh controls the L2/L3 data planes to deliver these types of use cases. Network Service Mesh enables users to express the context of their network needs in a Cloud Native manner, rather than manually stringing together disjoint interfaces, IPAM, and subnets. Finally, we discuss how audience members can get involved and help drive the direction and development of NSM.
https://sched.co/NxZ5
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Network Service Mesh (NSM) - Frederick Kautz, Doc.ai & Ed Warnicke, Cisco
Network Service Mesh (NSM) is a novel approach solving L2/L3 network use cases in Kubernetes that are tricky to address with the existing Kubernetes Network Model. Inspired by Istio, Network Service Mesh maps the concept of a service mesh to L2/L3 payloads. Network Service Mesh enables a variety of types of Use Cases such as: * Connecting Pods to: -VPN Gateways -Non-Kubernetes virtual bridge domains -The *right* physical NIC or SR-IOV VF for their needs -Multiple-interfaces * Cloud-native NFV use cases Network Service Mesh controls the L2/L3 data planes to deliver these types of use cases. Network Service Mesh enables users to express the context of their network needs in a Cloud Native manner, rather than manually stringing together disjoint interfaces, IPAM, and subnets. Finally, we discuss how audience members can get involved and help drive the direction and development of NSM.
https://sched.co/NxZ5
- 2 participants
- 39 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Open Policy Agent - Rita Zhang, Microsoft & Max Smythe, Google
Come to this session to learn about the OPA Gatekeeper project! Gatekeeper integrates OPA with Kubernetes to provide new features like parameterized CRD-based policies, auditing, policy library, and more. Gatekeeper is being jointly developed by Microsoft, Google, and Styra (the creators of OPA). During the session Rita Zhang (Microsoft) and Max Smythe (Google) will explain what Gatekeeper is, how it works, how to get involved, and where the project is going.
https://sched.co/MPiM
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Open Policy Agent - Rita Zhang, Microsoft & Max Smythe, Google
Come to this session to learn about the OPA Gatekeeper project! Gatekeeper integrates OPA with Kubernetes to provide new features like parameterized CRD-based policies, auditing, policy library, and more. Gatekeeper is being jointly developed by Microsoft, Google, and Styra (the creators of OPA). During the session Rita Zhang (Microsoft) and Max Smythe (Google) will explain what Gatekeeper is, how it works, how to get involved, and where the project is going.
https://sched.co/MPiM
- 2 participants
- 40 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Rook - Alexander Trost, Cloudibility & Travis Nielsen, Red Hat
In this talk, we will be introducing the Rook project to attendees of all levels and experience. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook turns storage software into self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. We will explore the benefits and use cases of Rook, and we will also walk through the architecture that the project is built on. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.
https://sched.co/MPiS
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Rook - Alexander Trost, Cloudibility & Travis Nielsen, Red Hat
In this talk, we will be introducing the Rook project to attendees of all levels and experience. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook turns storage software into self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. We will explore the benefits and use cases of Rook, and we will also walk through the architecture that the project is built on. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.
https://sched.co/MPiS
- 2 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: SPIFFE - Emiliano Bernbaum & Scott Emmons, Scytale
Modern software development relies on many microservices working together, that in production may be distributed over different middleware systems, container schedulers, PaaS platforms and even different cloud providers. As production environments become more complex, and dynamic - establishing trust between microservices is becomes more difficult, creating challenges for developers, operations teams, and security teams alike. Enter SPIFFE (Secure Production Infrastructure for Everyone) and which builds on designs first championed at Google, Twitter and elsewhere to provide robust authentication and trust between disparate micro-services. SPIFFE and SPIRE make it trivial to establish trust between workloads that may be elastically scaled and dynamically scheduled, and deployed in deeply heterogeneous environments. We'll walk through the design goals for SPIFFE (a specification) and SPIRE (a multi-cloud implementation of SPIFFE). We will go over all the developments and progress in SPIRE over the last few months. We will present an overview of how it can be used in conjunction with Kubernetes to build secure and scalable microservice architectures. We will also share our current roadmap with the community.
https://sched.co/MPib
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: SPIFFE - Emiliano Bernbaum & Scott Emmons, Scytale
Modern software development relies on many microservices working together, that in production may be distributed over different middleware systems, container schedulers, PaaS platforms and even different cloud providers. As production environments become more complex, and dynamic - establishing trust between microservices is becomes more difficult, creating challenges for developers, operations teams, and security teams alike. Enter SPIFFE (Secure Production Infrastructure for Everyone) and which builds on designs first championed at Google, Twitter and elsewhere to provide robust authentication and trust between disparate micro-services. SPIFFE and SPIRE make it trivial to establish trust between workloads that may be elastically scaled and dynamically scheduled, and deployed in deeply heterogeneous environments. We'll walk through the design goals for SPIFFE (a specification) and SPIRE (a multi-cloud implementation of SPIFFE). We will go over all the developments and progress in SPIRE over the last few months. We will present an overview of how it can be used in conjunction with Kubernetes to build secure and scalable microservice architectures. We will also share our current roadmap with the community.
https://sched.co/MPib
- 7 participants
- 30 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: TUF / Notary - Justin Cappos, NYU & Justin Cormack, Docker
Software distribution and packaging systems are rapidly becoming the weak link in the software lifecycle. This talk provides an accessible overview of two CNCF projects (Notary and TUF), that provide what has been roundly described as the most secure mechanism for distributing software. Notary, which implements the TUF specification, signs and transparently validates metadata to enable the system to recover from the compromise of servers, theft of keys, insider attacks, etc. Notary / TUF are surprisingly easy to use and used to provide cutting edge security not only across major cloud companies, but a diverse set of adopters, including automobiles. WARNING: Attending this talk may cause (justifiable) fear in the software update mechanism on your devices!
https://sched.co/MPik
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: TUF / Notary - Justin Cappos, NYU & Justin Cormack, Docker
Software distribution and packaging systems are rapidly becoming the weak link in the software lifecycle. This talk provides an accessible overview of two CNCF projects (Notary and TUF), that provide what has been roundly described as the most secure mechanism for distributing software. Notary, which implements the TUF specification, signs and transparently validates metadata to enable the system to recover from the compromise of servers, theft of keys, insider attacks, etc. Notary / TUF are surprisingly easy to use and used to provide cutting edge security not only across major cloud companies, but a diverse set of adopters, including automobiles. WARNING: Attending this talk may cause (justifiable) fear in the software update mechanism on your devices!
https://sched.co/MPik
- 8 participants
- 39 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Testing SIG - Cole Wagner & Aishwarya Sundar, Google
The Kubernetes test infrastructure schedules and executes all of the tests which validate pull requests and repositories in the Kubernetes ecosystem every day. This presentation will explore how job authors can make use of new job configuration options to write jobs that execute identically inside and outside of the test infrastructure while requiring a minimal set of configuration to be provided. Jobs defined in this manner have reproducible behavior for local debugging and do not require job authors to adopt test-infrastructure-specific frameworks or workflows.
https://sched.co/MPih
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Testing SIG - Cole Wagner & Aishwarya Sundar, Google
The Kubernetes test infrastructure schedules and executes all of the tests which validate pull requests and repositories in the Kubernetes ecosystem every day. This presentation will explore how job authors can make use of new job configuration options to write jobs that execute identically inside and outside of the test infrastructure while requiring a minimal set of configuration to be provided. Jobs defined in this manner have reproducible behavior for local debugging and do not require job authors to adopt test-infrastructure-specific frameworks or workflows.
https://sched.co/MPih
- 5 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Virtual Kubelet - Ria Bhatia, Microsoft & Anubhav Mishra, HashiCorp
Virtual Kubelet has most recently been accepted into the CNCF as a sandboxed project. In this session we will go through the benefits of the project and the landscape of providers that contribute to VK in the open. We will highlight the HashiCorp Nomad provider and the Azure provider for Azure Container Instances. Folks can expect to learn about three different use-cases for Virtual Kubelet including, burst capacity, abstraction of infrastructure, and translating any APIs into Kubernetes APIs. We hope to spark new ideas, and conversation by bringing up a new way to connect Kubernetes to "any" service or technology.
https://sched.co/MPin
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Intro: Virtual Kubelet - Ria Bhatia, Microsoft & Anubhav Mishra, HashiCorp
Virtual Kubelet has most recently been accepted into the CNCF as a sandboxed project. In this session we will go through the benefits of the project and the landscape of providers that contribute to VK in the open. We will highlight the HashiCorp Nomad provider and the Azure provider for Azure Container Instances. Folks can expect to learn about three different use-cases for Virtual Kubelet including, burst capacity, abstraction of infrastructure, and translating any APIs into Kubernetes APIs. We hope to spark new ideas, and conversation by bringing up a new way to connect Kubernetes to "any" service or technology.
https://sched.co/MPin
- 2 participants
- 27 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio New Workload Identity Provision Pipeline Based on Envoy SDS - Quanjie Lin & Diem Vu, Google
Istio introduces a new workload identity provision system based on envoy SDS (secret discovery service) from release-1.1; as the main developer who works on this project, my talk covers: 1. Background topics like what is envoy SDS, the motivation why the new system is introduced; 2. High level end-to-end architecture, deep dive into some design decisions we made during development; 3. CNCF projects we leveraged during development (kubernetes, envoy, helm, spiffe etc); 4. Real enterprise customers’ user cases that built on top of this new system in production; 5. How to plug customer CA into the new system for your user case. From this talk, audience will get better understanding of designing/using service mesh’s identity system from first-hand development experience, and how to build a system by leveraging CNCF projects. [Note: I could demo if time allowed]
https://sched.co/MPfJ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio New Workload Identity Provision Pipeline Based on Envoy SDS - Quanjie Lin & Diem Vu, Google
Istio introduces a new workload identity provision system based on envoy SDS (secret discovery service) from release-1.1; as the main developer who works on this project, my talk covers: 1. Background topics like what is envoy SDS, the motivation why the new system is introduced; 2. High level end-to-end architecture, deep dive into some design decisions we made during development; 3. CNCF projects we leveraged during development (kubernetes, envoy, helm, spiffe etc); 4. Real enterprise customers’ user cases that built on top of this new system in production; 5. How to plug customer CA into the new system for your user case. From this talk, audience will get better understanding of designing/using service mesh’s identity system from first-hand development experience, and how to build a system by leveraging CNCF projects. [Note: I could demo if time allowed]
https://sched.co/MPfJ
- 4 participants
- 30 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio, We Have a Problem! Understanding and Fixing Bugs with a Service-Mesh - David Gageot, Google
Istio, we have a problem! We've just deployed a shiny new set of micro-services and it behaves in a strange manner. Hard to say why with so many moving parts... Let's leverage the newly installed service mesh to understand what we've deployed, find the root problem, fix it with a bandaid and then do a proper, non trivial, blue-green deployment of a v2. That will involve the Service Graph, Prometheus monitoring, Grafana Dashboards, Traffic mirroring, all orchestrated in a simple manner by Istio.
