5 Jun 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Building Your Brand with CNCF AMA - Shilla Saebi, Comcast & Bill Mulligan, Cloud Native Computing Foundation
Did you ever wonder how to build your brand within the cloud native ecosystem? Do KCD, Online Programs, cloudnative.tv, and the CNCF blog (just to start) seem like an overwhelming seas of possibilities? CNCF offers a variety of programs, but it is often difficult to know where to begin. In this introductory session, you will learn about the different programs CNCF offers to help you build your cloud native voice. There will be jokes, stories, and new friends. Come be a part of the foundation of doers.
Building Your Brand with CNCF AMA - Shilla Saebi, Comcast & Bill Mulligan, Cloud Native Computing Foundation
Did you ever wonder how to build your brand within the cloud native ecosystem? Do KCD, Online Programs, cloudnative.tv, and the CNCF blog (just to start) seem like an overwhelming seas of possibilities? CNCF offers a variety of programs, but it is often difficult to know where to begin. In this introductory session, you will learn about the different programs CNCF offers to help you build your cloud native voice. There will be jokes, stories, and new friends. Come be a part of the foundation of doers.
- 3 participants
- 48 minutes
19 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: IBM Cloud - Deploying a Simple Python App to IBM Cloud Code Engine - JJ Asghar
JJ will walk you through deploying a simple python application to IBM Cloud Code Engine. We'll start from the ground up, then get a complete automated build. The goal is to enable your developers to focus on code, not the infrastructure! It's a chance to see the power of Code Engine and why taking the time to learn cloud-native development can get you the velocity you need.
Sponsored Session: IBM Cloud - Deploying a Simple Python App to IBM Cloud Code Engine - JJ Asghar
JJ will walk you through deploying a simple python application to IBM Cloud Code Engine. We'll start from the ground up, then get a complete automated build. The goal is to enable your developers to focus on code, not the infrastructure! It's a chance to see the power of Code Engine and why taking the time to learn cloud-native development can get you the velocity you need.
- 1 participant
- 16 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Native Storage - a View of the Landscape, Projects and Technology - Alex Chircop, StorageOS; Xing Yang, VMware & Quinton Hoole, Facebook
This talk will discuss how the CNCF storage SIG in the CNCF operates, identifies projects for Cloud Native admission and where we see the future of storage in the Cloud Native Ecosystem heading.
During this session we will cover:
- Overview of the SIG, how to join and how to help
- Overview of storage projects in the CNCF
- Projects that are currently being being reviewed
We will also share updates of our latest work including:
- the CNCF Storage Landscape document
- the Performance and Benchmarking document
- the Cloud Native Disaster Recovery document
Cloud Native Storage - a View of the Landscape, Projects and Technology - Alex Chircop, StorageOS; Xing Yang, VMware & Quinton Hoole, Facebook
This talk will discuss how the CNCF storage SIG in the CNCF operates, identifies projects for Cloud Native admission and where we see the future of storage in the Cloud Native Ecosystem heading.
During this session we will cover:
- Overview of the SIG, how to join and how to help
- Overview of storage projects in the CNCF
- Projects that are currently being being reviewed
We will also share updates of our latest work including:
- the CNCF Storage Landscape document
- the Performance and Benchmarking document
- the Cloud Native Disaster Recovery document
- 2 participants
- 38 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
EmpowerUs, Sponsored by Google Cloud
Join us for the EmpowerUs session, sponsored by Google Cloud. You'll hear inspiring stories from women in open source, and an opportunity for meaningful interaction.
Moderators:
Radha Jhatakia
Program Manager, Google
Speakers:
Aish Sundar
Software Engineering Manager, Google
Jeana Jorgensen
Senior Director, Product Marketing - Infra, App Mod, and Developer, Google
María Cruz
Program Manager, Google
EmpowerUs, Sponsored by Google Cloud
Join us for the EmpowerUs session, sponsored by Google Cloud. You'll hear inspiring stories from women in open source, and an opportunity for meaningful interaction.
Moderators:
Radha Jhatakia
Program Manager, Google
Speakers:
Aish Sundar
Software Engineering Manager, Google
Jeana Jorgensen
Senior Director, Product Marketing - Infra, App Mod, and Developer, Google
María Cruz
Program Manager, Google
- 4 participants
- 32 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
High Throughput with Low Resource Usage: A Logging Journey - Eduardo Silva, Calyptia
In Logging, there is a common fact: more applications means more data to handle. Running services at scale in a distributed environment brings exciting challenges for data management, but with the volume of data increasing there is a necessity to ship this data faster, but a few ones realize the side effect: high resource consumption. On implementing a logging pipeline, pre-processing of the data is mandatory, a simple example of this is Kubernetes metadata enrichment for every log record, but more data means more computing time, the same cost applies when delivering to the final storage or cloud service. In this session, we will do a deep dive into our journey of performance challenges that we faced in the Fluent Bit project around Network I/O + TLS, filesystem buffers, routing, and multiplexing for high throughput. We will share how did we go from 5k/sec to more than 30k/sec using a single-core CPU using purely design improvements and taking the most of Linux OS interfaces.
High Throughput with Low Resource Usage: A Logging Journey - Eduardo Silva, Calyptia
In Logging, there is a common fact: more applications means more data to handle. Running services at scale in a distributed environment brings exciting challenges for data management, but with the volume of data increasing there is a necessity to ship this data faster, but a few ones realize the side effect: high resource consumption. On implementing a logging pipeline, pre-processing of the data is mandatory, a simple example of this is Kubernetes metadata enrichment for every log record, but more data means more computing time, the same cost applies when delivering to the final storage or cloud service. In this session, we will do a deep dive into our journey of performance challenges that we faced in the Fluent Bit project around Network I/O + TLS, filesystem buffers, routing, and multiplexing for high throughput. We will share how did we go from 5k/sec to more than 30k/sec using a single-core CPU using purely design improvements and taking the most of Linux OS interfaces.
- 1 participant
- 35 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Lightning Talk: Beyond Federation: Automating Multi-cloud Workloads with K8s Native APIs - Kevin (Zefeng) Wang, Huawei
How do you manage workloads and resources in multiple Kubernetes clusters across clouds? Suffering from API incompatibility, worried about in-house customization, etc.?
In this talk, Kevin will share:
1. The challenges and lessons learned from using existing multi-cluster projects e.g. Kubefed to do the dirty work.
2. Reasons why K8s native APIs are important, and how would this way benefit users more comparing to other options.
3. Practices and experiences of building simplified automation with K8s native APIs.
Sponsored Lightning Talk: Beyond Federation: Automating Multi-cloud Workloads with K8s Native APIs - Kevin (Zefeng) Wang, Huawei
How do you manage workloads and resources in multiple Kubernetes clusters across clouds? Suffering from API incompatibility, worried about in-house customization, etc.?
In this talk, Kevin will share:
1. The challenges and lessons learned from using existing multi-cluster projects e.g. Kubefed to do the dirty work.
2. Reasons why K8s native APIs are important, and how would this way benefit users more comparing to other options.
3. Practices and experiences of building simplified automation with K8s native APIs.
- 1 participant
- 6 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: AWS & Weaveworks - Enable Hybrid Cloud Kubernetes with GitOps, EKS, and EKS-D
Speakers: Paul Curtis
One of the biggest advantages Kubernetes has to offer is that it is agnostic to infrastructure and capable of managing diverse workloads running on different compute resources. This allows organizations to take advantage of scalable and cost-efficient cloud resources as well as harness a secure and fully controlled on-premise environment.
Streamlined processes and automation are key for application and operation teams when managing clusters across environments while maintaining security and policy checks.
In this demo you will learn how to:
· Use GitOps model-driven automation to increase reliability and stability across EKS (cloud) and EKS-D (on premise)
· Simplify multi-cluster management with GitOps
· Enable developers to push code to production minutes from Git
· Improve utilization and capacity management through hybrid Kubernetes platforms
Tech utilized: Kubernetes, EKS, EKS-D, Git, LinkerD, GitOps, Weave Kubernetes Platform
Sponsored Session: AWS & Weaveworks - Enable Hybrid Cloud Kubernetes with GitOps, EKS, and EKS-D
Speakers: Paul Curtis
One of the biggest advantages Kubernetes has to offer is that it is agnostic to infrastructure and capable of managing diverse workloads running on different compute resources. This allows organizations to take advantage of scalable and cost-efficient cloud resources as well as harness a secure and fully controlled on-premise environment.
Streamlined processes and automation are key for application and operation teams when managing clusters across environments while maintaining security and policy checks.
In this demo you will learn how to:
· Use GitOps model-driven automation to increase reliability and stability across EKS (cloud) and EKS-D (on premise)
· Simplify multi-cluster management with GitOps
· Enable developers to push code to production minutes from Git
· Improve utilization and capacity management through hybrid Kubernetes platforms
Tech utilized: Kubernetes, EKS, EKS-D, Git, LinkerD, GitOps, Weave Kubernetes Platform
- 1 participant
- 12 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Bridgecrew - End-to-end policy-as-code from IaC to Running Workloads
Speakers: Matt Johnson
Infrastructure as code (IaC) is a cloud-native game-changer. It's modular, reusable, and super shareable, making it easy to get up-and-running fast. Because it's so user-friendly, however, IaC is often subject to security and compliance misconfigurations that can make their way to production resources and workloads.
The key to preventing that from happening is adopting policy-as-code and scanning for misconfigurations continuously throughout the development lifecycle.
In this technical demo, we'll show how Bridgecrew enables exactly that for Kubernetes manifests, Terraform, CloudFormation, and more. You'll see Bridgecrew's complete codified cloud security suite in action—our IDE extension, pre-commit hooks, version control and CI/CD integrations, and runtime scanning.
Sponsored Session: Bridgecrew - End-to-end policy-as-code from IaC to Running Workloads
Speakers: Matt Johnson
Infrastructure as code (IaC) is a cloud-native game-changer. It's modular, reusable, and super shareable, making it easy to get up-and-running fast. Because it's so user-friendly, however, IaC is often subject to security and compliance misconfigurations that can make their way to production resources and workloads.
The key to preventing that from happening is adopting policy-as-code and scanning for misconfigurations continuously throughout the development lifecycle.
In this technical demo, we'll show how Bridgecrew enables exactly that for Kubernetes manifests, Terraform, CloudFormation, and more. You'll see Bridgecrew's complete codified cloud security suite in action—our IDE extension, pre-commit hooks, version control and CI/CD integrations, and runtime scanning.
- 1 participant
- 12 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: CircleCI - Building Arm Compatible CI/CD Pipelines
Speakers: Angel Rivera
Arm architectures are increasingly popular and are becoming widely adopted by teams and organizations. As this adoption grows, developers and organizations must ensure their software and services are capable to support Arm architecture which begins by ensuring their CI/CD tooling and workload are Arm capable. In this tutorial, attendees will learn how to ensure their CI/CD pipelines and workloads are Arm compatible and capable of providing Arm support in their products.
Sponsored Session: CircleCI - Building Arm Compatible CI/CD Pipelines
Speakers: Angel Rivera
Arm architectures are increasingly popular and are becoming widely adopted by teams and organizations. As this adoption grows, developers and organizations must ensure their software and services are capable to support Arm architecture which begins by ensuring their CI/CD tooling and workload are Arm capable. In this tutorial, attendees will learn how to ensure their CI/CD pipelines and workloads are Arm compatible and capable of providing Arm support in their products.
- 1 participant
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Commvault - Many Apps. Many Locations. One Storage Solution.
Speakers: Abhijith Shenoy, Xiangyu Wang
Enterprises are moving their applications to the cloud at an unprecedented pace. The pandemic has accelerated this journey and hybrid-multi cloud is now a foundation of modern enterprise architectures. Along the way, you’ve become comfortable optimizing for where, when, and how your applications run. So, why wouldn’t you be equally comfortable using distributed storage that:
• Provides location transparency for all your stateful applications
• Runs anywhere SDS for predictable enterprise-grade resilience, scale, and performance delivered in an application-aware model
• Integrates natively with K8s and your existing workflows
Containerization promises application portability, yet legacy infrastructure relies on traditional snapshot and replication technology to migrate data across locations, becoming a bottleneck for modern DevOps environments.
With distributed storage, you can provision cloud-native, programmable storage when you need it with self-service access and know that your data is instantly available across multiple locations (edge, core, clouds) using our distributed architecture. In this session, you will see distributed storage in action in a K8s environment and learn how to:
• Easily setup and manage persistent volumes using our new Commvault Distributed Storage Operator
• Establish enterprise-grade high availability for stateful applications across regions and zones
• Benefit from the simplicity and efficiency of sharing the same storage across multiple OpenShift and K8s clusters
Modern solutions don’t come from bolt-ons to legacy technology – they come from a foundational architecture rooted in multi-hybrid cloud distribution.
Sponsored Session: Commvault - Many Apps. Many Locations. One Storage Solution.
Speakers: Abhijith Shenoy, Xiangyu Wang
Enterprises are moving their applications to the cloud at an unprecedented pace. The pandemic has accelerated this journey and hybrid-multi cloud is now a foundation of modern enterprise architectures. Along the way, you’ve become comfortable optimizing for where, when, and how your applications run. So, why wouldn’t you be equally comfortable using distributed storage that:
• Provides location transparency for all your stateful applications
• Runs anywhere SDS for predictable enterprise-grade resilience, scale, and performance delivered in an application-aware model
• Integrates natively with K8s and your existing workflows
Containerization promises application portability, yet legacy infrastructure relies on traditional snapshot and replication technology to migrate data across locations, becoming a bottleneck for modern DevOps environments.
With distributed storage, you can provision cloud-native, programmable storage when you need it with self-service access and know that your data is instantly available across multiple locations (edge, core, clouds) using our distributed architecture. In this session, you will see distributed storage in action in a K8s environment and learn how to:
• Easily setup and manage persistent volumes using our new Commvault Distributed Storage Operator
• Establish enterprise-grade high availability for stateful applications across regions and zones
• Benefit from the simplicity and efficiency of sharing the same storage across multiple OpenShift and K8s clusters
Modern solutions don’t come from bolt-ons to legacy technology – they come from a foundational architecture rooted in multi-hybrid cloud distribution.