https://sched.co/MPfG
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Istio, We Have a Problem! Understanding and Fixing Bugs with a Service-Mesh - David Gageot, Google
Istio, we have a problem! We've just deployed a shiny new set of micro-services and it behaves in a strange manner. Hard to say why with so many moving parts... Let's leverage the newly installed service mesh to understand what we've deployed, find the root problem, fix it with a bandaid and then do a proper, non trivial, blue-green deployment of a v2. That will involve the Service Graph, Prometheus monitoring, Grafana Dashboards, Traffic mirroring, all orchestrated in a simple manner by Istio.
https://sched.co/MPfG
- 10 participants
- 34 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
KEPs: Evolving Kubernetes at the Speed of Trust - Caleb Miles, Google
What is Kubernetes? Every now and again we try to enumerate the scope of the Kubernetes Project; but this only represents a snapshot of our best understanding of the value that Kubernetes provides to our community. With the Kubernetes Enhancement Proposal (KEP) Process we have been working on a mechanism to evolve Kubernetes at the Speed of Trust™. Learn what the KEP process is, how to use it, how it connects to the API Review Process and Enhancement Tracking processes; and how we are employing KEPs to solve our own ship of Theseus problem. ¡Todos a bordo!
https://sched.co/MPZJ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
KEPs: Evolving Kubernetes at the Speed of Trust - Caleb Miles, Google
What is Kubernetes? Every now and again we try to enumerate the scope of the Kubernetes Project; but this only represents a snapshot of our best understanding of the value that Kubernetes provides to our community. With the Kubernetes Enhancement Proposal (KEP) Process we have been working on a mechanism to evolve Kubernetes at the Speed of Trust™. Learn what the KEP process is, how to use it, how it connects to the API Review Process and Enhancement Tracking processes; and how we are employing KEPs to solve our own ship of Theseus problem. ¡Todos a bordo!
https://sched.co/MPZJ
- 1 participant
- 27 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kanary - Automated and Integrated Canary Testing Using CRD and an Operator - David Benque, Amadeus & Cédric Lamorinière, Datadog
The Kubernetes ecosystem provides primitives to easily deploy applications. Now, how might we simplify validation of a new application version before triggering its complete rollout? Canary testing is a popular answer. There are solutions to pilot canary testing from outside Kubernetes. How about driving it from inside Kubernetes instead? Kanary is a new Operator proposing an easy, automated and integrated way to orchestrate the canary testing phase, while controlling the traffic, the validation, and the rollout of a new version. After a quick recap of challenges in managing canary deployments within Kubernetes, this talk will present how Kanary offers a fully integrated and automated canary solution by assembling several cloud-native solutions: Prometheus, Istio, K8s resources and CRD. The talk will end with a demo!
https://sched.co/MPaB
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kanary - Automated and Integrated Canary Testing Using CRD and an Operator - David Benque, Amadeus & Cédric Lamorinière, Datadog
The Kubernetes ecosystem provides primitives to easily deploy applications. Now, how might we simplify validation of a new application version before triggering its complete rollout? Canary testing is a popular answer. There are solutions to pilot canary testing from outside Kubernetes. How about driving it from inside Kubernetes instead? Kanary is a new Operator proposing an easy, automated and integrated way to orchestrate the canary testing phase, while controlling the traffic, the validation, and the rollout of a new version. After a quick recap of challenges in managing canary deployments within Kubernetes, this talk will present how Kanary offers a fully integrated and automated canary solution by assembling several cloud-native solutions: Prometheus, Istio, K8s resources and CRD. The talk will end with a demo!
https://sched.co/MPaB
- 8 participants
- 39 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: A Journey to a Centralized, Globally Distributed Platform – Katie Gamanji, Cloud Platform Engineer, Condé Nast International
For over a century Condé Nast International has set the benchmark for print and digital publishing. With brands like Vogue, GQ, Wired, Condé Nast Traveller under our umbrella we are operating in more than 12 markets across different geographies, including Russia and China. Whilst serving content to million of customers daily (220m unique users per month), it has become paramount to have a scalable, fault tolerant and highly available infrastructure, combined with a robust delivery process. Originating with a fragment technological ladscape, Condé Nast International is progressing with a remarkable project to embrace cloud native principles and deliver a centralized, globally distributed platform that will further emancipate our international teams.
This talk aims to highlight Condé Nast International's journey to deliver a multi-cluster distributed Kubernetes platform, with a centralized management mechanism and self-service CI/CD process.
https://sched.co/MRz4
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: A Journey to a Centralized, Globally Distributed Platform – Katie Gamanji, Cloud Platform Engineer, Condé Nast International
For over a century Condé Nast International has set the benchmark for print and digital publishing. With brands like Vogue, GQ, Wired, Condé Nast Traveller under our umbrella we are operating in more than 12 markets across different geographies, including Russia and China. Whilst serving content to million of customers daily (220m unique users per month), it has become paramount to have a scalable, fault tolerant and highly available infrastructure, combined with a robust delivery process. Originating with a fragment technological ladscape, Condé Nast International is progressing with a remarkable project to embrace cloud native principles and deliver a centralized, globally distributed platform that will further emancipate our international teams.
This talk aims to highlight Condé Nast International's journey to deliver a multi-cluster distributed Kubernetes platform, with a centralized management mechanism and self-service CI/CD process.
https://sched.co/MRz4
- 1 participant
- 13 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Debunking the Myth: Kubernetes Storage is Hard - Saad Ali, Senior Software Engineer, Google
We often hear “Storage on Kubernetes is hard” or “Don’t deploy stateful applications on Kubernetes!” Is there any truth to these statements? In this talk I separate fact from fiction.
Storage on Kubernetes can mean a lot of things. First I will start by separating three layers: 1) consuming block and file storage from a pod running in Kubernetes, 2) deploying a stateful app (like a database) on Kubernetes using storage and workload primitives, and 3) deploying a software defined storage system on top of Kubernetes to provide block or file storage. Each of these areas has a different set of challenges that are often conflated to make storage on Kubernetes appear much harder than it is.
After separating these layers, I will help you understand what the challenges are with each of them, and how you work around them to effectively deploy stateful applications on Kubernetes.
https://sched.co/MQhi
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Debunking the Myth: Kubernetes Storage is Hard - Saad Ali, Senior Software Engineer, Google
We often hear “Storage on Kubernetes is hard” or “Don’t deploy stateful applications on Kubernetes!” Is there any truth to these statements? In this talk I separate fact from fiction.
Storage on Kubernetes can mean a lot of things. First I will start by separating three layers: 1) consuming block and file storage from a pod running in Kubernetes, 2) deploying a stateful app (like a database) on Kubernetes using storage and workload primitives, and 3) deploying a software defined storage system on top of Kubernetes to provide block or file storage. Each of these areas has a different set of challenges that are often conflated to make storage on Kubernetes appear much harder than it is.
After separating these layers, I will help you understand what the challenges are with each of them, and how you work around them to effectively deploy stateful applications on Kubernetes.
https://sched.co/MQhi
- 1 participant
- 19 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: How Spotify Accidentally Deleted All its Kube Clusters with No User Impact - David Xia, Infrastructure Engineer, Spotify
During Spotify's Kubernetes migration, David's team deleted most of their production Kubernetes clusters. Accidentally. Twice. With little to no user impact. David shares how they recovered and learned to operate many clusters automatically and safely.
In 2017, Spotify planned the migration of hundreds of teams, thousands of services, and tens of thousands of hosts to Google Kubernetes Engine (GKE). In the last half of 2018, Spotify migrated 50 teams and hundreds of services, including critical ones, onto multiple production clusters.
David describes what led to the cluster deletions and how they barely affected users. Since the postmortem, Spotify has minimized downtime and human error by declaratively defining clusters in code with Terraform, backing up and restoring clusters with Ark, and increasing scalability and availability by running many more clusters.
https://sched.co/MQbb
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: How Spotify Accidentally Deleted All its Kube Clusters with No User Impact - David Xia, Infrastructure Engineer, Spotify
During Spotify's Kubernetes migration, David's team deleted most of their production Kubernetes clusters. Accidentally. Twice. With little to no user impact. David shares how they recovered and learned to operate many clusters automatically and safely.
In 2017, Spotify planned the migration of hundreds of teams, thousands of services, and tens of thousands of hosts to Google Kubernetes Engine (GKE). In the last half of 2018, Spotify migrated 50 teams and hundreds of services, including critical ones, onto multiple production clusters.