- 2 participants
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Datadog - Policy-as-code for Kubernetes with Gatekeeper
Speakers: Ara Pulido
As more enterprises migrate to cloud native environments like Kubernetes, the need for scalable ways to define and enforce fine-grained policies increases: how can I limit the number of replicas of a pod for certain users? how can I ensure that all images come from trusted registries?
Gatekeeper is an open source project to integrate Open Policy Agent (OPA) in Kubernetes environments. Gatekeeper allows to define policy as Kubernetes objects, making it easier to adopt policy-as-code practices in Kubernetes environments and sharing reusable policy templates.
In this demo we will explain how to set up Gatekeeper for Kubernetes environments. You’ll learn how to adopt policy-as-code techniques and how you can integrate Gatekeeper with your existing tools.
Sponsored Session: Datadog - Policy-as-code for Kubernetes with Gatekeeper
Speakers: Ara Pulido
As more enterprises migrate to cloud native environments like Kubernetes, the need for scalable ways to define and enforce fine-grained policies increases: how can I limit the number of replicas of a pod for certain users? how can I ensure that all images come from trusted registries?
Gatekeeper is an open source project to integrate Open Policy Agent (OPA) in Kubernetes environments. Gatekeeper allows to define policy as Kubernetes objects, making it easier to adopt policy-as-code practices in Kubernetes environments and sharing reusable policy templates.
In this demo we will explain how to set up Gatekeeper for Kubernetes environments. You’ll learn how to adopt policy-as-code techniques and how you can integrate Gatekeeper with your existing tools.
- 1 participant
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Dell Technologies - Real-Time Object Detection with Pravega and Flink
Speakers: David Adams
See a real time object detection application with streaming data built on Pravega and Apache Flink. It’s built with streaming data from enterprise-grade Dell EMC Streaming Data Platform with long term storage on the recently announced Kubernetes-based object storage, Dell EMC ObjectScale. The entire solution is deployed on vSphere with Tanzu on a single turnkey cloud solution, VMware Cloud Foundation on VxRail.
Sponsored Session: Dell Technologies - Real-Time Object Detection with Pravega and Flink
Speakers: David Adams
See a real time object detection application with streaming data built on Pravega and Apache Flink. It’s built with streaming data from enterprise-grade Dell EMC Streaming Data Platform with long term storage on the recently announced Kubernetes-based object storage, Dell EMC ObjectScale. The entire solution is deployed on vSphere with Tanzu on a single turnkey cloud solution, VMware Cloud Foundation on VxRail.
- 3 participants
- 15 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Dynatrace - Extending OpenTelemetry to Observability
Speakers: Daniel Kaar
OpenTelemetry has delivered significant advancements in application instrumentation. It also powers new capabilities like observability which enables developers and operations teams to get more complete insights into applications and infrastructure. Despite OpenTelemetry’s advantages, it is a piece of the larger observability puzzle. This session will discuss how you can augment OpenTelemetry with automation, analytics and AI to identify and resolve problems faster. The session will center on a demo where we will highlight a real-world case study and focus on the challenges associated with large scale and complex environments. We will show how you can gain deep insights into root cause analysis with a few clicks using OpenTelemetry data.
Sponsored Session: Dynatrace - Extending OpenTelemetry to Observability
Speakers: Daniel Kaar
OpenTelemetry has delivered significant advancements in application instrumentation. It also powers new capabilities like observability which enables developers and operations teams to get more complete insights into applications and infrastructure. Despite OpenTelemetry’s advantages, it is a piece of the larger observability puzzle. This session will discuss how you can augment OpenTelemetry with automation, analytics and AI to identify and resolve problems faster. The session will center on a demo where we will highlight a real-world case study and focus on the challenges associated with large scale and complex environments. We will show how you can gain deep insights into root cause analysis with a few clicks using OpenTelemetry data.
- 1 participant
- 15 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Elastic - Autoscaled K8s Observability with the Elastic Operator
Speakers: Michael Morello
Ensuring the observability of all the dynamic components in a containerized ecosystem can be a challenge. As the number of pods and services in your environment increases, you need observability tools that can scale with you. Your observability tool has to not only collect logs, metrics, and application performance data but also allow engineers to derive actionable insights as soon as issues with services occur.
In this session, you will learn how to deploy Elastic Cloud on Kubernetes and use the power of built-in autoscaling to seamlessly scale out as you continuously collect and store more observability data for diagnosing, debugging, and resolving issues in your applications.
Sponsored Session: Elastic - Autoscaled K8s Observability with the Elastic Operator
Speakers: Michael Morello
Ensuring the observability of all the dynamic components in a containerized ecosystem can be a challenge. As the number of pods and services in your environment increases, you need observability tools that can scale with you. Your observability tool has to not only collect logs, metrics, and application performance data but also allow engineers to derive actionable insights as soon as issues with services occur.
In this session, you will learn how to deploy Elastic Cloud on Kubernetes and use the power of built-in autoscaling to seamlessly scale out as you continuously collect and store more observability data for diagnosing, debugging, and resolving issues in your applications.
- 1 participant
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Google Cloud - Multi-cluster, Blue-green Traffic Splitting with the Gateway API
Speakers: Mark Church
The Gateway API is an open source SIG-Network project that is evolving the Kubernetes Ingress specification, making it a much more capable and role-oriented API. This demo will show how to use the Gateway API and its support for weights and HTTP header matching to shift multi-cluster ingress traffic across different Kubernetes clusters. This kind of traffic management enables much safer blue-green, multi-cluster deployments for less risk and more stability in multi-cluster environments.
Sponsored Session: Google Cloud - Multi-cluster, Blue-green Traffic Splitting with the Gateway API
Speakers: Mark Church
The Gateway API is an open source SIG-Network project that is evolving the Kubernetes Ingress specification, making it a much more capable and role-oriented API. This demo will show how to use the Gateway API and its support for weights and HTTP header matching to shift multi-cluster ingress traffic across different Kubernetes clusters. This kind of traffic management enables much safer blue-green, multi-cluster deployments for less risk and more stability in multi-cluster environments.
- 1 participant
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: HAProxy Technologies - Benchmarking 5 Popular Ingress Controllers
Speakers: Daniel Corbett
Performance has never been more important than in a cloud-native world. Cloud-hosted resources cost money and a slow-loading application can cause a suboptimal ROI. Have you taken the time to tune your Kubernetes ingress controller and proxy? Many organizations don't until it's absolutely necessary, and most users will typically run a default, out-of-the-box configuration.
In this demo, we benchmark five popular ingress controllers and put them head-to-head against each other with their default configurations:
• Envoy
• HAProxy
• NGINX
• NGINX Inc.
• Traefik
We measure their average requests per second, latency percentiles, and user-level CPU usage; We monitor for any errors that are produced in order to go beyond performance and test reliability. You can verify the results yourself by downloading the GitHub repository and reproducing our tests. Who will come out on top? Watch the demo to find out!
In this demo, we benchmark five popular ingress controllers and put them head-to-head against each other with their default configurations: Envoy, HAProxy, NGINX, NGINX Inc., and Traefik.
Sponsored Session: HAProxy Technologies - Benchmarking 5 Popular Ingress Controllers
Speakers: Daniel Corbett
Performance has never been more important than in a cloud-native world. Cloud-hosted resources cost money and a slow-loading application can cause a suboptimal ROI. Have you taken the time to tune your Kubernetes ingress controller and proxy? Many organizations don't until it's absolutely necessary, and most users will typically run a default, out-of-the-box configuration.
In this demo, we benchmark five popular ingress controllers and put them head-to-head against each other with their default configurations:
• Envoy
• HAProxy
• NGINX
• NGINX Inc.
• Traefik
We measure their average requests per second, latency percentiles, and user-level CPU usage; We monitor for any errors that are produced in order to go beyond performance and test reliability. You can verify the results yourself by downloading the GitHub repository and reproducing our tests. Who will come out on top? Watch the demo to find out!
In this demo, we benchmark five popular ingress controllers and put them head-to-head against each other with their default configurations: Envoy, HAProxy, NGINX, NGINX Inc., and Traefik.
- 1 participant
- 9 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: HPE - Kubernetes and the HPE Ezmeral Container Platform
Speakers: Don Wake
Use your favorite CNCF certified open source Kubernetes tools on your own systems utilizing the HPE Ezmeral Container Platform plug-in to manage and monitor multiple Kubernetes clusters. In addition, see a walk-through of the WebUI that provides a point-and-click interface for importing compute and storage resources into your Kubernetes clusters and create multiple namespaces (tenants).
Sponsored Session: HPE - Kubernetes and the HPE Ezmeral Container Platform
Speakers: Don Wake
Use your favorite CNCF certified open source Kubernetes tools on your own systems utilizing the HPE Ezmeral Container Platform plug-in to manage and monitor multiple Kubernetes clusters. In addition, see a walk-through of the WebUI that provides a point-and-click interface for importing compute and storage resources into your Kubernetes clusters and create multiple namespaces (tenants).
- 1 participant
- 9 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Huawei - Zero Change Transitioning to Multi-Cloud Architecture
Speakers: Hongcai Ren
Multi-cloud has become the dominant enterprise strategy, but cloud-native multi-cloud is challenging: cumbersome and repetitive setup due to too many clusters, fragmentation of workloads, limited by boundary of clusters etc.
In this presentation, Hongcai will demo how to use kubernetes native api and a set of attached policies to manage workloads across clouds with automatic HA spreading, fault-migration enabled.
Sponsored Session: Huawei - Zero Change Transitioning to Multi-Cloud Architecture
Speakers: Hongcai Ren
Multi-cloud has become the dominant enterprise strategy, but cloud-native multi-cloud is challenging: cumbersome and repetitive setup due to too many clusters, fragmentation of workloads, limited by boundary of clusters etc.
In this presentation, Hongcai will demo how to use kubernetes native api and a set of attached policies to manage workloads across clouds with automatic HA spreading, fault-migration enabled.
- 1 participant
- 12 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Intel - Cloud Native Solutions are Fueling a Telecom Revolution
Speakers: Rajesh Gadiyar
The increasing adoption of microservices and container-orchestration technology offers enormous benefits in software reuse, deployment velocity, and scale. This cloud native architecture is helping fuel a revolution that provides reduced costs, lower latency, increased bandwidth, and enhanced flexibility for 5G and edge cloud deployments.
These benefits, however, come with new challenges to deliver end-to-end quality of service, security, and multi-edge/multi-cloud deployments. In this session Rajesh Gadiyar shares his insights about how we’ve collaborated as a CNCF community to meet these challenges by examining a few examples of real-world solutions.
Sponsored Session: Intel - Cloud Native Solutions are Fueling a Telecom Revolution
Speakers: Rajesh Gadiyar
The increasing adoption of microservices and container-orchestration technology offers enormous benefits in software reuse, deployment velocity, and scale. This cloud native architecture is helping fuel a revolution that provides reduced costs, lower latency, increased bandwidth, and enhanced flexibility for 5G and edge cloud deployments.
These benefits, however, come with new challenges to deliver end-to-end quality of service, security, and multi-edge/multi-cloud deployments. In this session Rajesh Gadiyar shares his insights about how we’ve collaborated as a CNCF community to meet these challenges by examining a few examples of real-world solutions.
- 1 participant
- 15 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Kasten - Introducing Kubestr: Identify, Validate, and Evaluate Storage in Kubernetes
Speakers: Michael Cade
As the adoption of Kubernetes grows, so has the persistent storage offerings that are available to users. The introduction of CSI (Container Storage Interface) has enabled storage providers to develop drivers with ease. There are around 100 different CSI drivers available today. Along with the existing in-tree providers, these options can make choosing the right storage overwhelming.
Kubestr is a collection of tools to identify, validate, and evaluate your Kubernetes storage options. Kubestr can assist in the following ways: identify the various storage options present in a cluster, validate if the storage options are configured correctly, and evaluate the storage using common benchmarking tools like FIO.
Sponsored Session: Kasten - Introducing Kubestr: Identify, Validate, and Evaluate Storage in Kubernetes
Speakers: Michael Cade
As the adoption of Kubernetes grows, so has the persistent storage offerings that are available to users. The introduction of CSI (Container Storage Interface) has enabled storage providers to develop drivers with ease. There are around 100 different CSI drivers available today. Along with the existing in-tree providers, these options can make choosing the right storage overwhelming.
Kubestr is a collection of tools to identify, validate, and evaluate your Kubernetes storage options. Kubestr can assist in the following ways: identify the various storage options present in a cluster, validate if the storage options are configured correctly, and evaluate the storage using common benchmarking tools like FIO.
- 1 participant
- 16 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Kubermatic - Fighting the Final Boss: Complex Multi-site Multi-cluster App Deployments
Speakers: Sascha Haase
With the rise of Kubernetes’ popularity across various use-cases, including edge computing, IoT, 5G, or AI/ML, single-cluster Kubernetes deployments are increasingly becoming an exception rather than the norm. As the number of clusters increases, the management of these clusters and the applications running in them quickly becomes the operators’ final boss.
In this tutorial, we will show you how you can master this challenge with open source platforms developed by Kubermatic: Kubermatic Kubernetes Platform for multi-cluster infrastructure management and KubeCarrier for multi-cluster application deployment and management.
Come and learn how you can use these tools to master the final boss and automate the full lifecycle of complex multi-cluster solutions consisting of applications spread across multiple Kubernetes clusters.
Sponsored Session: Kubermatic - Fighting the Final Boss: Complex Multi-site Multi-cluster App Deployments
Speakers: Sascha Haase
With the rise of Kubernetes’ popularity across various use-cases, including edge computing, IoT, 5G, or AI/ML, single-cluster Kubernetes deployments are increasingly becoming an exception rather than the norm. As the number of clusters increases, the management of these clusters and the applications running in them quickly becomes the operators’ final boss.
In this tutorial, we will show you how you can master this challenge with open source platforms developed by Kubermatic: Kubermatic Kubernetes Platform for multi-cluster infrastructure management and KubeCarrier for multi-cluster application deployment and management.
Come and learn how you can use these tools to master the final boss and automate the full lifecycle of complex multi-cluster solutions consisting of applications spread across multiple Kubernetes clusters.
- 1 participant
- 15 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Microsoft Azure - Kubernetes Ecosystem in Azure
Speakers: Sean KcKenna
Leverage the best of the Kubernetes ecosystem in Azure, with policy, service mesh, secrets management, and gitops.
Sponsored Session: Microsoft Azure - Kubernetes Ecosystem in Azure
Speakers: Sean KcKenna
Leverage the best of the Kubernetes ecosystem in Azure, with policy, service mesh, secrets management, and gitops.
- 1 participant
- 13 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Mirantis - Introducing K0s 0.13 and kosctl
Speakers: Miska Kaipiainen
K0s (k0sproject.io/https://github.com/k0sproject) is a single-binary Kubernetes distribution engineered to make Kubernetes frictionless. It installs with a single command and runs on (almost) any Linux, on i86 and arm6/7 hardware, on Raspberry Pis, VMs, or datacenter bare metal. In this session, we'll demo k0s 0.13, which uses kube-router as CNI (released on Friday, April 9). We'll show native (i.e., one-command) deployment, and more sophisticated deployments using the open-source, community-developed 'kosctl' management framework.
Sponsored Session: Mirantis - Introducing K0s 0.13 and kosctl
Speakers: Miska Kaipiainen
K0s (k0sproject.io/https://github.com/k0sproject) is a single-binary Kubernetes distribution engineered to make Kubernetes frictionless. It installs with a single command and runs on (almost) any Linux, on i86 and arm6/7 hardware, on Raspberry Pis, VMs, or datacenter bare metal. In this session, we'll demo k0s 0.13, which uses kube-router as CNI (released on Friday, April 9). We'll show native (i.e., one-command) deployment, and more sophisticated deployments using the open-source, community-developed 'kosctl' management framework.
- 1 participant
- 6 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: NetApp - Cloud Native Application-aware Data Management in multi-cloud
Speakers: Jaimon George, Diane Patton
In this session, you’ll learn about how to address application data management challenges that enterprises of all sizes adopting Kubernetes face today. Such challenges include protecting application data from accidental corruption, recovering applications from human-made or natural disasters, and being compliant with regulatory data residency needs when running and scaling your Kubernetes clusters in a multi-cloud environment.
We conclude this session with a demonstration that show how to:
Automate the backend storage configuration and provision persistent volumes when needed.
Manage your cloud native application and persistent data from multi-cloud Kubernetes clusters from a single pane of glass.
Easily snapshot, backup, clone and migrate applications with their data to another Kubernetes cluster.
Sponsored Session: NetApp - Cloud Native Application-aware Data Management in multi-cloud
Speakers: Jaimon George, Diane Patton
In this session, you’ll learn about how to address application data management challenges that enterprises of all sizes adopting Kubernetes face today. Such challenges include protecting application data from accidental corruption, recovering applications from human-made or natural disasters, and being compliant with regulatory data residency needs when running and scaling your Kubernetes clusters in a multi-cloud environment.
We conclude this session with a demonstration that show how to:
Automate the backend storage configuration and provision persistent volumes when needed.
Manage your cloud native application and persistent data from multi-cloud Kubernetes clusters from a single pane of glass.
Easily snapshot, backup, clone and migrate applications with their data to another Kubernetes cluster.
- 2 participants
- 12 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: New Relic - Flexible, Open and Easy Observability for Developers
Speakers: Zain Asgar, Michelle Nguyen
At New Relic, we believe that observability will be open, painless, and a part of every developer’s workflow. Observability should work out-of-the-box, be on by default, and utilize open standards like Open Telemetry. As part of this vision, we are making a bold bet by Open Sourcing Pixie, a Kubernetes native in-cluster observability platform that uses eBPF to automatically capture service level requests and metrics without any manual instrumentation. Furthermore, Pixie includes a fully distributed data system allowing for unsampled visibility into all the data generated by your application. Pixie embraces OpenTelemetry for both ingress and egress, allowing easy vendor-agnostic integration.
Sponsored Session: New Relic - Flexible, Open and Easy Observability for Developers
Speakers: Zain Asgar, Michelle Nguyen
At New Relic, we believe that observability will be open, painless, and a part of every developer’s workflow. Observability should work out-of-the-box, be on by default, and utilize open standards like Open Telemetry. As part of this vision, we are making a bold bet by Open Sourcing Pixie, a Kubernetes native in-cluster observability platform that uses eBPF to automatically capture service level requests and metrics without any manual instrumentation. Furthermore, Pixie includes a fully distributed data system allowing for unsampled visibility into all the data generated by your application. Pixie embraces OpenTelemetry for both ingress and egress, allowing easy vendor-agnostic integration.
- 2 participants
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Rancher - Longhorn for Your Edge Deployments
Speakers: Joshua Moody
Longhorn is an Open Source Cloud-Native distributed block storage engine built on and for Kubernetes that provides persistent storage support for any Kubernetes cluster with a one-click installation. In today's demo Joshua Moody from SUSE will demonstrate how to use Longhorns persistent storage for your edge deployments. We will use Ranchers K3s to manage and deploy Longhorn into our edge cluster consisting of a couple Raspberry Pi worker nodes which act as our data collectors as well as a randomly chosen Raspberry Pi that acts as our data aggregator. We will utilize Longhorns data redundancy and fail over mechanisms to demonstrate a failure and recovery of the data aggregator.
Sponsored Session: Rancher - Longhorn for Your Edge Deployments
Speakers: Joshua Moody
Longhorn is an Open Source Cloud-Native distributed block storage engine built on and for Kubernetes that provides persistent storage support for any Kubernetes cluster with a one-click installation. In today's demo Joshua Moody from SUSE will demonstrate how to use Longhorns persistent storage for your edge deployments. We will use Ranchers K3s to manage and deploy Longhorn into our edge cluster consisting of a couple Raspberry Pi worker nodes which act as our data collectors as well as a randomly chosen Raspberry Pi that acts as our data aggregator. We will utilize Longhorns data redundancy and fail over mechanisms to demonstrate a failure and recovery of the data aggregator.
- 1 participant
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Red Hat - Mass Migrate VMs to Kubernetes and Move Containers across Clusters at Scale
Speakers: Miguel Pérez Colino, Fabien Dupont, John Matthews
See a demo for 2 of the 5 open-source tools that are part of the konveyor.io community. You'll see how you can mass migrate virtual machines to KubeVirt, how you can move containers across clusters – specifically OpenShift 3.11 to the latest version, a look into the other use cases the Konveyor community has developed tools for, and the new capabilities that will be developed.
Sponsored Session: Red Hat - Mass Migrate VMs to Kubernetes and Move Containers across Clusters at Scale
Speakers: Miguel Pérez Colino, Fabien Dupont, John Matthews
See a demo for 2 of the 5 open-source tools that are part of the konveyor.io community. You'll see how you can mass migrate virtual machines to KubeVirt, how you can move containers across clusters – specifically OpenShift 3.11 to the latest version, a look into the other use cases the Konveyor community has developed tools for, and the new capabilities that will be developed.
- 3 participants
- 16 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Red Hat - Use Kubernetes-native Integrated GitOps CI/CD Workflows
Speakers: Christian Hernandez
In this demo, Christian Hernandez, Technical Marketing Manager at Red Hat, will review how to build a GitOps workflow using Kubernetes-native CI/CD tools Tekton and ArgoCD all within an OpenShift deployment. See how Operators integrate into your development pipeline to deliver a GitOps workflow.
Sponsored Session: Red Hat - Use Kubernetes-native Integrated GitOps CI/CD Workflows
Speakers: Christian Hernandez
In this demo, Christian Hernandez, Technical Marketing Manager at Red Hat, will review how to build a GitOps workflow using Kubernetes-native CI/CD tools Tekton and ArgoCD all within an OpenShift deployment. See how Operators integrate into your development pipeline to deliver a GitOps workflow.
- 1 participant
- 16 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Salesforce - Using Sloop for Monitoring Highly Available Services
Speakers: Sana Jawad, Hemanth Siddulugari
Kubernetes cluster’s state is ephemeral in nature and the workloads can run on any nodes or pods. There is a set of great tools available for visualizing “current” state of the cluster. But often times, live site incidents are mitigated and root cause analysis is left for later. This becomes particularly challenging for incidents that happen due to various K8s events since these events are only available for one hour on the cluster. After this, the only way to debug what happened is by correlating various logs and timelines from control plane, hence making it harder to root cause (increases MTRR). Sloop provides a one stop shop solution with a single pane of glass by showing historic view of cluster. In this demo, we will be sharing the top real incidents for which we found the root cause in a matter of minutes using Sloop.
Sponsored Session: Salesforce - Using Sloop for Monitoring Highly Available Services
Speakers: Sana Jawad, Hemanth Siddulugari
Kubernetes cluster’s state is ephemeral in nature and the workloads can run on any nodes or pods. There is a set of great tools available for visualizing “current” state of the cluster. But often times, live site incidents are mitigated and root cause analysis is left for later. This becomes particularly challenging for incidents that happen due to various K8s events since these events are only available for one hour on the cluster. After this, the only way to debug what happened is by correlating various logs and timelines from control plane, hence making it harder to root cause (increases MTRR). Sloop provides a one stop shop solution with a single pane of glass by showing historic view of cluster. In this demo, we will be sharing the top real incidents for which we found the root cause in a matter of minutes using Sloop.
- 2 participants
- 14 minutes
15 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: VMware - Automatically Turn Your Source Code into Scalable Microservices on Kubernetes
Speakers: Boskey Savla
Deploying and managing microservices on Kubernetes isn’t easy. You have to build the right dockerfile and container image and create various Kubernetes objects, like deployments, services, replicas, and horizontal pod autoscalers. And this is an iterative process with several testing and validation checkpoints along the way. Sound complex? It sure is.
In this demo, you’ll learn how to simplify and automate this with Cloud Native Buildpacks and Knative. Cloud Native Buildpacks figure out the language your code is written in, determine the best way to package the code, and build an OCI-compliant container image. And Knative takes that image and automatically generates the required configuration to create deployments, services, and automated pod scalers.
Sponsored Session: VMware - Automatically Turn Your Source Code into Scalable Microservices on Kubernetes
Speakers: Boskey Savla
Deploying and managing microservices on Kubernetes isn’t easy. You have to build the right dockerfile and container image and create various Kubernetes objects, like deployments, services, replicas, and horizontal pod autoscalers. And this is an iterative process with several testing and validation checkpoints along the way. Sound complex? It sure is.
In this demo, you’ll learn how to simplify and automate this with Cloud Native Buildpacks and Knative. Cloud Native Buildpacks figure out the language your code is written in, determine the best way to package the code, and build an OCI-compliant container image. And Knative takes that image and automatically generates the required configuration to create deployments, services, and automated pod scalers.
- 1 participant
- 9 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
"Extend All The Things!": Cloud Provider Edition - Joe Betz, Google
Kubernetes integrates with a ton of Cloud Provider platforms, and as part of the "Cloud Provider Extraction" effort, all platform integration code in the main Kubernetes code base is being moved out of into separate repos. To make this possible, extensibility points have been introduced that create interesting ways to extend Kubernetes, including Cloud Controller Managers, Credential Provider Extensions and the Konnectivity server and agent.
Learn the details from an engineer who helped bring the CRD and webhook extensibility mechanisms to GA, and who leads the adoption of extracted Cloud Providers at Google. How do these new extensibility points work? Why are they important? What can you do with them? We will discuss each extension point in detail, covering best practices learned as we migrated cloud providers to them.
The Cloud Provider abstraction delivers cross platform portability. We’ll close with details on how you (attn: tooling authors, cloud operators) can get involved with the community effort martialed by SIG Cloud Provider.
"Extend All The Things!": Cloud Provider Edition - Joe Betz, Google
Kubernetes integrates with a ton of Cloud Provider platforms, and as part of the "Cloud Provider Extraction" effort, all platform integration code in the main Kubernetes code base is being moved out of into separate repos. To make this possible, extensibility points have been introduced that create interesting ways to extend Kubernetes, including Cloud Controller Managers, Credential Provider Extensions and the Konnectivity server and agent.
Learn the details from an engineer who helped bring the CRD and webhook extensibility mechanisms to GA, and who leads the adoption of extracted Cloud Providers at Google. How do these new extensibility points work? Why are they important? What can you do with them? We will discuss each extension point in detail, covering best practices learned as we migrated cloud providers to them.
The Cloud Provider abstraction delivers cross platform portability. We’ll close with details on how you (attn: tooling authors, cloud operators) can get involved with the community effort martialed by SIG Cloud Provider.
- 1 participant
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
6 End Users and What They Love about Cloud Native - Cheryl Hung, Vice President, Ecosystem, Cloud Native Computing Foundation
6 End Users and What They Love about Cloud Native - Cheryl Hung, Vice President, Ecosystem, Cloud Native Computing Foundation
- 12 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
A Deep Dive on Supporting Multi-Instance GPUs in Containers and Kubernetes - Kevin Klues, NVIDIA
MIG (short for Multi-Instance GPU) is a mode of operation in the newest generation of NVIDIA Ampere GPUs. It allows one to partition a GPU into a set of "MIG Devices", each of which appears to the software consuming it as a mini-GPU, with a fixed partition of memory and compute resources. In this talk, we take a deep dive into the details of how we built support for MIG in containers and Kubernetes. You will learn how MIG is made available to containers, what challenges we faced building MIG support for Kubernetes, and how you can use it today. Everything we built is 100% open-source and part of the NVIDIA container toolkit stack and NVIDIA k8s-device-plugin. This talk will conclude with a discussion on best practices around how to distribute MIG devices throughout a Kubernetes cluster, including how to handle the lifecycle of MIG devices on a node.