David describes what led to the cluster deletions and how they barely affected users. Since the postmortem, Spotify has minimized downtime and human error by declaratively defining clusters in code with Terraform, backing up and restoring clusters with Ark, and increasing scalability and availability by running many more clusters.
https://sched.co/MQbb
- 1 participant
- 20 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Kubernetes Project Update - Janet Kuo, Software Engineer, Google
https://sched.co/MReA
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Kubernetes Project Update - Janet Kuo, Software Engineer, Google
https://sched.co/MReA
- 1 participant
- 17 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Reperforming a Nobel Prize Discovery on Kubernetes - Ricardo Rocha, Computing Engineer & Lukas Heinrich, Physicist, CERN
Back in 2012, CERN announced one of its most important achievements, the discovery of the Higgs boson leading to the 2013 Nobel Prize in Physics. In this presentation, we will redo the data analysis that led to it, this time on top of Kubernetes, the new infrastructure stack growing in popularity in the laboratory. The analysis submission will be done via a jupyter notebook into a small cluster on our private cloud, and both the application and the cluster itself will automatically scale out to exhaust resources - we will detail our setup and deployment decisions on the way. Then we will show how the work being done in the Multicluster SIG helps us define a set of placement and scheduling policies to scale out to external clouds. The end result will be a physicist’s dream: a histogram with a spike that back in 2012 indicated the discovery of a new particle.
https://sched.co/MRyv
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Reperforming a Nobel Prize Discovery on Kubernetes - Ricardo Rocha, Computing Engineer & Lukas Heinrich, Physicist, CERN
Back in 2012, CERN announced one of its most important achievements, the discovery of the Higgs boson leading to the 2013 Nobel Prize in Physics. In this presentation, we will redo the data analysis that led to it, this time on top of Kubernetes, the new infrastructure stack growing in popularity in the laboratory. The analysis submission will be done via a jupyter notebook into a small cluster on our private cloud, and both the application and the cluster itself will automatically scale out to exhaust resources - we will detail our setup and deployment decisions on the way. Then we will show how the work being done in the Multicluster SIG helps us define a set of placement and scheduling policies to scale out to external clouds. The end result will be a physicist’s dream: a histogram with a spike that back in 2012 indicated the discovery of a new particle.
https://sched.co/MRyv
- 2 participants
- 20 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
KubeFlow BoF: David Aronchick, Microsoft & Yaron Haviv, Iguazio
https://sched.co/PiUF
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
KubeFlow BoF: David Aronchick, Microsoft & Yaron Haviv, Iguazio
https://sched.co/PiUF
- 9 participants
- 48 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubectl Apply 2019: Defense Against the Dark Arts - Phillip Wittrock & Jennifer Buckley, Google
Kubectl Apply (loved and hated by users) is the canonical way to manage Kubernetes Resources, and the building block for systems performing continuous delivery. Originally written in 2015, the inner workings of Apply have been referred to as the “dark arts” and have been accused of “making peoples eyeballs bleed”. The Apply maintainers took this feedback, and embarked on a journey to completely rearchitect Apply, this time without unleashing a primordial evil. In 2019 Apply received its first major architectural overhaul, addressing long standing issues and bringing a cornucopia of new functionality to users and platform developers. Phillip Wittrock and Jenny Buckley will review both the changes in architecture and the new functionality that will usher in a delivery renaissance for Kubernetes.
https://sched.co/MPZ1
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubectl Apply 2019: Defense Against the Dark Arts - Phillip Wittrock & Jennifer Buckley, Google
Kubectl Apply (loved and hated by users) is the canonical way to manage Kubernetes Resources, and the building block for systems performing continuous delivery. Originally written in 2015, the inner workings of Apply have been referred to as the “dark arts” and have been accused of “making peoples eyeballs bleed”. The Apply maintainers took this feedback, and embarked on a journey to completely rearchitect Apply, this time without unleashing a primordial evil. In 2019 Apply received its first major architectural overhaul, addressing long standing issues and bringing a cornucopia of new functionality to users and platform developers. Phillip Wittrock and Jenny Buckley will review both the changes in architecture and the new functionality that will usher in a delivery renaissance for Kubernetes.
https://sched.co/MPZ1
- 6 participants
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Failure Stories and How to Crash Your Clusters - Henning Jacobs, Zalando SE
Bootstrapping a Kubernetes cluster is easy, rolling it out to nearly 200 engineering teams and operating it at scale is a challenge. In this talk, we are presenting our approach to Kubernetes provisioning on AWS, operations and developer experience for our growing Zalando developer base. We will walk you through our horror stories of operating 100+ clusters and share the insights we gained from incidents, failures, user reports and general observations. Our failure stories will be sourced from recent and past incidents, so the talk will be up-to-date with our latest experiences. Most of our learnings apply to other Kubernetes infrastructures (EKS, GKE, ..) as well. This talk strives to reduce the audience's unknown unknowns about running Kubernetes in production.
https://sched.co/MPcM
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Failure Stories and How to Crash Your Clusters - Henning Jacobs, Zalando SE
Bootstrapping a Kubernetes cluster is easy, rolling it out to nearly 200 engineering teams and operating it at scale is a challenge. In this talk, we are presenting our approach to Kubernetes provisioning on AWS, operations and developer experience for our growing Zalando developer base. We will walk you through our horror stories of operating 100+ clusters and share the insights we gained from incidents, failures, user reports and general observations. Our failure stories will be sourced from recent and past incidents, so the talk will be up-to-date with our latest experiences. Most of our learnings apply to other Kubernetes infrastructures (EKS, GKE, ..) as well. This talk strives to reduce the audience's unknown unknowns about running Kubernetes in production.
https://sched.co/MPcM
- 2 participants
- 29 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Security and How to Fix K8s Cluster at Scale - Simon Pearce, SysEleven & Sebastian Scheele, Loodse
As a hosting provider, we have the challenge to run and manage multiple Kubernetes clusters for various customers on our infrastructure, similar to e.g. Google or Azure in a secure way. The majority of these clusters are fully managed by us. Our customers want to build and run containers. Not maintain and upgrade Kubernetes clusters. In this talk, we will give you a breakdown on how we help our customers to secure their clusters and how we can force Kubernetes upgrades to all clusters in a scalable way. We will use the Kubernetes API bug occurred in December as an example to show how we could fix all Kubernetes clusters in a very short time frame. This talk focus on the secure operation of multiple Kubernetes clusters and the requirements a Cloud Provider have to it.
https://sched.co/MPYO
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes Security and How to Fix K8s Cluster at Scale - Simon Pearce, SysEleven & Sebastian Scheele, Loodse
As a hosting provider, we have the challenge to run and manage multiple Kubernetes clusters for various customers on our infrastructure, similar to e.g. Google or Azure in a secure way. The majority of these clusters are fully managed by us. Our customers want to build and run containers. Not maintain and upgrade Kubernetes clusters. In this talk, we will give you a breakdown on how we help our customers to secure their clusters and how we can force Kubernetes upgrades to all clusters in a scalable way. We will use the Kubernetes API bug occurred in December as an example to show how we could fix all Kubernetes clusters in a very short time frame. This talk focus on the secure operation of multiple Kubernetes clusters and the requirements a Cloud Provider have to it.
https://sched.co/MPYO
- 8 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes the New Research Platform - Lindsey Tulloch, Brock University & Bob Killen, University of Michigan
Academic research institutions are at a precipice. They have historically been constrained to supporting classic “job” style workloads. With the growth of new workflow practices such as streaming data, science gateways, and more “dynamic” research using lambda-like functions, they must now support a variety of workloads. In this talk, Lindsey and Bob will discuss some difficulties faced by academic institutions and how Kubernetes offers an extensible solution to support the future of research. They will present a selection of projects currently benefiting from Kubernetes enabled tools, like Argo, Kubeflow, and kube-batch. These workflows will be demonstrated using specific examples from two large research institutions: Compute Canada, Canada’s national computation research consortium and the University of Michigan, one of the largest public Universities in the United States.
https://sched.co/MPY6
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Kubernetes the New Research Platform - Lindsey Tulloch, Brock University & Bob Killen, University of Michigan
Academic research institutions are at a precipice. They have historically been constrained to supporting classic “job” style workloads. With the growth of new workflow practices such as streaming data, science gateways, and more “dynamic” research using lambda-like functions, they must now support a variety of workloads. In this talk, Lindsey and Bob will discuss some difficulties faced by academic institutions and how Kubernetes offers an extensible solution to support the future of research. They will present a selection of projects currently benefiting from Kubernetes enabled tools, like Argo, Kubeflow, and kube-batch. These workflows will be demonstrated using specific examples from two large research institutions: Compute Canada, Canada’s national computation research consortium and the University of Michigan, one of the largest public Universities in the United States.
https://sched.co/MPY6
- 7 participants
- 38 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
OpenTelemetry: Backwards Compatibility with OpenTracing and OpenCensus - Ben Sigelman, LightStep, Bogdan Drutu, Google & Spiros Xanthos, Omnition
This workshop will open with a 20-minute overview of the goals and structure of the new OpenTelemetry project, followed by two 30-minute presentations describing the backwards-compatibility strategies for both OpenTracing and OpenCensus end-users respectively.
https://sched.co/PTCU
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
OpenTelemetry: Backwards Compatibility with OpenTracing and OpenCensus - Ben Sigelman, LightStep, Bogdan Drutu, Google & Spiros Xanthos, Omnition
This workshop will open with a 20-minute overview of the goals and structure of the new OpenTelemetry project, followed by two 30-minute presentations describing the backwards-compatibility strategies for both OpenTracing and OpenCensus end-users respectively.
https://sched.co/PTCU
- 4 participants
- 48 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
OpenTelemetry: Panel Discussion and Q&A - Ben Sigelman, LightStep, Morgan McClean & Bogdan Drutu, Google
This workshop will open with a 20-minute overview of the goals and structure of the new OpenTelemetry project, followed by a panel discussion and audience Q&A featuring leadership from OpenTelemetry, OpenTracing, and OpenCensus.
https://sched.co/PTCT
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
OpenTelemetry: Panel Discussion and Q&A - Ben Sigelman, LightStep, Morgan McClean & Bogdan Drutu, Google
This workshop will open with a 20-minute overview of the goals and structure of the new OpenTelemetry project, followed by a panel discussion and audience Q&A featuring leadership from OpenTelemetry, OpenTracing, and OpenCensus.
https://sched.co/PTCT
- 11 participants
- 1:08 hours
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Operating kube-apiserver Without Hiccups - Stefan Schimanski & David Eads, Red Hat
Kube-apiserver is the central component of every Kubernetes cluster. Keeping it available at all times is crucial for reliable operation. At the same time we want to restart kube-apiserver, for version upgrades, key rotation or just configuration changes. How can this be done without dropping a single request on the floor? Outline: - overview and problem statement - graceful termination - health and readiness checks - rolling upgrades - reliable use of informers in client apps - self-hosting done right, without self-references. David and Stefan are both the builders and the consumers of core apiserver infrastructure used in kube-apiserver, maintaining most of the code behind those features.
https://sched.co/MPcV
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Operating kube-apiserver Without Hiccups - Stefan Schimanski & David Eads, Red Hat
Kube-apiserver is the central component of every Kubernetes cluster. Keeping it available at all times is crucial for reliable operation. At the same time we want to restart kube-apiserver, for version upgrades, key rotation or just configuration changes. How can this be done without dropping a single request on the floor? Outline: - overview and problem statement - graceful termination - health and readiness checks - rolling upgrades - reliable use of informers in client apps - self-hosting done right, without self-references. David and Stefan are both the builders and the consumers of core apiserver infrastructure used in kube-apiserver, maintaining most of the code behind those features.