A Deep Dive on Supporting Multi-Instance GPUs in Containers and Kubernetes - Kevin Klues, NVIDIA
MIG (short for Multi-Instance GPU) is a mode of operation in the newest generation of NVIDIA Ampere GPUs. It allows one to partition a GPU into a set of "MIG Devices", each of which appears to the software consuming it as a mini-GPU, with a fixed partition of memory and compute resources. In this talk, we take a deep dive into the details of how we built support for MIG in containers and Kubernetes. You will learn how MIG is made available to containers, what challenges we faced building MIG support for Kubernetes, and how you can use it today. Everything we built is 100% open-source and part of the NVIDIA container toolkit stack and NVIDIA k8s-device-plugin. This talk will conclude with a discussion on best practices around how to distribute MIG devices throughout a Kubernetes cluster, including how to handle the lifecycle of MIG devices on a node.
- 1 participant
- 32 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
A Pathway to CNCF Citizenship - via Communitybridge - Darshan Chaudhary & Ken Owens, Mastercard
In this session, we will share how you can use the importance of getting involved with the Community bridge internship program to start your contributor journey for the cncf projects. The speakers are Ken Owens, who mentored me on the internship and Darshan, the mentee in this program. Specifically, we will share how CB works, how to get selected etc. In the first half of the talk, Darshan will share the story from the mentee's point of view. He will discuss how he discovered the program, applied, and what the experience was after getting selected. Ken will share his story from the mentor's point of view. He will discuss how he vetted the candidates, what the mentors look out for in the applicants and finally , his experience providing mentorship during the course of the internship and beyond, and the value CB has on the enterprise. Hopefully you will be more encouraged to apply for community bridge after this talk!
A Pathway to CNCF Citizenship - via Communitybridge - Darshan Chaudhary & Ken Owens, Mastercard
In this session, we will share how you can use the importance of getting involved with the Community bridge internship program to start your contributor journey for the cncf projects. The speakers are Ken Owens, who mentored me on the internship and Darshan, the mentee in this program. Specifically, we will share how CB works, how to get selected etc. In the first half of the talk, Darshan will share the story from the mentee's point of view. He will discuss how he discovered the program, applied, and what the experience was after getting selected. Ken will share his story from the mentor's point of view. He will discuss how he vetted the candidates, what the mentors look out for in the applicants and finally , his experience providing mentorship during the course of the internship and beyond, and the value CB has on the enterprise. Hopefully you will be more encouraged to apply for community bridge after this talk!
- 2 participants
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Achieving the Tipping Point for Open-source Software: Making the Business Value Obvious for Upper Management - Joshua Grose, Splunk
Cloud-native has been taking the world by storm. However, I'm only a recent convert, having begun my tech career by selling against open-source software. As I began working with more complex organizations and applications, I started to see areas where OSS actually became a critical component to delivering an overall solution. Jeff Lawson, CEO of Twilio, has coined this as the "digital supply chain". And it makes sense, the advent of cloud-native development presented engineering teams with new challenges that many of their vendor-provided solutions just weren't prepared to overcome. Making matters worse, at many companies, management didn't have a grasp on the severity of this disconnect.
This is where open-source came in to fill the gaps that were created. Open-source software consumption and participation was on a tremendous upswing even prior to the pandemic, with studies showing that 68% of companies planned to use more OSS than in the previous year. Additionally, Github found that at the start of the shelter-in-place lockdowns, individual users created 40% more open-source projects than in previous periods. In spite of these data points, you're still facing scrutiny and being asked to provide business justification when evaluating OSS as a possible solution for your technical challenges.
This session will give you the inside scoop on how to position and align your OSS recommendation with business value so that all stakeholders hop on board. And for leaders, you'll see first-hand why OSS is preferrable in many instances, and a framework for how technology recommendations should be presented. As someone that has spent years convincing folks not to use OSS and then to definitely use it, I possess the real-world experience to show you what you're up against.
Achieving the Tipping Point for Open-source Software: Making the Business Value Obvious for Upper Management - Joshua Grose, Splunk
Cloud-native has been taking the world by storm. However, I'm only a recent convert, having begun my tech career by selling against open-source software. As I began working with more complex organizations and applications, I started to see areas where OSS actually became a critical component to delivering an overall solution. Jeff Lawson, CEO of Twilio, has coined this as the "digital supply chain". And it makes sense, the advent of cloud-native development presented engineering teams with new challenges that many of their vendor-provided solutions just weren't prepared to overcome. Making matters worse, at many companies, management didn't have a grasp on the severity of this disconnect.
This is where open-source came in to fill the gaps that were created. Open-source software consumption and participation was on a tremendous upswing even prior to the pandemic, with studies showing that 68% of companies planned to use more OSS than in the previous year. Additionally, Github found that at the start of the shelter-in-place lockdowns, individual users created 40% more open-source projects than in previous periods. In spite of these data points, you're still facing scrutiny and being asked to provide business justification when evaluating OSS as a possible solution for your technical challenges.
This session will give you the inside scoop on how to position and align your OSS recommendation with business value so that all stakeholders hop on board. And for leaders, you'll see first-hand why OSS is preferrable in many instances, and a framework for how technology recommendations should be presented. As someone that has spent years convincing folks not to use OSS and then to definitely use it, I possess the real-world experience to show you what you're up against.
- 1 participant
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Akri: Making IoT Devices Accessible to Your Edge Kubernetes Clusters - Kate Goldenring, Microsoft & Jiří Appl, Microsoft
As Kubernetes solutions move to the edge, nodes are taken out of the homogeneity of the cloud and put in environments surrounded by an array of IoT devices such as sensors and cameras. These devices are often too small to run Kubernetes, so how can they be dynamically leveraged by Kubernetes workloads? Akri is an extensible open-source Kubernetes-native project that aims to provide a solution. Akri provides an abstraction layer, removing the work of finding, utilizing, and monitoring the availability of IoT devices. We’ll dive into how Akri can discover IoT devices, advertise them as resources in your cluster, and then automatically deploy workloads to utilize those devices. Akri handles the dynamic appearance and disappearance of devices and automatically creates services, removing the need for an application to track the state of devices, pods, or nodes. Come learn about Akri and how it can be leveraged to build a more connected edge with Kubernetes!
Akri: Making IoT Devices Accessible to Your Edge Kubernetes Clusters - Kate Goldenring, Microsoft & Jiří Appl, Microsoft
As Kubernetes solutions move to the edge, nodes are taken out of the homogeneity of the cloud and put in environments surrounded by an array of IoT devices such as sensors and cameras. These devices are often too small to run Kubernetes, so how can they be dynamically leveraged by Kubernetes workloads? Akri is an extensible open-source Kubernetes-native project that aims to provide a solution. Akri provides an abstraction layer, removing the work of finding, utilizing, and monitoring the availability of IoT devices. We’ll dive into how Akri can discover IoT devices, advertise them as resources in your cluster, and then automatically deploy workloads to utilize those devices. Akri handles the dynamic appearance and disappearance of devices and automatically creates services, removing the need for an application to track the state of devices, pods, or nodes. Come learn about Akri and how it can be leveraged to build a more connected edge with Kubernetes!
- 2 participants
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
An Introduction to Cloud Native Security - Ash Narkar, Styra; Aradhna Chetal, TIAA & Andres Vega, VMware
Wonder about the security of CNCF projects? What about the state of security in cloud native? Security is not binary, it’s a practice of reducing risk. With fast-changing infrastructure and emerging best practices, there’s no simple, cookie-cutter solution. The Special Interest Group (SIG) Security is a group of security minded folx in the cloud native community. These awesome people are focused on improving security of cloud native projects & minimizing security gaps in cloud native adoption. In this session you will learn about our current and future projects, efforts, and how you can get involved in the future of cloud native security.
An Introduction to Cloud Native Security - Ash Narkar, Styra; Aradhna Chetal, TIAA & Andres Vega, VMware
Wonder about the security of CNCF projects? What about the state of security in cloud native? Security is not binary, it’s a practice of reducing risk. With fast-changing infrastructure and emerging best practices, there’s no simple, cookie-cutter solution. The Special Interest Group (SIG) Security is a group of security minded folx in the cloud native community. These awesome people are focused on improving security of cloud native projects & minimizing security gaps in cloud native adoption. In this session you will learn about our current and future projects, efforts, and how you can get involved in the future of cloud native security.
- 3 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
An Introduction to the Financial Services User Group - Scott Surovich, HSBC & Michael Lieberman
The Financial Services User Group is looking to increase collaboration with the technology community. Whether you are working in FinServ, a vendor or just interested in learning more about how financial institutions approach cloud native, come join us to find out more about the FSUG, what our goals are and how we plan to achieve them. Find out about the often unique challenges financial services organizations face in the cloud native space and how we are beginning to collaborate with the broader community including open source projects, vendors and our peers. We want to help solve the shared technology problems of financial services. FinServ has a reputation of not being open in the tech community. We hope through this introduction and the broader work of the FSUG to change that.
An Introduction to the Financial Services User Group - Scott Surovich, HSBC & Michael Lieberman
The Financial Services User Group is looking to increase collaboration with the technology community. Whether you are working in FinServ, a vendor or just interested in learning more about how financial institutions approach cloud native, come join us to find out more about the FSUG, what our goals are and how we plan to achieve them. Find out about the often unique challenges financial services organizations face in the cloud native space and how we are beginning to collaborate with the broader community including open source projects, vendors and our peers. We want to help solve the shared technology problems of financial services. FinServ has a reputation of not being open in the tech community. We hope through this introduction and the broader work of the FSUG to change that.
- 1 participant
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
App Delivery in Cloud Native: Where are We? What's Next? - Lei Zhang, Alibaba & Alois Reitbauer, Dynatrace
In 2021, there are more and more buzz around the CNCF landscape and it's getting overly complex! So, where are we now? Where are we heading to? In this session we walk through key trends we observed in cloud native application delivery ecosystem and illustrate major challenges we are facing. We will also demo practices tried to solve these issues based on real world case studies collected by SIG App Delivery, with projects available in open source community, for example, the full application delivery workflow from defining your application all the way to running it in production. Whether you are just about to start running applications on Kubernetes or want to improve your skills. This session will help you to identify what to consider when building app platforms, share good practices, compare different approaches and learn about key trends and quick tour through the CNCF ecosystem with a focus on delivering and running applications.
App Delivery in Cloud Native: Where are We? What's Next? - Lei Zhang, Alibaba & Alois Reitbauer, Dynatrace
In 2021, there are more and more buzz around the CNCF landscape and it's getting overly complex! So, where are we now? Where are we heading to? In this session we walk through key trends we observed in cloud native application delivery ecosystem and illustrate major challenges we are facing. We will also demo practices tried to solve these issues based on real world case studies collected by SIG App Delivery, with projects available in open source community, for example, the full application delivery workflow from defining your application all the way to running it in production. Whether you are just about to start running applications on Kubernetes or want to improve your skills. This session will help you to identify what to consider when building app platforms, share good practices, compare different approaches and learn about key trends and quick tour through the CNCF ecosystem with a focus on delivering and running applications.
- 2 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Application Autoscaling Made Easy With Kubernetes Event-Driven Autoscaling - Tom Kerkhove, Codit
Deploying applications to Kubernetes is one thing, but how do you scale them? Horizontal Pod Autoscalers to the rescue! But when you want to scale on external providers such as Kafka, Redis or another dependency it is not a walk in the park anymore. Enter Kubernetes Event-Driven Autoscaling (KEDA) which allows you to take your existing apps and easily configure how it should scale without having to worry about the magic! Using Kafka, Azure, AWS, GCP, Prometheus, etc? Don't worry, we've got your back! Join this talk to learn what KEDA is, how simple it is to get started and why it makes application autoscaling so easy!
Application Autoscaling Made Easy With Kubernetes Event-Driven Autoscaling - Tom Kerkhove, Codit
Deploying applications to Kubernetes is one thing, but how do you scale them? Horizontal Pod Autoscalers to the rescue! But when you want to scale on external providers such as Kafka, Redis or another dependency it is not a walk in the park anymore. Enter Kubernetes Event-Driven Autoscaling (KEDA) which allows you to take your existing apps and easily configure how it should scale without having to worry about the magic! Using Kafka, Azure, AWS, GCP, Prometheus, etc? Don't worry, we've got your back! Join this talk to learn what KEDA is, how simple it is to get started and why it makes application autoscaling so easy!
- 1 participant
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Automated Machine Learning Performance Evaluation - Alejandro Saucedo, The Institute for Ethical AI & Machine Learning
Overview Deployed production machine learning models come on different sizes, shapes and flavours when deployed in cloud native infrastructure - each with varying hardware (and software) requirements. Whether it is RAM, CPU, GPU or Disk Space, there won't be an optimal global configuration for all your models' training and inference. In this talk we will cover the motivations and concepts around general benchmarking in software, as well as the key nuanced requirements to leverage these concepts in machine learning systems. We will learn about the theory behind benchmarking specifically on machine learning models, as well as the parameters that need to be accounted for, including latency, throughput, spikes, performance percentiles, outliers, between others. We will dive into a hands on example, where we will benchmark a model across multiple parameters to identify optimal performance on a specific hardware using Argo, Kubernetes and Seldon Core.
Automated Machine Learning Performance Evaluation - Alejandro Saucedo, The Institute for Ethical AI & Machine Learning
Overview Deployed production machine learning models come on different sizes, shapes and flavours when deployed in cloud native infrastructure - each with varying hardware (and software) requirements. Whether it is RAM, CPU, GPU or Disk Space, there won't be an optimal global configuration for all your models' training and inference. In this talk we will cover the motivations and concepts around general benchmarking in software, as well as the key nuanced requirements to leverage these concepts in machine learning systems. We will learn about the theory behind benchmarking specifically on machine learning models, as well as the parameters that need to be accounted for, including latency, throughput, spikes, performance percentiles, outliers, between others. We will dive into a hands on example, where we will benchmark a model across multiple parameters to identify optimal performance on a specific hardware using Argo, Kubernetes and Seldon Core.
- 1 participant
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Automating Your Home with K3s and Home Assistant - Eddie Zaneski, Amazon Web Services & Jeff Billimek, The Home Depot
Hey Google, turn off all the lights. Hey Siri, set the thermostat to low. Alexa, restart the nginx deployment. You may have dreamt (or had nightmares) about automating your home and connecting all things smart together. You probably haven't longed for doing all of that on top of Kubernetes. In this session you'll learn why you should and the benefits of having a homelab running Kubernetes. With everyone spending more time at home there has never been a better time to grab an old PC or a few Raspberry Pi's and install K8s. Eddie and Jeff will share their journeys of deploying Home Assistant, open source home automation software, on top of K3s, a lightweight K8s distribution. They'll cover unique solutions like building Device Plugins and using Node Feature Discovery to use external USB antennas for wireless smart home protocols. Ending with tying all of it together with Helm and using Flux for CICD. If you're looking for a personal project to learn Kubernetes this session is for you.
Automating Your Home with K3s and Home Assistant - Eddie Zaneski, Amazon Web Services & Jeff Billimek, The Home Depot
Hey Google, turn off all the lights. Hey Siri, set the thermostat to low. Alexa, restart the nginx deployment. You may have dreamt (or had nightmares) about automating your home and connecting all things smart together. You probably haven't longed for doing all of that on top of Kubernetes. In this session you'll learn why you should and the benefits of having a homelab running Kubernetes. With everyone spending more time at home there has never been a better time to grab an old PC or a few Raspberry Pi's and install K8s. Eddie and Jeff will share their journeys of deploying Home Assistant, open source home automation software, on top of K3s, a lightweight K8s distribution. They'll cover unique solutions like building Device Plugins and using Node Feature Discovery to use external USB antennas for wireless smart home protocols. Ending with tying all of it together with Helm and using Flux for CICD. If you're looking for a personal project to learn Kubernetes this session is for you.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Battle of Black Friday: Proactively Autoscaling StockX - Mario Loria, Carta & Kyle Schrade, StockX
When we started our Kubernetes journey, manual responses to traffic spikes were the norm, causing significant brown-outs greatly impacting the customer experience. Graduating into an autoscaling implementation for both workloads and cluster nodes took time but yielded immense results. With this talk, we’ll explore how StockX has grown to solve these challenges operationally and developmentally, even enabling a proactive solution in addition to our reactive methods. Attendees will gain advanced clarity on autoscaling tools like the HorizontalPodAutoscaler and Cluster-Autoscaler, difficulties managing at scale, challenges in educating a rapidly growing team, and the unique intersection of e-commerce marketing events with infrastructure reliability efforts. Finally, we’ll announce an in-house tool we’re Open Sourcing to help aid others in their proactive autoscaling efforts!
Battle of Black Friday: Proactively Autoscaling StockX - Mario Loria, Carta & Kyle Schrade, StockX
When we started our Kubernetes journey, manual responses to traffic spikes were the norm, causing significant brown-outs greatly impacting the customer experience. Graduating into an autoscaling implementation for both workloads and cluster nodes took time but yielded immense results. With this talk, we’ll explore how StockX has grown to solve these challenges operationally and developmentally, even enabling a proactive solution in addition to our reactive methods. Attendees will gain advanced clarity on autoscaling tools like the HorizontalPodAutoscaler and Cluster-Autoscaler, difficulties managing at scale, challenges in educating a rapidly growing team, and the unique intersection of e-commerce marketing events with infrastructure reliability efforts. Finally, we’ll announce an in-house tool we’re Open Sourcing to help aid others in their proactive autoscaling efforts!
- 2 participants
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Better Scalability and More Isolation? The Cortex “Shuffle Sharding” Story - Tom Wilkie, Grafana Labs
Cortex is a horizontally-scalable, highly-available and multi-tenant Prometheus-compatible time series database. For many years it has been possible to scale Cortex clusters to hundreds of replicas. The relatively simple Dynamo-style replication relies on quorum consistency for reads and writes. As such, a dual-replica failure can lead to an outage for all tenants. To address this we implemented a technique called “Shuffle Sharding” in Cortex. Shuffle Sharding lets you automatically pick a random “replica set” for each tenant, allowing you to isolate tenants and reduce the chance of an outage. In this talk we’ll show you how shuffle sharding achieves better scalability and more isolation, both in theory and in practice. We’ll walk you through the design on both the read and write path of Cortex. Finally we’ll do a live demo of shuffle sharding and how you can “take out” multiple replicas without affecting all tenants.
Better Scalability and More Isolation? The Cortex “Shuffle Sharding” Story - Tom Wilkie, Grafana Labs
Cortex is a horizontally-scalable, highly-available and multi-tenant Prometheus-compatible time series database. For many years it has been possible to scale Cortex clusters to hundreds of replicas. The relatively simple Dynamo-style replication relies on quorum consistency for reads and writes. As such, a dual-replica failure can lead to an outage for all tenants. To address this we implemented a technique called “Shuffle Sharding” in Cortex. Shuffle Sharding lets you automatically pick a random “replica set” for each tenant, allowing you to isolate tenants and reduce the chance of an outage. In this talk we’ll show you how shuffle sharding achieves better scalability and more isolation, both in theory and in practice. We’ll walk you through the design on both the read and write path of Cortex. Finally we’ll do a live demo of shuffle sharding and how you can “take out” multiple replicas without affecting all tenants.
- 1 participant
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Build your Contributor Pipeline - Carolyn Van Slyck, Microsoft & Josh Berkus, Red Hat
Would you like to attract new contributors to your project and grow your contributor base? CNCF SIG Contributor Strategy has developed best practices to improve your contributor pipeline and can help you adapt them to your project's needs
Attract new contributors to your project with good first issues.
Create onboarding materials, such as a contributing guide and onboarding tutorial, to guide their first contribution towards success.
Improve the contributor experience, encouraging people to join your community and stick around after their first pull request.
Publish a contribution ladder so they see a path from new contributor to maintainer and other project roles.
Find a balance between your time commitments as a maintainer and helping new contributors.
Whether you are a new sandbox project or an established graduated projects like Kubernetes, you will come away with a realistic actionable way to sustainably grow your community.
Build your Contributor Pipeline - Carolyn Van Slyck, Microsoft & Josh Berkus, Red Hat
Would you like to attract new contributors to your project and grow your contributor base? CNCF SIG Contributor Strategy has developed best practices to improve your contributor pipeline and can help you adapt them to your project's needs
Attract new contributors to your project with good first issues.
Create onboarding materials, such as a contributing guide and onboarding tutorial, to guide their first contribution towards success.
Improve the contributor experience, encouraging people to join your community and stick around after their first pull request.
Publish a contribution ladder so they see a path from new contributor to maintainer and other project roles.
Find a balance between your time commitments as a maintainer and helping new contributors.
Whether you are a new sandbox project or an established graduated projects like Kubernetes, you will come away with a realistic actionable way to sustainably grow your community.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
BuildKit CLI for kubectl: A New Way to Build Container Images - Daniel Hiltgen & Patrick Devine, VMware
The Dockerfile is a tremendously popular format used to build container images. Various projects exist that focus on CI for Dockerfiles inside a kubernetes cluster, but what about developers and their inner loop? In this talk we’ll introduce a new CLI plugin optimized for developers which implements a familiar UX for building container images. It utilizes a powerful open source component called BuildKit to build Dockerfiles into images directly inside your Kubernetes cluster. When you build images, they are immediately available on the cluster for testing without requiring pushing to an external registry, providing an extremely efficient inner loop for development. The builder supports the two most popular container runtimes–containerd and dockerd–and will auto-detect the correct runtime in most cases. kubectl build -t myimage:latest -f Dockerfile .
BuildKit CLI for kubectl: A New Way to Build Container Images - Daniel Hiltgen & Patrick Devine, VMware
The Dockerfile is a tremendously popular format used to build container images. Various projects exist that focus on CI for Dockerfiles inside a kubernetes cluster, but what about developers and their inner loop? In this talk we’ll introduce a new CLI plugin optimized for developers which implements a familiar UX for building container images. It utilizes a powerful open source component called BuildKit to build Dockerfiles into images directly inside your Kubernetes cluster. When you build images, they are immediately available on the cluster for testing without requiring pushing to an external registry, providing an extremely efficient inner loop for development. The builder supports the two most popular container runtimes–containerd and dockerd–and will auto-detect the correct runtime in most cases. kubectl build -t myimage:latest -f Dockerfile .
- 2 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Building MLOps POCs and Sandbox Environments Using k3s and Argo - Sergio Mendez, Universidad San Carlos de Guatemala
This talk presents the challenges that corporations have when they evaluate technologies for data pipelines automation or for MLOps workflows, this includes processes like ETL, ML model generation and ML model deployments. At the same time, this talk shows how open source technologies can help to reduce implementation time and infrastructure costs for MLOps systems. The talk also presents the advantages of using k3s as a lightweight Kubernetes for POCs, the lessons learned at work when trying to implement MLOps using Scikit Learn for ML Models and Apache Spark for ETL processes. As a complement for k3s the talk describes how Argo can replace or complement pipelines designed with Apache Airflow and how these types of technologies prepare companies for Edge Computing. At the end of the session the speaker presents a short demo showing a basic MLOps workflow implementation using k3s and Argo and showing how k3s and Argo interact with each other to deploy ML models ready to be used.
Building MLOps POCs and Sandbox Environments Using k3s and Argo - Sergio Mendez, Universidad San Carlos de Guatemala
This talk presents the challenges that corporations have when they evaluate technologies for data pipelines automation or for MLOps workflows, this includes processes like ETL, ML model generation and ML model deployments. At the same time, this talk shows how open source technologies can help to reduce implementation time and infrastructure costs for MLOps systems. The talk also presents the advantages of using k3s as a lightweight Kubernetes for POCs, the lessons learned at work when trying to implement MLOps using Scikit Learn for ML Models and Apache Spark for ETL processes. As a complement for k3s the talk describes how Argo can replace or complement pipelines designed with Apache Airflow and how these types of technologies prepare companies for Edge Computing. At the end of the session the speaker presents a short demo showing a basic MLOps workflow implementation using k3s and Argo and showing how k3s and Argo interact with each other to deploy ML models ready to be used.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Building a Community: How Cortex Went from a Vendor Project to a Community - Goutham Veeramachaneni, Grafana Labs
In 2018, Cortex was largely vendor-driven, and almost no one other than maintainers could run it. Its docs were lacking; you had to read the code instead. While that might be acceptable for a new project, it's not for wide adoption. Over the last few years, since joining the CNCF, we have put a focus on building a vibrant community. It was a long and arduous journey, but we're very happy with the healthy community we have today, with maintainers from 5 different companies and a 5x increase in activity on the Cortex Slack and GitHub! While our _public_ adopters document lists more than 15 companies, with several providing Cortex as a service, we have a lot more companies running it, from international banks and Fortune 50 enterprises to small startups. In this talk, we will walk through the key changes we made and how our philosophy on community-building helped us thrive and led to fruitful collaboration with sibling projects Thanos and Prometheus.
Building a Community: How Cortex Went from a Vendor Project to a Community - Goutham Veeramachaneni, Grafana Labs
In 2018, Cortex was largely vendor-driven, and almost no one other than maintainers could run it. Its docs were lacking; you had to read the code instead. While that might be acceptable for a new project, it's not for wide adoption. Over the last few years, since joining the CNCF, we have put a focus on building a vibrant community. It was a long and arduous journey, but we're very happy with the healthy community we have today, with maintainers from 5 different companies and a 5x increase in activity on the Cortex Slack and GitHub! While our _public_ adopters document lists more than 15 companies, with several providing Cortex as a service, we have a lot more companies running it, from international banks and Fortune 50 enterprises to small startups. In this talk, we will walk through the key changes we made and how our philosophy on community-building helped us thrive and led to fruitful collaboration with sibling projects Thanos and Prometheus.
- 1 participant
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Building a Portable Kubernetes Deployment Pipeline with Argo Workflows and Events - Thomas Meadows, Jetstack & Ollie Young, Improbable
In this session, Jetstack and Improbable will uncover the key learnings from building a Kubernetes based platform, driven by Argo workflows and events. Featuring discussion on the platform's strong data aggregation and the ability to deploy on any estate (including air-gapped facilities), this session will investigate the problems and benefits of using Argo and Kubernetes as the key ingredients towards the goal of a holistic approach to portable platforms. The technical content of the presentation will cover: - A general overview of why Argo Workflows and Events were selected - Best practice when building a cloud native platform to work across multi-cloud environments - Rationale for rejecting the typical CI/CD model in favour of a custom solution - Techniques for isolating workflows in multi-tenanted environments - Running Terraform in Argo - Ephemeral environments and managing highly scalable cluster configurations - Platform portability and being infrastructure agnostic
Building a Portable Kubernetes Deployment Pipeline with Argo Workflows and Events - Thomas Meadows, Jetstack & Ollie Young, Improbable
In this session, Jetstack and Improbable will uncover the key learnings from building a Kubernetes based platform, driven by Argo workflows and events. Featuring discussion on the platform's strong data aggregation and the ability to deploy on any estate (including air-gapped facilities), this session will investigate the problems and benefits of using Argo and Kubernetes as the key ingredients towards the goal of a holistic approach to portable platforms. The technical content of the presentation will cover: - A general overview of why Argo Workflows and Events were selected - Best practice when building a cloud native platform to work across multi-cloud environments - Rationale for rejecting the typical CI/CD model in favour of a custom solution - Techniques for isolating workflows in multi-tenanted environments - Running Terraform in Argo - Ephemeral environments and managing highly scalable cluster configurations - Platform portability and being infrastructure agnostic
- 2 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Building and Managing a Centralized ML Platform with Kubeflow at CERN - Ricardo Rocha & Dejan Golubovic, CERN
CERN’s main mission is to expand human knowledge trying to understand the nature of the universe, and machine learning has been growing as a solution for challenges in different areas of development and operations. Areas where ML is being looked at include particle classification using graph neural networks during reconstruction, 3DGANs for much faster generation of simulation data, or reinforced learning for beam calibration. This session presents a recently introduced centralized service covering most use cases, handling data preparation, model training and serving. How it tries to improve resource usage (especially important when handling scarce resources such as accelerators) by offering different resource types (GPU, vGPU, TPU) for each use case. The session will also describe our journey with Kubeflow, the machine learning platform running on top of Kubernetes, and how we integrated on-premises resources and the different possibilities being looked at to extend to public clouds.