https://sched.co/MPcV
- 5 participants
- 26 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
P2P Docker Image Distribution in Hybrid Cloud Environment with Kraken - Yiran Wang & Cody Gibb, Uber
Docker image is a foundational building block of container based infrastructure, but distributing high volume of docker images in a multi-zone, hybrid cloud system has been a scaling problem for many. In this talk, we will walk through different approaches we investigated for distributing docker images and introduce Uber’s own solution, Kraken, a P2P docker registry loosely based on BitTorrent protocol, and capable of distributing terabytes of images within seconds. This talk will cover: - Image distribution solutions and their characteristics - Whether you need a p2p solution - Architecture, performance and security features of Kraken - How to deploy Kraken in a Kubernetes cluster
https://sched.co/MPcz
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
P2P Docker Image Distribution in Hybrid Cloud Environment with Kraken - Yiran Wang & Cody Gibb, Uber
Docker image is a foundational building block of container based infrastructure, but distributing high volume of docker images in a multi-zone, hybrid cloud system has been a scaling problem for many. In this talk, we will walk through different approaches we investigated for distributing docker images and introduce Uber’s own solution, Kraken, a P2P docker registry loosely based on BitTorrent protocol, and capable of distributing terabytes of images within seconds. This talk will cover: - Image distribution solutions and their characteristics - Whether you need a p2p solution - Architecture, performance and security features of Kraken - How to deploy Kraken in a Kubernetes cluster
https://sched.co/MPcz
- 9 participants
- 36 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Ask Us Anything: Microservices and Service Mesh - Lin Sun, IBM; Jason McGee, IBM; William Morgan, Buoyant; Zack Butcher, Tetrate; and Louis Ryan, Google
Have you heard the buzz around microservices and service mesh lately? With containers becoming the new standard to building microservice based applications for production, users are leveraging service mesh to solve common issues with routing, re-routing for graceful degradation as services fail, secure inter-service communication and rate limiting between services. Join us for a live interactive session where our panel of experts from IBM, Google, Lyft, Linkerd will address your most challenging inquiries around microservice and service mesh!
https://sched.co/MPfD
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: Ask Us Anything: Microservices and Service Mesh - Lin Sun, IBM; Jason McGee, IBM; William Morgan, Buoyant; Zack Butcher, Tetrate; and Louis Ryan, Google
Have you heard the buzz around microservices and service mesh lately? With containers becoming the new standard to building microservice based applications for production, users are leveraging service mesh to solve common issues with routing, re-routing for graceful degradation as services fail, secure inter-service communication and rate limiting between services. Join us for a live interactive session where our panel of experts from IBM, Google, Lyft, Linkerd will address your most challenging inquiries around microservice and service mesh!
https://sched.co/MPfD
- 12 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: From User to Member: Becoming a Kubernetes Contributor - Jason Murray, iNNOVO Cloud GmbH; Cyrine Jabri, iNNOVO Cloud GmbH; James Munnelly, Jetstack.io; Kris Nova, Independent; and Nikhita Raghunath, Loodse
While the reasons for contributing to Kubernetes are diverse, we share a passion for the community. This session will cover the participants journey in becoming a member of Kubernetes, and share anecdotes on how to start contributing to Kubernetes, eventually obtain membership, and beyond.
https://sched.co/MPZP
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: From User to Member: Becoming a Kubernetes Contributor - Jason Murray, iNNOVO Cloud GmbH; Cyrine Jabri, iNNOVO Cloud GmbH; James Munnelly, Jetstack.io; Kris Nova, Independent; and Nikhita Raghunath, Loodse
While the reasons for contributing to Kubernetes are diverse, we share a passion for the community. This session will cover the participants journey in becoming a member of Kubernetes, and share anecdotes on how to start contributing to Kubernetes, eventually obtain membership, and beyond.
https://sched.co/MPZP
- 4 participants
- 27 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: GitOps & Best Practices for Cloud Native CI/CD - Allison Richardet, Asteris, LLC; Laura Tacho, CloudBees; Ivan Pedrazas, State Street; Tracy Miranda, CloudBees; and Alexis Richardson, Weaveworks
Cloud native technologies enable organisations to scale rapidly and deliver software much faster than before. To do this, organisations need to rethink their CI/CD systems and the best practices their teams use with Kubernetes. GitOps, operation by pull request, is a new paradigm and set of best practices for cloud native. But what does it mean and how can organisations go about adopting it for their CI/CD needs? This panel provides insights into GitOps, best practices for CI/CD for cloud native and tooling that can help automate these practices. It also features end user stories of their experiences learning the best ways to setup CI/CD for their specific applications and needs.
https://sched.co/MPYm
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Panel Discussion: GitOps & Best Practices for Cloud Native CI/CD - Allison Richardet, Asteris, LLC; Laura Tacho, CloudBees; Ivan Pedrazas, State Street; Tracy Miranda, CloudBees; and Alexis Richardson, Weaveworks
Cloud native technologies enable organisations to scale rapidly and deliver software much faster than before. To do this, organisations need to rethink their CI/CD systems and the best practices their teams use with Kubernetes. GitOps, operation by pull request, is a new paradigm and set of best practices for cloud native. But what does it mean and how can organisations go about adopting it for their CI/CD needs? This panel provides insights into GitOps, best practices for CI/CD for cloud native and tooling that can help automate these practices. It also features end user stories of their experiences learning the best ways to setup CI/CD for their specific applications and needs.
https://sched.co/MPYm
- 9 participants
- 31 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Portable, Universal Single Sign-On for Your Clusters - Miguel Martinez, Bitnami
In order to enable Single Sign-On in your cluster you need to configure the Kubernetes API server. This is an issue if you are using services where the control plane is managed for you. Some managed services like GKE support SSO out of the box, but are not configurable. Others like AKS allow you to configure it, but only with Active Directory. These options might not fit some of your requirements such as using your company’s existing Identity provider, to use other protocols such as LDAP or SAML or when applications (e.g the Kubernetes Dashboard) need access to the API server. In this session, I will present some workarounds that leverage other native AuthN/AuthZ mechanisms such as service accounts or impersonation via auth proxies. I will also demo how to use these methods to enable SSO for the Kubernetes dashboard that can be used across different managed and on-prem environments.
https://sched.co/MPdT
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Portable, Universal Single Sign-On for Your Clusters - Miguel Martinez, Bitnami
In order to enable Single Sign-On in your cluster you need to configure the Kubernetes API server. This is an issue if you are using services where the control plane is managed for you. Some managed services like GKE support SSO out of the box, but are not configurable. Others like AKS allow you to configure it, but only with Active Directory. These options might not fit some of your requirements such as using your company’s existing Identity provider, to use other protocols such as LDAP or SAML or when applications (e.g the Kubernetes Dashboard) need access to the API server. In this session, I will present some workarounds that leverage other native AuthN/AuthZ mechanisms such as service accounts or impersonation via auth proxies. I will also demo how to use these methods to enable SSO for the Kubernetes dashboard that can be used across different managed and on-prem environments.
https://sched.co/MPdT
- 6 participants
- 33 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Reproducible Development and Deployment with Bazel and Telepresence - Christian Roggia, Engel & Völkers Technology GmbH
As the system grows in size and complexity the pain of maintaining an up-to-date local environment becomes less and less sustainable. Developers will eventually have to deal with large docker-compose YAMLs and strict build guidelines, slowing down the development process and encouraging build-push-deploy cycles instead. This talk will explore a better approach to the issue by making both development and deployment fully reproducible, reducing required efforts and allowing for more reliable releases. Attendees will be introduced to the Bazel ecosystem combined with Telepresence’s proxying capabilities. The final goal is to understand how Bazel can help developers achieve a fully hermetic and reproducible build environment, and how locally produced images can be connected from developers’ machines to the remote cluster through the two-way communication proxy offered by Telepresence.
https://sched.co/MPXE
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Reproducible Development and Deployment with Bazel and Telepresence - Christian Roggia, Engel & Völkers Technology GmbH
As the system grows in size and complexity the pain of maintaining an up-to-date local environment becomes less and less sustainable. Developers will eventually have to deal with large docker-compose YAMLs and strict build guidelines, slowing down the development process and encouraging build-push-deploy cycles instead. This talk will explore a better approach to the issue by making both development and deployment fully reproducible, reducing required efforts and allowing for more reliable releases. Attendees will be introduced to the Bazel ecosystem combined with Telepresence’s proxying capabilities. The final goal is to understand how Bazel can help developers achieve a fully hermetic and reproducible build environment, and how locally produced images can be connected from developers’ machines to the remote cluster through the two-way communication proxy offered by Telepresence.
https://sched.co/MPXE
- 7 participants
- 37 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scale Kubernetes Service Endpoints 100x - Minhan Xia & Wojciech Tyczynski, Google
Service and endpoints have been core primitives in K8s since 1.0. As k8s deployments gets larger, the scalability of k8s service endpoints has become a bottleneck, causing high overhead on network, cpu and memory across the cluster. In addition, the size of the endpoints object will be larger than what can be stored in the Etcd database. This talk will deep dive into the internals of k8s service endpoints API and sort out the associated scalability challenges in the current design. Minhan and Wojtek will introduce a new K8s endpoints API design that aims to improve Endpoint scalability by 100x, as well as an overview of the ongoing effort to revamp K8s Service.
https://sched.co/MPcn
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Scale Kubernetes Service Endpoints 100x - Minhan Xia & Wojciech Tyczynski, Google
Service and endpoints have been core primitives in K8s since 1.0. As k8s deployments gets larger, the scalability of k8s service endpoints has become a bottleneck, causing high overhead on network, cpu and memory across the cluster. In addition, the size of the endpoints object will be larger than what can be stored in the Etcd database. This talk will deep dive into the internals of k8s service endpoints API and sort out the associated scalability challenges in the current design. Minhan and Wojtek will introduce a new K8s endpoints API design that aims to improve Endpoint scalability by 100x, as well as an overview of the ongoing effort to revamp K8s Service.
https://sched.co/MPcn
- 10 participants
- 43 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Serverless is Interesting But FaaS is Not Enough - Jonas Bonér, Lightbend Inc.
Serverless is interesting because it emphasizes automation of infrastructure, but current Function-as-a-Service implementations are not suited for building general purpose apps. What’s missing is a way to model and manage stateful services. Can we make stateful apps run as if they were stateless? We’ll investigate the inherent challenges with serving stateful services from a scaling perspective while preserving responsiveness by designing for resilience and elasticity, using Akka—an OSS library for distributed stateful apps—as a concrete example. We’ll discuss design principles needed to address problems around data consistency, system integrity, and data locality, why they are key to maintain overall system behavior under failure and load and discuss pitfalls and requirements needed to understand when operating the infrastructure fabric—f.e. Knative—which orchestrates the services.
https://sched.co/MPeO
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Serverless is Interesting But FaaS is Not Enough - Jonas Bonér, Lightbend Inc.
Serverless is interesting because it emphasizes automation of infrastructure, but current Function-as-a-Service implementations are not suited for building general purpose apps. What’s missing is a way to model and manage stateful services. Can we make stateful apps run as if they were stateless? We’ll investigate the inherent challenges with serving stateful services from a scaling perspective while preserving responsiveness by designing for resilience and elasticity, using Akka—an OSS library for distributed stateful apps—as a concrete example. We’ll discuss design principles needed to address problems around data consistency, system integrity, and data locality, why they are key to maintain overall system behavior under failure and load and discuss pitfalls and requirements needed to understand when operating the infrastructure fabric—f.e. Knative—which orchestrates the services.
https://sched.co/MPeO
- 1 participant
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: Building a Bigger Tent: Cloud Native, Cultural Change and Complexity - Bob Quillin, VP Developer Relations, Oracle Cloud
The Cloud Native ecosystem continues to expand dramatically but many enterprises and traditional development teams are being left behind. The top two issues facing our industry are cultural change for developers and complexity – thus we need to find ways to build a bigger cloud native tent that is more inclusive of modern and traditional applications, cloud and on-premises users. This keynote focuses on the challenges and opportunities to create a more inclusive, sustainable cloud native community.
https://sched.co/MRz1
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: Building a Bigger Tent: Cloud Native, Cultural Change and Complexity - Bob Quillin, VP Developer Relations, Oracle Cloud
The Cloud Native ecosystem continues to expand dramatically but many enterprises and traditional development teams are being left behind. The top two issues facing our industry are cultural change for developers and complexity – thus we need to find ways to build a bigger cloud native tent that is more inclusive of modern and traditional applications, cloud and on-premises users. This keynote focuses on the challenges and opportunities to create a more inclusive, sustainable cloud native community.
https://sched.co/MRz1
- 2 participants
- 6 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: Expanding the Kubernetes Operator Community - Rob Szumski, Principal Product Manager for OpenShift, Red Hat
Operators enable you run those “tricky” stateful services and complex distributed systems on Kubernetes. Kubernetes Operators are embedded with all of the special knowledge for running an app, from the experts in the open source community, so that every end user doesn’t need to be one. Discover Operators ready to use on your cluster with OperatorHub.io and learn about the tools at your disposal to build, test and ship an Operator.
https://sched.co/MRyx
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: Expanding the Kubernetes Operator Community - Rob Szumski, Principal Product Manager for OpenShift, Red Hat
Operators enable you run those “tricky” stateful services and complex distributed systems on Kubernetes. Kubernetes Operators are embedded with all of the special knowledge for running an app, from the experts in the open source community, so that every end user doesn’t need to be one. Discover Operators ready to use on your cluster with OperatorHub.io and learn about the tools at your disposal to build, test and ship an Operator.
https://sched.co/MRyx
- 1 participant
- 6 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: Recursive Kubernetes: Cluster API and Clusters as Cattle - Joe Beda, Principal Engineer, VMware
If Kubernetes is the gold standard for managing fleets of applications, what’s the gold standard for managing fleets of Kubernetes clusters? Cluster Lifecycle SIG is taking that challenge head on with Cluster API. Let’s talk about how we improve the upstream experience by bringing declarative APIs to cluster creation, configuration and management.
https://sched.co/MQbY
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: Recursive Kubernetes: Cluster API and Clusters as Cattle - Joe Beda, Principal Engineer, VMware
If Kubernetes is the gold standard for managing fleets of applications, what’s the gold standard for managing fleets of Kubernetes clusters? Cluster Lifecycle SIG is taking that challenge head on with Cluster API. Let’s talk about how we improve the upstream experience by bringing declarative APIs to cluster creation, configuration and management.
https://sched.co/MQbY
- 1 participant
- 6 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: What I Learned Running 10,000+ Kubernetes Clusters - Jason McGee, IBM Fellow, IBM
After years of running Kubernetes, I've learned a few things about scale. When you have one cluster, you can manage it by hand. For 2-10 clusters, familiar tools work OK. But for more than 10, it's time for help. In my Kubernetes journey, I've seen stable tools fail under pressure. Even with good intentions, developers can throw a wrench into ideal consistent ops. This keynote covers how to scale to thousands of clusters worldwide. You'll also hear why observability for every cluster change is critical. And don't forget about policy enforcement for cluster declarations. Bonus! A demo of Open Razee (a new open source project) shows how you can control and scale daily cluster updates.
https://sched.co/MRzX
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Sponsored Keynote: What I Learned Running 10,000+ Kubernetes Clusters - Jason McGee, IBM Fellow, IBM
After years of running Kubernetes, I've learned a few things about scale. When you have one cluster, you can manage it by hand. For 2-10 clusters, familiar tools work OK. But for more than 10, it's time for help. In my Kubernetes journey, I've seen stable tools fail under pressure. Even with good intentions, developers can throw a wrench into ideal consistent ops. This keynote covers how to scale to thousands of clusters worldwide. You'll also hear why observability for every cluster change is critical. And don't forget about policy enforcement for cluster declarations. Bonus! A demo of Open Razee (a new open source project) shows how you can control and scale daily cluster updates.
https://sched.co/MRzX
- 1 participant
- 6 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Streamlining Kubernetes Application CI/CD with Bazel - Gregg Donovan, Etsy.com, Inc. & Chris Love, CNM Consulting
Creating a repeatable Kubernetes application deployment pipeline with the Bazel build system offers a number of advantages over traditional Kubernetes application CI/CD approaches. We will describe how Etsy uses Bazel, along with its container and Kubernetes support, to deploy many different services to multiple different clusters and environments. Using a repeatable build process maximizes container layer caching and takes advantage of Kubernetes built in pod template hashing. With this caching in place, it becomes feasible to deploy all services in a large repo reliably without under-deploying -- not deploying changed components, leaving them unvalidated on master -- or over-deploying, waiting for a potentially expensive rollout despite not having made changes. Bazel's rules_docker also allow you to build deterministic container images without the Docker daemon, simplifying CI/CD.
https://sched.co/MPYv
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Streamlining Kubernetes Application CI/CD with Bazel - Gregg Donovan, Etsy.com, Inc. & Chris Love, CNM Consulting
Creating a repeatable Kubernetes application deployment pipeline with the Bazel build system offers a number of advantages over traditional Kubernetes application CI/CD approaches. We will describe how Etsy uses Bazel, along with its container and Kubernetes support, to deploy many different services to multiple different clusters and environments. Using a repeatable build process maximizes container layer caching and takes advantage of Kubernetes built in pod template hashing. With this caching in place, it becomes feasible to deploy all services in a large repo reliably without under-deploying -- not deploying changed components, leaving them unvalidated on master -- or over-deploying, waiting for a potentially expensive rollout despite not having made changes. Bazel's rules_docker also allow you to build deterministic container images without the Docker daemon, simplifying CI/CD.
https://sched.co/MPYv
- 4 participants
- 40 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Kubernetes Control Plane for Busy People Who Like Pictures - Daniel Smith, Google
Let’s dive into the modular design of the Kubernetes control plane together. We’ll talk about the specific resources and controllers which make Kubernetes what it is, and how this pattern generalizes--which problem domains are well solved by the Kubernetes control plane architecture? This talk will speak to people ready for a 201-level introduction to the Kubernetes control plane, and also to people contemplating using Kubernetes API Machinery for their own purposes.
https://sched.co/MPa5
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Kubernetes Control Plane for Busy People Who Like Pictures - Daniel Smith, Google
Let’s dive into the modular design of the Kubernetes control plane together. We’ll talk about the specific resources and controllers which make Kubernetes what it is, and how this pattern generalizes--which problem domains are well solved by the Kubernetes control plane architecture? This talk will speak to people ready for a 201-level introduction to the Kubernetes control plane, and also to people contemplating using Kubernetes API Machinery for their own purposes.
https://sched.co/MPa5
- 3 participants
- 28 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Multicluster Toolbox - Adrien Trouillaud, Admiralty
The Kubernetes community has been talking about "multicluster" for several years. The topic is often associated with the Federation (v2) project. While Federation offers a solution to a problem (top-down resource declaration with templates, placements, and overrides), multicluster is about more than that. As Adrien was working on a different problem—peer-to-peer scheduling—he soon realized that some of the building blocks were missing: how to authorize requests from pods in a cluster to the Kubernetes APIs of other clusters; how to watch resources in a cluster to control resources in other clusters; how to garbage-collect objects in a cluster owned by objects in other clusters. Adrien started assembling an open-source "multicluster toolbox", composed of multicluster-service-account and multicluster-controller. This talk explains how to use them to solve unique multicluster problems.
https://sched.co/MPa8
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
The Multicluster Toolbox - Adrien Trouillaud, Admiralty
The Kubernetes community has been talking about "multicluster" for several years. The topic is often associated with the Federation (v2) project. While Federation offers a solution to a problem (top-down resource declaration with templates, placements, and overrides), multicluster is about more than that. As Adrien was working on a different problem—peer-to-peer scheduling—he soon realized that some of the building blocks were missing: how to authorize requests from pods in a cluster to the Kubernetes APIs of other clusters; how to watch resources in a cluster to control resources in other clusters; how to garbage-collect objects in a cluster owned by objects in other clusters. Adrien started assembling an open-source "multicluster toolbox", composed of multicluster-service-account and multicluster-controller. This talk explains how to use them to solve unique multicluster problems.