Building and Managing a Centralized ML Platform with Kubeflow at CERN - Ricardo Rocha & Dejan Golubovic, CERN
CERN’s main mission is to expand human knowledge trying to understand the nature of the universe, and machine learning has been growing as a solution for challenges in different areas of development and operations. Areas where ML is being looked at include particle classification using graph neural networks during reconstruction, 3DGANs for much faster generation of simulation data, or reinforced learning for beam calibration. This session presents a recently introduced centralized service covering most use cases, handling data preparation, model training and serving. How it tries to improve resource usage (especially important when handling scarce resources such as accelerators) by offering different resource types (GPU, vGPU, TPU) for each use case. The session will also describe our journey with Kubeflow, the machine learning platform running on top of Kubernetes, and how we integrated on-premises resources and the different possibilities being looked at to extend to public clouds.
- 2 participants
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Building the Multi-Cluster Data Layer - Chirag Narang, Yugabyte
Getting the data layer right is critical to building a cloud-native application. The global accessibility of persistent data across multi-cluster Kubernetes environments is the biggest challenge for building stateful workloads. As organizations rush to scale their infrastructure on multi-cluster Kubernetes, they often struggle with database deployments. Many traditional databases have not worked at the scale needed; either they are not horizontally scalable or highly available and do not provide strong consistency across multiple clusters. We’re here to show you that it’s easy to deploy a distributed database across multiple clusters. In this talk, join Chirag Narang, Product Manager from YugabyteDB to learn: Cross cluster deployment challenges in distributed databases How practitioners can adopt a service mesh to run a distributed SQL database across clusters How to solve global consistency, scalability, high availability, and geo-distribution challenges with YugabyteDB
Building the Multi-Cluster Data Layer - Chirag Narang, Yugabyte
Getting the data layer right is critical to building a cloud-native application. The global accessibility of persistent data across multi-cluster Kubernetes environments is the biggest challenge for building stateful workloads. As organizations rush to scale their infrastructure on multi-cluster Kubernetes, they often struggle with database deployments. Many traditional databases have not worked at the scale needed; either they are not horizontally scalable or highly available and do not provide strong consistency across multiple clusters. We’re here to show you that it’s easy to deploy a distributed database across multiple clusters. In this talk, join Chirag Narang, Product Manager from YugabyteDB to learn: Cross cluster deployment challenges in distributed databases How practitioners can adopt a service mesh to run a distributed SQL database across clusters How to solve global consistency, scalability, high availability, and geo-distribution challenges with YugabyteDB
- 2 participants
- 32 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CERN's 1500 Drupal Websites on Kubernetes: Sailing With Operators - Konstantinos Samaras-Tsakiris & Rajula Vineet Reddy, CERN
Follow the learning journey of junior developers towards a Kubernetes-native SaaS and hopefully get some ideas for your next (or first!) design. This talk is the development chronicle of a service provisioning Drupal websites that are CERN's public face, to replace the ageing physical infrastructure and reduce dependency on homebrew components. The presenters give their junior engineer's perspective, thrust into a world of Microservices, Observability and Operators. They will walk you through the design implementing the specific requirements of a service that targets varied user groups and is supported by a small team of engineers. Contrary to the old website management system that was a standalone application, now Operators play this role, leveraging Kubernetes as a common API to control different kinds of resources.
CERN's 1500 Drupal Websites on Kubernetes: Sailing With Operators - Konstantinos Samaras-Tsakiris & Rajula Vineet Reddy, CERN
Follow the learning journey of junior developers towards a Kubernetes-native SaaS and hopefully get some ideas for your next (or first!) design. This talk is the development chronicle of a service provisioning Drupal websites that are CERN's public face, to replace the ageing physical infrastructure and reduce dependency on homebrew components. The presenters give their junior engineer's perspective, thrust into a world of Microservices, Observability and Operators. They will walk you through the design implementing the specific requirements of a service that targets varied user groups and is supported by a small team of engineers. Contrary to the old website management system that was a standalone application, now Operators play this role, leveraging Kubernetes as a common API to control different kinds of resources.
- 2 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Native Network Function (CNF) WG: K8s Best Practices for Telco Apps - Taylor Carpenter, Vulk Coop & Bill Mulligan, Cloud Native Computing Foundation
The Cloud Native Network Function (CNF) Working Group is focused on identifying cloud native best practices for networking applications in order to help CNF Developers and telco operators best utilize the capabilities of Kubernetes. In the session, attendees will get an overview of the working group, updates since its kick-off at KubeCon NA 2020, what’s next, and how to get involved. Ready to get started now? Join the CNF WG mailing list at https://lists.cncf.io/g/cnf-wg or talk to us in the #cnf-wg channel of the CNCF Slack. Recordings of previous CNF WG meetings are available at https://youtube.com/playlist?list=PLj6h78yzYM2PyMYvw5wiH01hthFb0qrOn.
Cloud Native Network Function (CNF) WG: K8s Best Practices for Telco Apps - Taylor Carpenter, Vulk Coop & Bill Mulligan, Cloud Native Computing Foundation
The Cloud Native Network Function (CNF) Working Group is focused on identifying cloud native best practices for networking applications in order to help CNF Developers and telco operators best utilize the capabilities of Kubernetes. In the session, attendees will get an overview of the working group, updates since its kick-off at KubeCon NA 2020, what’s next, and how to get involved. Ready to get started now? Join the CNF WG mailing list at https://lists.cncf.io/g/cnf-wg or talk to us in the #cnf-wg channel of the CNCF Slack. Recordings of previous CNF WG meetings are available at https://youtube.com/playlist?list=PLj6h78yzYM2PyMYvw5wiH01hthFb0qrOn.
- 1 participant
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CNCF - SIG Network Intro and Deep Dive - Lee Calcote, Layer5 & Ken Owens, Fiserv
“It’s the network!” is the cry of every system administrator, every developer. With the increased prevalence of microservice-based distributed systems, it’s true - networking as a discipline has never been more critical in the efficient operation of cloud native deployments. Networking primitives, including load balancing, observability, authentication, authorization, policy, rate limiting, QoS, mesh networks, legacy infrastructure bridging, and so on are now receiving substantial development and investment throughout the industry and are the subject of focus of the CNCF Network SIG.
CNCF - SIG Network Intro and Deep Dive - Lee Calcote, Layer5 & Ken Owens, Fiserv
“It’s the network!” is the cry of every system administrator, every developer. With the increased prevalence of microservice-based distributed systems, it’s true - networking as a discipline has never been more critical in the efficient operation of cloud native deployments. Networking primitives, including load balancing, observability, authentication, authorization, policy, rate limiting, QoS, mesh networks, legacy infrastructure bridging, and so on are now receiving substantial development and investment throughout the industry and are the subject of focus of the CNCF Network SIG.
- 2 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CNCF End User Partner Summit (RSVP Required)
The CNCF End User Partner Summit, hosted by Cheryl Hung and Katie Gamanji, will bring together cloud native users to share best practices and lessons learned. Our 40 minutes together will include a panel discussion with General Manager of CNCF, Priyanka Sharma, Chris Aniszczyk (CTO, CNCF), Liz Rice (Chair, CNCF TOC), and Ricardo Rocha (Computing Engineer, CERN and CNCF TOC Member). Join us for an engaging conversation centering on strategy, vision, and how to best navigate and contribute to the cloud native community!
In order to participate, your organization must be a member of the CNCF End User Community.
CNCF End User Partner Summit (RSVP Required)
The CNCF End User Partner Summit, hosted by Cheryl Hung and Katie Gamanji, will bring together cloud native users to share best practices and lessons learned. Our 40 minutes together will include a panel discussion with General Manager of CNCF, Priyanka Sharma, Chris Aniszczyk (CTO, CNCF), Liz Rice (Chair, CNCF TOC), and Ricardo Rocha (Computing Engineer, CERN and CNCF TOC Member). Join us for an engaging conversation centering on strategy, vision, and how to best navigate and contribute to the cloud native community!
In order to participate, your organization must be a member of the CNCF End User Community.
- 7 participants
- 45 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CNCF SIG Observability Updates - Bartlomiej Płotka, Red Hat, Richard Hartmann, Grafana Labs & Simone Ferlin, Ericsson
The CNCF SIG Observability started in Summer 2020 to gather contributors and users from different areas passionate about Observability topics. During this talk, we will be giving an overview of work done, work to come, and areas where you can get involved and help. Consisting of open source project maintainers, standards authors, end-users, and more, we cover a wide range of experience and invite you to join us as well! Help us make the CNCF Observability space better, diverse, and more approachable!
CNCF SIG Observability Updates - Bartlomiej Płotka, Red Hat, Richard Hartmann, Grafana Labs & Simone Ferlin, Ericsson
The CNCF SIG Observability started in Summer 2020 to gather contributors and users from different areas passionate about Observability topics. During this talk, we will be giving an overview of work done, work to come, and areas where you can get involved and help. Consisting of open source project maintainers, standards authors, end-users, and more, we cover a wide range of experience and invite you to join us as well! Help us make the CNCF Observability space better, diverse, and more approachable!
- 3 participants
- 15 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CNCF SIG-Runtime: The Cloud Native Runtimes Outlook - Ricardo Aravena, Rakuten & Renaud Gaubert, Nvidia
This talk will discuss the purpose of the CNCF SIG-Runtime, together with how we identify projects for CNCF admission and where we see the future of runtimes in the cloud native ecosystem. The session will cover: - Overview of the SIG-Runtime, how to join, and how to help. - Overview of related projects in the CNCF and the projects that have presented in our meetings. - Existing Workgroups in the SIG and how to get involved. - Future trends for cloud native technologies in the SIG scope such as containers, VMs, WebAssembly and MLOPs.
CNCF SIG-Runtime: The Cloud Native Runtimes Outlook - Ricardo Aravena, Rakuten & Renaud Gaubert, Nvidia
This talk will discuss the purpose of the CNCF SIG-Runtime, together with how we identify projects for CNCF admission and where we see the future of runtimes in the cloud native ecosystem. The session will cover: - Overview of the SIG-Runtime, how to join, and how to help. - Overview of related projects in the CNCF and the projects that have presented in our meetings. - Existing Workgroups in the SIG and how to get involved. - Future trends for cloud native technologies in the SIG scope such as containers, VMs, WebAssembly and MLOPs.
- 2 participants
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CNCF Serverless WG - Serverless Workflow Project Deep Dive - Tihomir Surdilovic, Red Hat & Doug Davis, IBM
The Serverless WG will provide a short update on the CloudEvents project and then give an in-depth update on the current state and planned future work of the Serverless Workflow project. In this session we will explain the benefits of using workflows in your application architectures. You will learn the ins and outs of the Serverless Workflow project and its ecosystem, its tight integration with the CloudEvents specification for event-orchestration, as well as its design and deployment strategies on cloud/container platforms. In addition we will show examples and explain some of the more advanced workflow language concepts such as error handling, retries, compensation, event-correlation, and long-running workflows.
CNCF Serverless WG - Serverless Workflow Project Deep Dive - Tihomir Surdilovic, Red Hat & Doug Davis, IBM
The Serverless WG will provide a short update on the CloudEvents project and then give an in-depth update on the current state and planned future work of the Serverless Workflow project. In this session we will explain the benefits of using workflows in your application architectures. You will learn the ins and outs of the Serverless Workflow project and its ecosystem, its tight integration with the CloudEvents specification for event-orchestration, as well as its design and deployment strategies on cloud/container platforms. In addition we will show examples and explain some of the more advanced workflow language concepts such as error handling, retries, compensation, event-correlation, and long-running workflows.
- 3 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
COSI: The Common Operating System Interface - Steven Borrelli, Mastercard & Andrew Rynhard, Talos-Systems
This talk introduces COSI, the Common Operating System Interface, which defines an API for the configuration of container operating systems. While there has been innovation in the development of minimal Linux distributions for running Kubernetes, the distributions diverge from each other in terms of management and API endpoints. Similar to other projects such as the Container Network Interface (CNI) , COSI has a focus on the configuration of the underlying operating system, providing Protocol Buffer definitions and a gRPC API reference implementation for configuration settings such as DNS, network, and kernel settings By utilizing a flexible plugin system, multiple backend implementations can provide a consistent API to consumers. In this talk we’ll review the configuration and APIs of popular container operating systems and Kubelet-node interactions. We will then review the COSI API, the plugin architecture, and demo node management using backend plugins written in Go and Rust.
COSI: The Common Operating System Interface - Steven Borrelli, Mastercard & Andrew Rynhard, Talos-Systems
This talk introduces COSI, the Common Operating System Interface, which defines an API for the configuration of container operating systems. While there has been innovation in the development of minimal Linux distributions for running Kubernetes, the distributions diverge from each other in terms of management and API endpoints. Similar to other projects such as the Container Network Interface (CNI) , COSI has a focus on the configuration of the underlying operating system, providing Protocol Buffer definitions and a gRPC API reference implementation for configuration settings such as DNS, network, and kernel settings By utilizing a flexible plugin system, multiple backend implementations can provide a consistent API to consumers. In this talk we’ll review the configuration and APIs of popular container operating systems and Kubelet-node interactions. We will then review the COSI API, the plugin architecture, and demo node management using backend plugins written in Go and Rust.