https://sched.co/MPa8
- 1 participant
- 36 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: A Day in the Life of a Cloud Native Developer - Randy Abernethy, RX-M, LLC
In this 90 minute, hands on tutorial, attendees will get a chance to work with a comprehensive set of modern cloud native tools from the CNCF software stack. The tutorial will take users on an end to end journey through some of the most important tools and processes involved in constructing, packaging, deploying and managing a working microservices application. Each lab step will introduce a new CNCF project and demonstrate how that project adds value in a cloud native tool chain. Participants will leave with an overarching understanding of the benefits associated with a fully cloud native developer experience. Projects used in this practical field trip include: Kubernetes, Prometheus, Envoy, Fluentd, gRPC, Containerd, Helm, Harbor and Telepresence. Attendees will need a laptop and an ssh client to complete the hands on labs.
https://sched.co/MPh0
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: A Day in the Life of a Cloud Native Developer - Randy Abernethy, RX-M, LLC
In this 90 minute, hands on tutorial, attendees will get a chance to work with a comprehensive set of modern cloud native tools from the CNCF software stack. The tutorial will take users on an end to end journey through some of the most important tools and processes involved in constructing, packaging, deploying and managing a working microservices application. Each lab step will introduce a new CNCF project and demonstrate how that project adds value in a cloud native tool chain. Participants will leave with an overarching understanding of the benefits associated with a fully cloud native developer experience. Projects used in this practical field trip include: Kubernetes, Prometheus, Envoy, Fluentd, gRPC, Containerd, Helm, Harbor and Telepresence. Attendees will need a laptop and an ssh client to complete the hands on labs.
https://sched.co/MPh0
- 2 participants
- 1:29 hours
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Back to Basics: Hands-On Deployment of Stateful Workloads on Kubernetes - David Zhu, Google & Jan Šafránek, Red Hat
Ever wonder how to use a “volumeClaimTemplate”? Why you would choose a StatefulSet over a Deployment or vice versa? Complicated stateful applications are normally deployed via operators; however, it is critical to have a firm grasp on the Kubernetes primitives to understand, fine-tune, and debug your applications. In this tutorial you will learn about core Kubernetes storage and workloads concepts and how to use them to deploy stateful applications. You will get hands-on experience deploying both Cassandra and a test application on a Kubernetes cluster and learn how to debug some common errors in the process. You will develop mental models to understand the workings of StatefulSets along with how to compare them with other Kubernetes workload models such as Deployments and DaemonSets to determine the right workload for your purposes. Prerequisites: Laptop Basic UNIX command line experience
https://sched.co/MPgl
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Back to Basics: Hands-On Deployment of Stateful Workloads on Kubernetes - David Zhu, Google & Jan Šafránek, Red Hat
Ever wonder how to use a “volumeClaimTemplate”? Why you would choose a StatefulSet over a Deployment or vice versa? Complicated stateful applications are normally deployed via operators; however, it is critical to have a firm grasp on the Kubernetes primitives to understand, fine-tune, and debug your applications. In this tutorial you will learn about core Kubernetes storage and workloads concepts and how to use them to deploy stateful applications. You will get hands-on experience deploying both Cassandra and a test application on a Kubernetes cluster and learn how to debug some common errors in the process. You will develop mental models to understand the workings of StatefulSets along with how to compare them with other Kubernetes workload models such as Deployments and DaemonSets to determine the right workload for your purposes. Prerequisites: Laptop Basic UNIX command line experience
https://sched.co/MPgl
- 11 participants
- 1:18 hours
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Building Security into Kubernetes Deployment Pipelines - Michael Hough, IBM & Sam Irvine, ControlPlane
How secure is your deployment pipeline? Is image integrity verified or can any user deploy any image to production? Are those images scanned for known CVEs? And are security policies enforced to harden the cluster at runtime? This tutorial covers current best practices for enhanced Kubernetes cluster security. It is led by core contributors and subject matter experts, and provides hands-on experience with Notary, admission controllers, and vulnerability scanning. It teaches integrating image signing and vulnerability scanning into a pipeline through live examples, and demonstrates how to configure Kubernetes to enforce security policies and image integrity. Attendees should expect to learn how to utilise state-of-the-art CNCF and OS tooling, and frustrate potential attackers throughout the deployment lifecycle.
https://sched.co/MPgu
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Building Security into Kubernetes Deployment Pipelines - Michael Hough, IBM & Sam Irvine, ControlPlane
How secure is your deployment pipeline? Is image integrity verified or can any user deploy any image to production? Are those images scanned for known CVEs? And are security policies enforced to harden the cluster at runtime? This tutorial covers current best practices for enhanced Kubernetes cluster security. It is led by core contributors and subject matter experts, and provides hands-on experience with Notary, admission controllers, and vulnerability scanning. It teaches integrating image signing and vulnerability scanning into a pipeline through live examples, and demonstrates how to configure Kubernetes to enforce security policies and image integrity. Attendees should expect to learn how to utilise state-of-the-art CNCF and OS tooling, and frustrate potential attackers throughout the deployment lifecycle.
https://sched.co/MPgu
- 2 participants
- 38 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Bullet-Proof Kubernetes: Learn by Hacking - Luke Bond, ControlPlane & Ana-Maria Calin, Paybase
Learn how to attack, exploit, and hack Kubernetes clusters and application workloads. In this workshop attendees are divided into teams, given a crash-course in Kubernetes cluster security, and then set loose on a series of vulnerable clusters in a competitive capture the flag. Full methods, solutions, and vulnerabilities are revealed, along with actionable mitigation steps to enhance a cluster’s security and lock down common misconfigurations. It is designed to develop the kind of expertise only realised in production environments. Emphasis is placed on collaboration and communication, which are key to unlocking some of the advanced flags.
https://sched.co/MPgo
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Bullet-Proof Kubernetes: Learn by Hacking - Luke Bond, ControlPlane & Ana-Maria Calin, Paybase
Learn how to attack, exploit, and hack Kubernetes clusters and application workloads. In this workshop attendees are divided into teams, given a crash-course in Kubernetes cluster security, and then set loose on a series of vulnerable clusters in a competitive capture the flag. Full methods, solutions, and vulnerabilities are revealed, along with actionable mitigation steps to enhance a cluster’s security and lock down common misconfigurations. It is designed to develop the kind of expertise only realised in production environments. Emphasis is placed on collaboration and communication, which are key to unlocking some of the advanced flags.
https://sched.co/MPgo
- 4 participants
- 1:07 hours
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Cloud-Agnostic Serverless - Sebastien Goasguen, TriggerMesh
Serverless design patterns have grown in popularity because they allow developers to move faster by focusing on business logic without worrying about the underlying infrastructure where their code is run. However, many enterprises use diverse infrastructure including on-premises servers and multiple clouds. In this tutorial, we will leverage Knative, Google's Kubernetes-based open source platform to build, deploy, and manage modern serverless workloads. We will push serverless functions and apps to production on any cloud of choice and switch the provider as necessary. We will leverage GitLab and TriggerMesh technology in the tutorial and also share how developers can use other options.
https://sched.co/MPgx
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Cloud-Agnostic Serverless - Sebastien Goasguen, TriggerMesh
Serverless design patterns have grown in popularity because they allow developers to move faster by focusing on business logic without worrying about the underlying infrastructure where their code is run. However, many enterprises use diverse infrastructure including on-premises servers and multiple clouds. In this tutorial, we will leverage Knative, Google's Kubernetes-based open source platform to build, deploy, and manage modern serverless workloads. We will push serverless functions and apps to production on any cloud of choice and switch the provider as necessary. We will leverage GitLab and TriggerMesh technology in the tutorial and also share how developers can use other options.
https://sched.co/MPgx
- 5 participants
- 1:09 hours
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Introduction to Kubeflow Pipelines - Michelle Casbon, Dan Sanche, Dan Anghel, & Michal Zylinski, Google
In this session, you will learn how to install and use Kubeflow Pipelines to create a full machine learning application on Kubernetes. Starting with an empty environment, you will create a Kubernetes cluster and install Kubeflow from scratch. Then you will build and run a full pipeline that first trains a model using TensorFlow, then serves the model, and finally deploys a web front-end for interacting with the resulting predictions. You will then move into a notebook to build and run your pipeline using the Python SDK. You will become familiar with Google Cloud Platform tools such as Cloud Shell and Kubernetes Engine. Prerequisite: fundamental knowledge of Kubernetes. Setup: must bring own laptop. Qwiklab/GCP credits will be provided. Note: this session showcases Kubeflow features newly released since the Seattle workshop.
https://sched.co/MPgr
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Tutorial: Introduction to Kubeflow Pipelines - Michelle Casbon, Dan Sanche, Dan Anghel, & Michal Zylinski, Google
In this session, you will learn how to install and use Kubeflow Pipelines to create a full machine learning application on Kubernetes. Starting with an empty environment, you will create a Kubernetes cluster and install Kubeflow from scratch. Then you will build and run a full pipeline that first trains a model using TensorFlow, then serves the model, and finally deploys a web front-end for interacting with the resulting predictions. You will then move into a notebook to build and run your pipeline using the Python SDK. You will become familiar with Google Cloud Platform tools such as Cloud Shell and Kubernetes Engine. Prerequisite: fundamental knowledge of Kubernetes. Setup: must bring own laptop. Qwiklab/GCP credits will be provided. Note: this session showcases Kubeflow features newly released since the Seattle workshop.