- 2 participants
- 21 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
COVID Tracker - Testing & Contact Tracing: How Ireland is Battling COVID-19 - Gar Mac Críosta, HSE Lead, Covid Tracker App, Ireland
COVID Tracker - Testing & Contact Tracing: How Ireland is Battling COVID-19 - Gar Mac Críosta, HSE Lead, Covid Tracker App, Ireland
- 1 participant
- 16 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CRI-O Still Loves Kubernetes - Sasha Grunert, Peter Hunt, Urvashi Mohnani & Mrunal Patel, Red Hat
In Kubernetes 1.20, support for the dockershim was deprecated, leaving many wondering what will take its place. Wonder no longer: CRI-O is a container runtime written exclusively for Kubernetes, and is ready to take the dockershim’s place. In addition to being a standard component for deploying secure and stable Kubernetes clusters, CRI-O has the unique advantage of being able to tailor its behavior to the needs of the Kubelet. In this talk, the maintainers of CRI-O will provide an update about the latest feature developments, as well as live demonstrating typical real world use cases around them. Join the CRI-O maintainers as they walk through the latest improvements in communication with the Kubelet under load, container stats reporting, user namespaces, and seccomp profile generation, as well as a general project update. After this session, you should know more about how CRI-O works in action and why it’s the perfect choice for your Kubernetes cluster!
CRI-O Still Loves Kubernetes - Sasha Grunert, Peter Hunt, Urvashi Mohnani & Mrunal Patel, Red Hat
In Kubernetes 1.20, support for the dockershim was deprecated, leaving many wondering what will take its place. Wonder no longer: CRI-O is a container runtime written exclusively for Kubernetes, and is ready to take the dockershim’s place. In addition to being a standard component for deploying secure and stable Kubernetes clusters, CRI-O has the unique advantage of being able to tailor its behavior to the needs of the Kubelet. In this talk, the maintainers of CRI-O will provide an update about the latest feature developments, as well as live demonstrating typical real world use cases around them. Join the CRI-O maintainers as they walk through the latest improvements in communication with the Kubelet under load, container stats reporting, user namespaces, and seccomp profile generation, as well as a general project update. After this session, you should know more about how CRI-O works in action and why it’s the perfect choice for your Kubernetes cluster!
- 4 participants
- 33 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CSI Volume Attacks – The SRE Strikes Back - Hendrik Land, NetApp
Container Storage Interface (CSI) has made it easy for stateful workloads to consume storage - but does it protect your data from unauthorized access? The CSI standard only orchestrates the creation of volumes, snapshots or clones. How do you ensure that neither other workloads in the same Kubernetes cluster nor someone outside the cluster can access your data? You will learn the inherent security models provided by Kubernetes as well as additional configurations you can and should apply. Beyond concepts and architecture, a series of short demos will cover topics such as: - Security of Persistent Volume Claims and Persistent Volumes throughout their lifecycle - Pod Security Policies and volume types - File system permissions on your volumes - Securing common storage protocols such as iSCSI and NFS - Securing CSI drivers in your cluster
CSI Volume Attacks – The SRE Strikes Back - Hendrik Land, NetApp
Container Storage Interface (CSI) has made it easy for stateful workloads to consume storage - but does it protect your data from unauthorized access? The CSI standard only orchestrates the creation of volumes, snapshots or clones. How do you ensure that neither other workloads in the same Kubernetes cluster nor someone outside the cluster can access your data? You will learn the inherent security models provided by Kubernetes as well as additional configurations you can and should apply. Beyond concepts and architecture, a series of short demos will cover topics such as: - Security of Persistent Volume Claims and Persistent Volumes throughout their lifecycle - Pod Security Policies and volume types - File system permissions on your volumes - Securing common storage protocols such as iSCSI and NFS - Securing CSI drivers in your cluster
- 1 participant
- 21 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cert-Manager Beyond Ingress – Exploring the Variety of Use Cases - Matthew Bates, Jetstack
Cert-manager is a widely used project for the automation of X.509 TLS certificates. In 2020, it reached 1.0 and landed in the CNCF Sandbox. cert-manager has been popularised by its support of ACME and Ingress, enabling many millions of certificates to be issued and renewed, and to help secure the cloud native web with Kubernetes and all the various ingress controllers. But cert-manager, with its custom resources and controllers, extensible with issuers including those out-of-tree, can also be used for a myriad of other use cases in which certificates are required. This talk will walk through the various use cases for cert-manager, including ingress, control plane and nodes (kubeadm, CAPI), webhooks, intra-service mTLS (cert-manager-csi) and service mesh (OpenServiceMesh, Istio).
Cert-Manager Beyond Ingress – Exploring the Variety of Use Cases - Matthew Bates, Jetstack
Cert-manager is a widely used project for the automation of X.509 TLS certificates. In 2020, it reached 1.0 and landed in the CNCF Sandbox. cert-manager has been popularised by its support of ACME and Ingress, enabling many millions of certificates to be issued and renewed, and to help secure the cloud native web with Kubernetes and all the various ingress controllers. But cert-manager, with its custom resources and controllers, extensible with issuers including those out-of-tree, can also be used for a myriad of other use cases in which certificates are required. This talk will walk through the various use cases for cert-manager, including ingress, control plane and nodes (kubeadm, CAPI), webhooks, intra-service mTLS (cert-manager-csi) and service mesh (OpenServiceMesh, Istio).
- 1 participant
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Choose Wisely: Understanding Kubernetes Selectors - Christopher Hanson, RX-M,llc.
Kubernetes uses labels and selectors to tie otherwise distinct API objects together. Application controllers like ReplicaSets use labels on pods to enforce replication factor; Services (via Endpoint controllers) also use labels on pods to identify endpoints for routing client traffic. However, not all controller behavior is the same! Some controllers add extra label metadata to avoid potential collisions and others do not! Through a series of live demos, this session explores the use of labels and selectors used by controllers so that you can clearly understand and use both to your advantage when deploying apps on Kubernetes. The talk will conclude with examples of advanced deployment patterns such as red/black, highlander, and canary that can be achieved natively in Kubernetes via labels/selectors.
Choose Wisely: Understanding Kubernetes Selectors - Christopher Hanson, RX-M,llc.
Kubernetes uses labels and selectors to tie otherwise distinct API objects together. Application controllers like ReplicaSets use labels on pods to enforce replication factor; Services (via Endpoint controllers) also use labels on pods to identify endpoints for routing client traffic. However, not all controller behavior is the same! Some controllers add extra label metadata to avoid potential collisions and others do not! Through a series of live demos, this session explores the use of labels and selectors used by controllers so that you can clearly understand and use both to your advantage when deploying apps on Kubernetes. The talk will conclude with examples of advanced deployment patterns such as red/black, highlander, and canary that can be achieved natively in Kubernetes via labels/selectors.
- 1 participant
- 35 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Native & WebAssembly: Better Together - Liam Randall, Founder, Cosmonic & Co-Founder, Wasmcloud & Ralph Squillace, Principal PM, Azure Core Upstream, Microsoft Azure
Cloud Native & WebAssembly: Better Together - Liam Randall, Founder, Cosmonic & Co-Founder, Wasmcloud & Ralph Squillace, Principal PM, Azure Core Upstream, Microsoft Azure
- 2 participants
- 18 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Native Distributed Event Streaming from TiKV - Zixiong Liu, PingCAP
Data processing is evolving to be stream-oriented to enable interconnection between subsystems or microservices, but it could be challenging for distributed data stores, such as TiKV, to stream data effectively. Zixiong Liu and his team have successfully achieved distributed event streaming from TiKV with low computational cost, low latency, and elimination of single points of failure. Now it is possible to produce a stream of updates from TiKV, which, with suitable deduplication, are ordered by their commit timestamps. In his talk, Zixiong Liu will talk about the techniques used in the design of TiKV that facilitate data streaming, and the implementation of the distributed computation performed on the exported TiKV data so that the data can be converted into formats suitable for consumption by third party data solutions.
Cloud Native Distributed Event Streaming from TiKV - Zixiong Liu, PingCAP
Data processing is evolving to be stream-oriented to enable interconnection between subsystems or microservices, but it could be challenging for distributed data stores, such as TiKV, to stream data effectively. Zixiong Liu and his team have successfully achieved distributed event streaming from TiKV with low computational cost, low latency, and elimination of single points of failure. Now it is possible to produce a stream of updates from TiKV, which, with suitable deduplication, are ordered by their commit timestamps. In his talk, Zixiong Liu will talk about the techniques used in the design of TiKV that facilitate data streaming, and the implementation of the distributed computation performed on the exported TiKV data so that the data can be converted into formats suitable for consumption by third party data solutions.
- 1 participant
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Native: The Building Blocks for the Human Experience - Priyanka Sharma, General Manager, Cloud Native Computing Foundation with special guest Zain Asgar, GVP & Product GM, Pixie @ New Relic & Adjunct Professor, Computer Science, Stanford University
Cloud Native: The Building Blocks for the Human Experience - Priyanka Sharma, General Manager, Cloud Native Computing Foundation with special guest Zain Asgar, GVP & Product GM, Pixie @ New Relic & Adjunct Professor, Computer Science, Stanford University
- 3 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Provider AWS Update and Roadmap - Nick Turner, Ayberk Yilmaz, Yang Yang, Amazon & Nicole Han, VMWare
We will give an update on the status of the kubernetes/cloud-provider-aws and kubernetes-sigs/aws-load-balancer-controller repositories, and the roadmap for the future. We loosely divide the talk into 4 topics: 1. the migration from in-tree to out-of-tree (external) cloud-provider, 2. the ECR credential provider, 3. the future of the AWS cloud provider, including the work on the V2 provider, and 4. the current state and future of AWS load balancer controller. We welcome discussion and feedback during the talk.
Cloud Provider AWS Update and Roadmap - Nick Turner, Ayberk Yilmaz, Yang Yang, Amazon & Nicole Han, VMWare
We will give an update on the status of the kubernetes/cloud-provider-aws and kubernetes-sigs/aws-load-balancer-controller repositories, and the roadmap for the future. We loosely divide the talk into 4 topics: 1. the migration from in-tree to out-of-tree (external) cloud-provider, 2. the ECR credential provider, 3. the future of the AWS cloud provider, including the work on the V2 provider, and 4. the current state and future of AWS load balancer controller. We welcome discussion and feedback during the talk.
- 4 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud-Native Computing For Research Users - Jamie Poole, G-Research & Ricardo Rocha, CERN
The CNCF Research User Group’s purpose is to function as a focal point for the discussion and advancement of Research Computing using “Cloud Native” technologies. This includes enumerating current practices, identifying gaps, and directing effort to improve the Research Cloud Computing ecosystem. In this session we will introduce the user group, discuss our mission and the particular challenges that research institutions face that we aim to meet with cloud-native technology. We will hear from speakers from public and private research institutions such as CERN (physics) and G-Research (fintech) and discuss various relevant projects in flight.
Cloud-Native Computing For Research Users - Jamie Poole, G-Research & Ricardo Rocha, CERN
The CNCF Research User Group’s purpose is to function as a focal point for the discussion and advancement of Research Computing using “Cloud Native” technologies. This includes enumerating current practices, identifying gaps, and directing effort to improve the Research Cloud Computing ecosystem. In this session we will introduce the user group, discuss our mission and the particular challenges that research institutions face that we aim to meet with cloud-native technology. We will hear from speakers from public and private research institutions such as CERN (physics) and G-Research (fintech) and discuss various relevant projects in flight.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CloudEvents - Looking Beyond Event Delivery - Remi Cattiau, Nuxeo
While CloudEvents helps in the delivery of events from a producer to a destination, when considering the entire lifecycle of an event there's a lot more to consider. For example, how does someone discover which events can be generated and by which producer? What transport mechanisms for event delivery are available? How does someone subscribe to receive events? Today there's no consistent mechanism to answer these questions. This session will explore how the CloudEvents project is working to solve these issues by providing a quick overview of the new specifications being developed - and, of course, give an update on the CloudEvents specification itself.
CloudEvents - Looking Beyond Event Delivery - Remi Cattiau, Nuxeo
While CloudEvents helps in the delivery of events from a producer to a destination, when considering the entire lifecycle of an event there's a lot more to consider. For example, how does someone discover which events can be generated and by which producer? What transport mechanisms for event delivery are available? How does someone subscribe to receive events? Today there's no consistent mechanism to answer these questions. This session will explore how the CloudEvents project is working to solve these issues by providing a quick overview of the new specifications being developed - and, of course, give an update on the CloudEvents specification itself.
- 1 participant
- 14 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cluster API Deep Dive - Jason DeTiberus, Equinix Metal & Marcel Mue, Giant Swarm
Cluster API is a Kubernetes sub-project focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. In this deep dive, we will provide a brief overview of Cluster API and how it simplifies the cluster management experience for cluster operators by enabling consistent machine management across environments, and bringing declarative upgrades to Kubernetes clusters. You’ll also learn about the latest features and improvements to the project and what to expect in the future.
Cluster API Deep Dive - Jason DeTiberus, Equinix Metal & Marcel Mue, Giant Swarm
Cluster API is a Kubernetes sub-project focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. In this deep dive, we will provide a brief overview of Cluster API and how it simplifies the cluster management experience for cluster operators by enabling consistent machine management across environments, and bringing declarative upgrades to Kubernetes clusters. You’ll also learn about the latest features and improvements to the project and what to expect in the future.