https://sched.co/MPgr
- 13 participants
- 1:26 hours
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Unit Testing Your Kubernetes Configurations Using Open Policy Agent - Gareth Rushgrove, Docker
Open Policy Agent provides a high-level declarative language to author and enforce policies on structured data, for instance Kubernetes configurations. OPA is typically used as a service to enforce authorization policy in a cluster. New configurations submitted to an API are filtered through OPA and accepted or rejected depending on the defined policy. But some types of policy violations can be caught even earlier in the development process. In this talk we’ll discuss: - Why you might benefit from writing unit tests for your Kubernetes configuration - Getting started with regol, OPAs declarative assertion language - Integrating OPA-based tests with your continuous integration system - Testing Kubernetes configurations when working with other ecosystem tools like Helm, Kustomize and Pulumi - Extending the same approach to other structured configuration files
https://sched.co/MPYj
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Unit Testing Your Kubernetes Configurations Using Open Policy Agent - Gareth Rushgrove, Docker
Open Policy Agent provides a high-level declarative language to author and enforce policies on structured data, for instance Kubernetes configurations. OPA is typically used as a service to enforce authorization policy in a cluster. New configurations submitted to an API are filtered through OPA and accepted or rejected depending on the defined policy. But some types of policy violations can be caught even earlier in the development process. In this talk we’ll discuss: - Why you might benefit from writing unit tests for your Kubernetes configuration - Getting started with regol, OPAs declarative assertion language - Integrating OPA-based tests with your continuous integration system - Testing Kubernetes configurations when working with other ecosystem tools like Helm, Kustomize and Pulumi - Extending the same approach to other structured configuration files
https://sched.co/MPYj
- 1 participant
- 34 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Using K8s Audit Logs to Secure Your Cluster - Mark Stemm, Sysdig
K8s Audit Logs are a new feature in K8s 1.11/1.13 which allow an operator to see a stream of events from the API server that show the changes being made to your cluster. In this talk, we’ll describe how auditing works and how to get it working it for popular K8s variants. Then we’ll dive into specific security-oriented use cases, showing how you can use audit logs to enforce security best practices, detect misuse, and fill the gap between what you think the cluster is running and what's actually running. Some specific use cases we’ll discuss include misuse of configmaps to hold sensitive data, overly loose permissions on pods/services, and abuse of cluster role bindings that grant too many (or the wrong) permissions. Attendees should come away with the ability to enable K8s Audit Support in their cluster and what to look for in their audit logs to ensure that their cluster is secure.
https://sched.co/MPcS
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Using K8s Audit Logs to Secure Your Cluster - Mark Stemm, Sysdig
K8s Audit Logs are a new feature in K8s 1.11/1.13 which allow an operator to see a stream of events from the API server that show the changes being made to your cluster. In this talk, we’ll describe how auditing works and how to get it working it for popular K8s variants. Then we’ll dive into specific security-oriented use cases, showing how you can use audit logs to enforce security best practices, detect misuse, and fill the gap between what you think the cluster is running and what's actually running. Some specific use cases we’ll discuss include misuse of configmaps to hold sensitive data, overly loose permissions on pods/services, and abuse of cluster role bindings that grant too many (or the wrong) permissions. Attendees should come away with the ability to enable K8s Audit Support in their cluster and what to look for in their audit logs to ensure that their cluster is secure.
https://sched.co/MPcS
- 1 participant
- 35 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Using eBPF to Bring Kubernetes-Aware Security to the Linux Kernel - Dan Wendlandt, Isovalent
eBPF is a powerful Linux kernel technology that has recently become available in mainstream Linux distributions, enabling radically deeper visibility into and control over many aspects of operating system behavior. In this talk, we will cover the basics of eBPF and then dive into a hands-on exploration of use cases where eBPF-based technologies like Cilium and BCC can enable security visibility and isolation well beyond what is possible with traditional Linux security primitives, Examples include: 1. Auditing the set of syscalls made by users who access pods via "kubectl exec". 2. Network visibility and access control that distinguishes between a sidecar and primary container inside a single pod. 3. API-layer visibility into inter-service connectivity, even if the connection is encrypted using TLS.
https://sched.co/MPdW
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Using eBPF to Bring Kubernetes-Aware Security to the Linux Kernel - Dan Wendlandt, Isovalent
eBPF is a powerful Linux kernel technology that has recently become available in mainstream Linux distributions, enabling radically deeper visibility into and control over many aspects of operating system behavior. In this talk, we will cover the basics of eBPF and then dive into a hands-on exploration of use cases where eBPF-based technologies like Cilium and BCC can enable security visibility and isolation well beyond what is possible with traditional Linux security primitives, Examples include: 1. Auditing the set of syscalls made by users who access pods via "kubectl exec". 2. Network visibility and access control that distinguishes between a sidecar and primary container inside a single pod. 3. API-layer visibility into inter-service connectivity, even if the connection is encrypted using TLS.
https://sched.co/MPdW
- 8 participants
- 47 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
What WePay Learned From Processing Billions of Dollars on GKE Using Linkerd - Mohsen Rezaei, WePay
WePay processes billions of dollars worth of payments each year. As the number of services that process payment requests grow in WePay’s infrastructure, so does the challenge of monitoring, debugging, and tracing call paths and service internals that run on GKE. This session focuses on how the Platform Infrastructure & Tools team at WePay utilized monitoring services like Prometheus and Grafana to migrate their ever growing infrastructure and all of their production traffic (REST and gRPC) to service mesh on top of Linkerd in 2018. In addition, we will show how we used Namerd to bring all services together using discovery, Linkerd to power the data plane where the payments are processed and parsed behind WePay’s payment APIs, and Prometheus and NewRelic to monitor all infrastructure services' and microservices' activities in our production environment.
https://sched.co/MPfM
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
What WePay Learned From Processing Billions of Dollars on GKE Using Linkerd - Mohsen Rezaei, WePay
WePay processes billions of dollars worth of payments each year. As the number of services that process payment requests grow in WePay’s infrastructure, so does the challenge of monitoring, debugging, and tracing call paths and service internals that run on GKE. This session focuses on how the Platform Infrastructure & Tools team at WePay utilized monitoring services like Prometheus and Grafana to migrate their ever growing infrastructure and all of their production traffic (REST and gRPC) to service mesh on top of Linkerd in 2018. In addition, we will show how we used Namerd to bring all services together using discovery, Linkerd to power the data plane where the payments are processed and parsed behind WePay’s payment APIs, and Prometheus and NewRelic to monitor all infrastructure services' and microservices' activities in our production environment.
https://sched.co/MPfM
- 8 participants
- 36 minutes
22 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Writing kubectl Plugins for Everyone: Develop, Package & Distribute - Ahmet Alp Balkan, Google & Maciej Szulik, Red Hat
Many users install extra tools for tasks they can't do with kubectl. Did you know you can write and distribute your own kubectl subcommands? kubectl had notion of plugins since 2016, but after listening to the community feedback, SIG CLI revisited the idea, and new and simpler plugin mechanism is now available in kubectl. The new mechanism allows anyone to write and distribute their own subcommands to kubectl. This opens the door for community contributions to make kubectl better without having to propose a feature to the kubectl core. During this session, Maciej (lead of SIG CLI) and Ahmet (developer of Krew plugin manager) will explain: * how kubectl plugin mechanism works under the covers * how does a good plugin look like, best practices & available libraries * hands-on demo of developing a plugin * how to package plugins for multiple OS/distros and make them discoverable
https://sched.co/MPa2
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Writing kubectl Plugins for Everyone: Develop, Package & Distribute - Ahmet Alp Balkan, Google & Maciej Szulik, Red Hat
Many users install extra tools for tasks they can't do with kubectl. Did you know you can write and distribute your own kubectl subcommands? kubectl had notion of plugins since 2016, but after listening to the community feedback, SIG CLI revisited the idea, and new and simpler plugin mechanism is now available in kubectl. The new mechanism allows anyone to write and distribute their own subcommands to kubectl. This opens the door for community contributions to make kubectl better without having to propose a feature to the kubectl core. During this session, Maciej (lead of SIG CLI) and Ahmet (developer of Krew plugin manager) will explain: * how kubectl plugin mechanism works under the covers * how does a good plugin look like, best practices & available libraries * hands-on demo of developing a plugin * how to package plugins for multiple OS/distros and make them discoverable
https://sched.co/MPa2
- 3 participants
- 30 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: 2.66 Million - Cheryl Hung, Director of Ecosystem, Cloud Native Computing Foundation
Over the last 4 years, Kubernetes has redefined what it means to run software. It empowers people to do more than they could do before - to ship faster, to use less resources, to understand the behaviour of thousands of applications running on tens of thousands of machines. Now the CNCF is home to 36 projects, and growing. Cheryl will share some initiatives from the CNCF to ensure a happy and healthy community.
https://sched.co/MQUp
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: 2.66 Million - Cheryl Hung, Director of Ecosystem, Cloud Native Computing Foundation
Over the last 4 years, Kubernetes has redefined what it means to run software. It empowers people to do more than they could do before - to ship faster, to use less resources, to understand the behaviour of thousands of applications running on tens of thousands of machines. Now the CNCF is home to 36 projects, and growing. Cheryl will share some initiatives from the CNCF to ensure a happy and healthy community.
https://sched.co/MQUp
- 1 participant
- 7 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: CNCF Project Update - Bryan Liles, Senior Staff Engineer, VMware Bryan Liles
https://sched.co/MQVe
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: CNCF Project Update - Bryan Liles, Senior Staff Engineer, VMware Bryan Liles
https://sched.co/MQVe
- 6 participants
- 36 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Getting Started in the Kubernetes Community - Lucas Käldström, CNCF Ambassador, Independent & Nikhita Raghunath, Software Engineer, Loodse
Kubernetes is its community. Kubernetes is where it is today only because of the people behind it. The foundation of this thriving community lies on the Kubernetes Community Values. In this talk, we will take a look at what they are, why they are so important and how they shaped our growing ecosystem. By first focusing on the core values, we’ll give the audience an idea of *what* it means to be involved and *why* they should contribute. After that, we will talk about *how* they can get started with contributing, move up the contributor ladder and become a regular contributor who serves the project. Lastly, we’ll look at some stories about how the existing contributors got started with their journey.
https://sched.co/MRdg
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Getting Started in the Kubernetes Community - Lucas Käldström, CNCF Ambassador, Independent & Nikhita Raghunath, Software Engineer, Loodse
Kubernetes is its community. Kubernetes is where it is today only because of the people behind it. The foundation of this thriving community lies on the Kubernetes Community Values. In this talk, we will take a look at what they are, why they are so important and how they shaped our growing ecosystem. By first focusing on the core values, we’ll give the audience an idea of *what* it means to be involved and *why* they should contribute. After that, we will talk about *how* they can get started with contributing, move up the contributor ladder and become a regular contributor who serves the project. Lastly, we’ll look at some stories about how the existing contributors got started with their journey.
https://sched.co/MRdg
- 2 participants
- 20 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Stitching Things Together – Dan Kohn, Executive Director, Cloud Native Computing Foundation
https://sched.co/NcT2
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Keynote: Stitching Things Together – Dan Kohn, Executive Director, Cloud Native Computing Foundation
https://sched.co/NcT2
- 1 participant
- 11 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Beyond Operators: Reimagine Distributed Applications on Kubernetes - Vladimir Vivien, VMware
Kubernetes runs the distributed replicas of an application completely independent with no mechanism provided for coordination between replicas. To minimize race conditions, and other side effects of distributability, applications are often deployed with a replica count limited one or use primitives like StatefulSet to influence pod scheduling stickiness. Unfortunately, these are not enough to create truly distributed applications that can gracefully react to changes in their environment at runtime. While the controller and operator patterns have helped, they tend to use raw API primitives that are not related to building distributed systems. This presentation is a discussion that presents the features needed to create truly distributed applications that can react to changes in a distributed environment and including features such as leader election, synchronization, and coordination.
https://sched.co/MPgB
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Beyond Operators: Reimagine Distributed Applications on Kubernetes - Vladimir Vivien, VMware
Kubernetes runs the distributed replicas of an application completely independent with no mechanism provided for coordination between replicas. To minimize race conditions, and other side effects of distributability, applications are often deployed with a replica count limited one or use primitives like StatefulSet to influence pod scheduling stickiness. Unfortunately, these are not enough to create truly distributed applications that can gracefully react to changes in their environment at runtime. While the controller and operator patterns have helped, they tend to use raw API primitives that are not related to building distributed systems. This presentation is a discussion that presents the features needed to create truly distributed applications that can react to changes in a distributed environment and including features such as leader election, synchronization, and coordination.
https://sched.co/MPgB
- 1 participant
- 6 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Cloud Native Wales: How We Contributed to the Community with No Code - Lewis Denham-Parry, learnk8s.io / CloudNativeWales
This time last year, two people from Wales, United Kingdom decried to bring the CNCF to their doorstep. Previously, they were attending international conferences and national meetups to meet and be a part of the community. Knowing that they were in a privileged position, they wanted to share it with others that, for whatever reason, were unable to make these events. Cloud Native Wales will be soon celebrating a year of meetups, and best of all, we get to share this with the 100's of people within our meetup community. This talk will inspire you to take the chance to branch the CNCF and build a community closer to home, help others learn, share and contribute to the world wide community.
https://sched.co/MPgi
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Cloud Native Wales: How We Contributed to the Community with No Code - Lewis Denham-Parry, learnk8s.io / CloudNativeWales
This time last year, two people from Wales, United Kingdom decried to bring the CNCF to their doorstep. Previously, they were attending international conferences and national meetups to meet and be a part of the community. Knowing that they were in a privileged position, they wanted to share it with others that, for whatever reason, were unable to make these events. Cloud Native Wales will be soon celebrating a year of meetups, and best of all, we get to share this with the 100's of people within our meetup community. This talk will inspire you to take the chance to branch the CNCF and build a community closer to home, help others learn, share and contribute to the world wide community.
https://sched.co/MPgi
- 1 participant
- 5 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Ready, Steady, CKA! - Olive Power, VMware
It’s a race with time to pass most exams, and the Certified Kubernetes Administrator (CKA) is no different. The CKA was developed by the CNCF, and is fast becoming one of the most strategic certifications to acquire in terms of establishing a credible posture in kubernetes standings. This talk covers topics on how best to combat the screaming passing of time during the exam. How to accelerate getting resources up and running in kubernetes with Kubectl command options, how to optimise the shell environment for speed, and also how to optimise the vim text editor for use with yaml files will all be covered. Some protips on study resources that help you prepare, and how to organise your time during the exam will also be presented. This talk will cover as much as possible in the allocated time. We will keep going until time runs out – just like in the exam.
https://sched.co/MPg8
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Ready, Steady, CKA! - Olive Power, VMware
It’s a race with time to pass most exams, and the Certified Kubernetes Administrator (CKA) is no different. The CKA was developed by the CNCF, and is fast becoming one of the most strategic certifications to acquire in terms of establishing a credible posture in kubernetes standings. This talk covers topics on how best to combat the screaming passing of time during the exam. How to accelerate getting resources up and running in kubernetes with Kubectl command options, how to optimise the shell environment for speed, and also how to optimise the vim text editor for use with yaml files will all be covered. Some protips on study resources that help you prepare, and how to organise your time during the exam will also be presented. This talk will cover as much as possible in the allocated time. We will keep going until time runs out – just like in the exam.
https://sched.co/MPg8
- 1 participant
- 6 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Reliability Engineering for Humans - Hannah Foxwell, Pivotal
The concepts and practices of site reliability engineering are changing the way we build and operate our platforms and enabling us to have more meaningful conversations about availability, service-level objectives, and cost. But what are the benefits for the engineer holding the pager? Can we add a human element to our error budgets? Join Hannah Foxwell to look at site reliability engineering practices through a human lens. Hannah combines SRE with HumanOps and explains how to use SRE practices to improve the health and well-being of your team.
https://sched.co/MPg5
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Reliability Engineering for Humans - Hannah Foxwell, Pivotal
The concepts and practices of site reliability engineering are changing the way we build and operate our platforms and enabling us to have more meaningful conversations about availability, service-level objectives, and cost. But what are the benefits for the engineer holding the pager? Can we add a human element to our error budgets? Join Hannah Foxwell to look at site reliability engineering practices through a human lens. Hannah combines SRE with HumanOps and explains how to use SRE practices to improve the health and well-being of your team.
https://sched.co/MPg5
- 1 participant
- 6 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Using Istio's Mixer for Network Request Caching - Zach Arnold, Ygrene Energy Fund
Service Meshes (and Istio in particular,) have helped application developers off-load a good chunk of logic surrounding network requests. Our microservices should be as close to pure business logic as possible, but what happens when we add so many services that our network requests are dramatically slowing the application down? The natural result is to look for some caching of requests on either the client or service side. Enter Redis, Memcached, and other caching tools all to help reduce network calls and overall latency. All of this comes with implementation penalty reducing the purity of our services. We will demonstrate how Istio's Mixer component can be used to cache requests at the request level and how that can keep your application fast, without ruining the purity of your services.
https://sched.co/MPgT
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Using Istio's Mixer for Network Request Caching - Zach Arnold, Ygrene Energy Fund
Service Meshes (and Istio in particular,) have helped application developers off-load a good chunk of logic surrounding network requests. Our microservices should be as close to pure business logic as possible, but what happens when we add so many services that our network requests are dramatically slowing the application down? The natural result is to look for some caching of requests on either the client or service side. Enter Redis, Memcached, and other caching tools all to help reduce network calls and overall latency. All of this comes with implementation penalty reducing the purity of our services. We will demonstrate how Istio's Mixer component can be used to cache requests at the request level and how that can keep your application fast, without ruining the purity of your services.
https://sched.co/MPgT
- 1 participant
- 5 minutes
21 May 2019
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Using Jupyter Notebooks To Gain Insight Of Your Cluster - Ruben D Orduz, VMware
For the last 7 years or so Jupyter Notebooks (formerly known as IPython) has revolutionized the way scholars, enthusiasts and data analysts look at, process and work with data. On the Kubernetes side, component (api-server, scheduler, controller manager, etc.) logs, events, etc. can be an indomitable fire hose of data that can rather difficult to analyze and work with in its raw form. However, as we'll demonstrate, with the right tools, you can create data pipelines so that it can observed, analyzed and visualized in an interactive way using Jupyter notebooks. Insight therein can then be used for any task from performance tuning to debugging. The outline for this lightning talk is straightforward: * Problem statement (~ 1 min.) * Solution and tooling description (~45 sec.) * How the tooling was used ( ~1 min.) * Go over the data processing pipeline (~1 min.) * Results (~45 sec.)
https://sched.co/MPgQ
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Lightning Talk: Using Jupyter Notebooks To Gain Insight Of Your Cluster - Ruben D Orduz, VMware
For the last 7 years or so Jupyter Notebooks (formerly known as IPython) has revolutionized the way scholars, enthusiasts and data analysts look at, process and work with data. On the Kubernetes side, component (api-server, scheduler, controller manager, etc.) logs, events, etc. can be an indomitable fire hose of data that can rather difficult to analyze and work with in its raw form. However, as we'll demonstrate, with the right tools, you can create data pipelines so that it can observed, analyzed and visualized in an interactive way using Jupyter notebooks. Insight therein can then be used for any task from performance tuning to debugging. The outline for this lightning talk is straightforward: * Problem statement (~ 1 min.) * Solution and tooling description (~45 sec.) * How the tooling was used ( ~1 min.) * Go over the data processing pipeline (~1 min.) * Results (~45 sec.)
https://sched.co/MPgQ
- 1 participant
- 6 minutes
1 Dec 2017
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Towards Kubeflow 1.0, Bringing a Cloud Native Platform For ML to Kubernetes - David Aronchick, Microsoft & Jeremy Lewi, Google
In December of 2017, a small number of folks from a handful of companies introduced Kubeflow; an open, cloud native platform for machine learning. The project has gained a lot of momentum with hundreds of committers, thousands of commits and stars. With the traction, many companies are asking if can Kubeflow help them bring their ML practices to the next level, and where Kubeflow is going next. This talk will discuss the growth of the Kubeflow ecosystem and its place in the lifecycle of ML development. We will provide concrete examples of how Kubeflow is developing new applications such as Katib for hyperparameter tuning and Kubeflow pipelines to address gaps in the landscape. We will also show how we are using Kubernetes and Cloud Native technologies to glue these applications into a cohesive platform, and where Kubeflow will be going next.
https://sched.co/MPax
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Towards Kubeflow 1.0, Bringing a Cloud Native Platform For ML to Kubernetes - David Aronchick, Microsoft & Jeremy Lewi, Google
In December of 2017, a small number of folks from a handful of companies introduced Kubeflow; an open, cloud native platform for machine learning. The project has gained a lot of momentum with hundreds of committers, thousands of commits and stars. With the traction, many companies are asking if can Kubeflow help them bring their ML practices to the next level, and where Kubeflow is going next. This talk will discuss the growth of the Kubeflow ecosystem and its place in the lifecycle of ML development. We will provide concrete examples of how Kubeflow is developing new applications such as Katib for hyperparameter tuning and Kubeflow pipelines to address gaps in the landscape. We will also show how we are using Kubernetes and Cloud Native technologies to glue these applications into a cohesive platform, and where Kubeflow will be going next.
https://sched.co/MPax
- 3 participants
- 37 minutes