- 2 participants
- 36 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cluster API Provider AWS (CAPA) Update - Richard Case, Weaveworks & Sedef Savas, VMware
Cluster API Provider AWS (CAPA) is a SIG Cluster Lifecycle project, which is responsible for building the UX for deploying and upgrading Kubernetes clusters by also handling infrastructure provisioning in AWS. It can be utilized to build declarative, replicable, scalable Kubernetes clusters in AWS.
Learn about the new features in Cluster API (CAPI)/Cluster API Provider AWS (CAPA), the roadmap ahead, and how you can contribute to the project.
Cluster API Provider AWS (CAPA) Update - Richard Case, Weaveworks & Sedef Savas, VMware
Cluster API Provider AWS (CAPA) is a SIG Cluster Lifecycle project, which is responsible for building the UX for deploying and upgrading Kubernetes clusters by also handling infrastructure provisioning in AWS. It can be utilized to build declarative, replicable, scalable Kubernetes clusters in AWS.
Learn about the new features in Cluster API (CAPI)/Cluster API Provider AWS (CAPA), the roadmap ahead, and how you can contribute to the project.
- 2 participants
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cluster API as Code - David McKay, Equinix Metal
Cluster API is a Kubernetes sub-project focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. Cluster API provides clusterctl, which can be configured with environment variables and allows the generation of Kubernetes manifests that describe your workload clusters. While this provides a great on-boarding experience, managing and wrangling more YAML isn't something we're all yearning to do. Fortunately, there's a better way. Introducing Cluster API bindings for TypeScript, Go, and Python. In this talk, I'll introduce you to managing Cluster API through your favourite programming languages.
Cluster API as Code - David McKay, Equinix Metal
Cluster API is a Kubernetes sub-project focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. Cluster API provides clusterctl, which can be configured with environment variables and allows the generation of Kubernetes manifests that describe your workload clusters. While this provides a great on-boarding experience, managing and wrangling more YAML isn't something we're all yearning to do. Fortunately, there's a better way. Introducing Cluster API bindings for TypeScript, Go, and Python. In this talk, I'll introduce you to managing Cluster API through your favourite programming languages.
- 1 participant
- 32 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Compliance Beyond Security: a Cloud Native GDPR Implementation Experience - Johan Tordsson, Elastisys AB
Regulatory compliance has traditionally been focused on core system aspects such as availability, data integrity, and overall IT system security. Compliance has been achieved through various processes and (security) tooling. With recent evolution of the regulatory landscape (including the European GDPR, Californian CCPA, and Japanese APPI legislations), there is a stronger focus on end user rights to data, in particular the right to be forgotten. This session will discuss the technical challenges of this movement and give some recommendations for how to address these issues in a cloud native setting. This includes how to handle (and timely remove) data across the full stack, including logs, backups, and any other sort of stateful resources.
Compliance Beyond Security: a Cloud Native GDPR Implementation Experience - Johan Tordsson, Elastisys AB
Regulatory compliance has traditionally been focused on core system aspects such as availability, data integrity, and overall IT system security. Compliance has been achieved through various processes and (security) tooling. With recent evolution of the regulatory landscape (including the European GDPR, Californian CCPA, and Japanese APPI legislations), there is a stronger focus on end user rights to data, in particular the right to be forgotten. This session will discuss the technical challenges of this movement and give some recommendations for how to address these issues in a cloud native setting. This includes how to handle (and timely remove) data across the full stack, including logs, backups, and any other sort of stateful resources.
- 1 participant
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Compliance the Easy Way: Zero-conf mTLS for Dev and smooth Day-2 for Ops - Christian Hüning & Lutz Behnke, finleap connect
Finleap Connect operates in a strong financial context under which regulatory requirements demand that all internal traffic between critical applications be encrypted. In this case study Christian Hüning and Lutz Behnke will review the decision making process that led to selecting Linkerd for the task of securing traffic for the Finleap application infrastructure. Christian will also provide insights into the integration process with the application teams and how Linkerd positively affected observability and reliability of the application services. Lutz will present learnings of operating workloads with Linkerd for more than a year, including how to establish secure communication through the service mesh. He will discuss the required operations work to continuously run the cluster despite updates, more than 2500 injected pods or root CA rotations, using cert-manager.
Compliance the Easy Way: Zero-conf mTLS for Dev and smooth Day-2 for Ops - Christian Hüning & Lutz Behnke, finleap connect
Finleap Connect operates in a strong financial context under which regulatory requirements demand that all internal traffic between critical applications be encrypted. In this case study Christian Hüning and Lutz Behnke will review the decision making process that led to selecting Linkerd for the task of securing traffic for the Finleap application infrastructure. Christian will also provide insights into the integration process with the application teams and how Linkerd positively affected observability and reliability of the application services. Lutz will present learnings of operating workloads with Linkerd for more than a year, including how to establish secure communication through the service mesh. He will discuss the required operations work to continuously run the cluster despite updates, more than 2500 injected pods or root CA rotations, using cert-manager.
- 2 participants
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Contour, a High Performance Multitenant Ingress Controller for Kubernetes - Steve Sloka, VMware
Contour, a CNCF incubating project, is a high performance ingress and load balancer solution for Kubernetes. Contour offers a richer feature set than some common alternatives while maintaining a lightweight profile. At its core, Contour is providing a control plane for the Envoy edge and service proxy. This session will show you how to leverage Contour and Envoy for Kubernetes workloads in a multi-tenant environment, demonstrate recent Contour features like authentication, rate-limiting, service-apis, as well as preview our near term roadmap.
Contour, a High Performance Multitenant Ingress Controller for Kubernetes - Steve Sloka, VMware
Contour, a CNCF incubating project, is a high performance ingress and load balancer solution for Kubernetes. Contour offers a richer feature set than some common alternatives while maintaining a lightweight profile. At its core, Contour is providing a control plane for the Envoy edge and service proxy. This session will show you how to leverage Contour and Envoy for Kubernetes workloads in a multi-tenant environment, demonstrate recent Contour features like authentication, rate-limiting, service-apis, as well as preview our near term roadmap.
- 6 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Contributing to Kubernetes Conformance Coverage - Zach Mandeville & Caleb Woodbine, ii.coop - https://ii.coop/
In this session we'll walk through the Certified Kubernetes program (cncf.io/ck) followed by a deep-dive into the tooling developed for identification, removal and prevention of gaps in certification test coverage.In the intro, we will cover the steps required to become a CNCF Certified Kubernetes provider.We will also deep dive into the APISnoop technologies supporting conformance, specifically:- Identifying Gaps (apisnoop.cncf.io) Closing Gaps (apisnoop audit sink + test writing w/ humacs.org) Preventing Gaps (release blocking w/ prow.k8s.io) Verifying cloud provider submissions (prow.cncf.io)
Contributing to Kubernetes Conformance Coverage - Zach Mandeville & Caleb Woodbine, ii.coop - https://ii.coop/
In this session we'll walk through the Certified Kubernetes program (cncf.io/ck) followed by a deep-dive into the tooling developed for identification, removal and prevention of gaps in certification test coverage.In the intro, we will cover the steps required to become a CNCF Certified Kubernetes provider.We will also deep dive into the APISnoop technologies supporting conformance, specifically:- Identifying Gaps (apisnoop.cncf.io) Closing Gaps (apisnoop audit sink + test writing w/ humacs.org) Preventing Gaps (release blocking w/ prow.k8s.io) Verifying cloud provider submissions (prow.cncf.io)
- 2 participants
- 16 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
CoreDNS Deep Dive: Building Custom Plugins - Yong Tang, Ivanti
CoreDNS is a cloud-native DNS server with a focus on service discovery. While best known as the default cluster DNS for Kubernetes, CoreDNS is very flexible and extensible for any new features thanks to its plugin-based architecture: new functionalities can be easily added as plugins with Golang. In this session, we will take a detailed look at the plugin system of CoreDNS. We will walk through the complete code of a demo plugin from the scratch to showcase the simplicity and ease of convenience of CoreDNS plugins. We also provide updates and future roadmap of CoreDNS and the community event in this session.
CoreDNS Deep Dive: Building Custom Plugins - Yong Tang, Ivanti
CoreDNS is a cloud-native DNS server with a focus on service discovery. While best known as the default cluster DNS for Kubernetes, CoreDNS is very flexible and extensible for any new features thanks to its plugin-based architecture: new functionalities can be easily added as plugins with Golang. In this session, we will take a detailed look at the plugin system of CoreDNS. We will walk through the complete code of a demo plugin from the scratch to showcase the simplicity and ease of convenience of CoreDNS plugins. We also provide updates and future roadmap of CoreDNS and the community event in this session.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cortex: Multi-tenant Scalable Prometheus - Bryan Boreham, Weaveworks & Jacob Tlisi, Grafana Labs
Cortex is a time-series data store based on Prometheus.
Cortex adds:
- Scalability: run across dozens of servers to handle millions of samples per second.
- Availability: if one server fails then work will be redirected to others.
- Multi-tenancy: store data from different groups or customers, segregated so a user from one tenant cannot see data from another.
- Durability: use cloud stores (such as S3) to reduce the chance of data loss.
This session will provide an overview of Cortex, an update on recent news from the project, and a deeper look at the recently added administrator feature to query across multiple tenants.
Cortex: Multi-tenant Scalable Prometheus - Bryan Boreham, Weaveworks & Jacob Tlisi, Grafana Labs
Cortex is a time-series data store based on Prometheus.
Cortex adds:
- Scalability: run across dozens of servers to handle millions of samples per second.
- Availability: if one server fails then work will be redirected to others.
- Multi-tenancy: store data from different groups or customers, segregated so a user from one tenant cannot see data from another.
- Durability: use cloud stores (such as S3) to reduce the chance of data loss.
This session will provide an overview of Cortex, an update on recent news from the project, and a deeper look at the recently added administrator feature to query across multiple tenants.
- 2 participants
- 16 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Dedicated Infrastructure in a Multitenant World - Carlos Sanchez, Adobe
Running multitenant Kubernetes clusters is challenging, particularly when different tenants require their own dedicated infrastructure. At Adobe Experience Manager Cloud Service we built solutions to provide customers with their own dedicated infrastructure, such as ips, DNS, VPN connectivity,... while running most services in multitenant Kubernetes clusters. We will share how we built our solution making extensive use of Envoy to run networking tunnels between Kubernetes pods and customer dedicated infrastructure, enforcing encryption and mutual authentication using certificates. This allows, for example, different pods to have their own dedicated egress ip instead of the cluster's, or connections from pods to multiple customer on-premise services using VPN. The solution is provisioned automatically using Terraform, Terragrunt and other services.
Dedicated Infrastructure in a Multitenant World - Carlos Sanchez, Adobe
Running multitenant Kubernetes clusters is challenging, particularly when different tenants require their own dedicated infrastructure. At Adobe Experience Manager Cloud Service we built solutions to provide customers with their own dedicated infrastructure, such as ips, DNS, VPN connectivity,... while running most services in multitenant Kubernetes clusters. We will share how we built our solution making extensive use of Envoy to run networking tunnels between Kubernetes pods and customer dedicated infrastructure, enforcing encryption and mutual authentication using certificates. This allows, for example, different pods to have their own dedicated egress ip instead of the cluster's, or connections from pods to multiple customer on-premise services using VPN. The solution is provisioned automatically using Terraform, Terragrunt and other services.
- 1 participant
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Demystifying Cloud Native Concepts for the Business World - Catherine Paganini & Jason Morgan, CNCF Business Value Subcommittee
As co-chairs of the CNCF Business Value Subcommittee, Jason Morgan and Catherine Paganini seek to democratize cloud native concepts. Technologists have been talking about these topics for years, yet, for many, the cloud native space is still largely inaccessible. What is a service mesh? How do containers fit in? And how do any of these technologies help my organization achieve its strategic goals?
In this session, Jason and Catherine will talk about their first project: the CNCF Cloud Native Glossary. The glossary explains these concepts in simple terms that anyone can easily understand—no computer science degree required. They'll discuss what motivated them and why they believe that now is the time to spread the cloud native gospel to a broader audience.
Demystifying Cloud Native Concepts for the Business World - Catherine Paganini & Jason Morgan, CNCF Business Value Subcommittee
As co-chairs of the CNCF Business Value Subcommittee, Jason Morgan and Catherine Paganini seek to democratize cloud native concepts. Technologists have been talking about these topics for years, yet, for many, the cloud native space is still largely inaccessible. What is a service mesh? How do containers fit in? And how do any of these technologies help my organization achieve its strategic goals?
In this session, Jason and Catherine will talk about their first project: the CNCF Cloud Native Glossary. The glossary explains these concepts in simple terms that anyone can easily understand—no computer science degree required. They'll discuss what motivated them and why they believe that now is the time to spread the cloud native gospel to a broader audience.
- 2 participants
- 13 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Discontiguous CIDRs for Dynamic Cluster Scaling - Rahul Joshi & Sudeep Modi, Google
Users want more out of their existing clusters. As demand increases, they would like to increase the size of their clusters by adding more nodes and pods (scaling horizontally). One of the key limitations in doing this is immutability of IP addresses. Providing each additional node and pod an IP, quickly exhausts users’ initial IP allocations. They must resort to optimizing IP addresses in their existing clusters, or pre-emptively over-allocating IP addresses during cluster creation time. With Discontiguous Pod and Node CIDRs, IP addresses become a mutable resource that can be added post-cluster creation thereby helping in the growing the cluster dynamically. Adding support for disjoint CIDRs also allows fitting clusters into fragmented IP spaces, a problem commonly faced by enterprise customers. This talk will describe how GKE solves the problem for customers and the lessons learnt along the way. This talk also proposes ideas on how to solve this natively in Kubernetes.
Discontiguous CIDRs for Dynamic Cluster Scaling - Rahul Joshi & Sudeep Modi, Google
Users want more out of their existing clusters. As demand increases, they would like to increase the size of their clusters by adding more nodes and pods (scaling horizontally). One of the key limitations in doing this is immutability of IP addresses. Providing each additional node and pod an IP, quickly exhausts users’ initial IP allocations. They must resort to optimizing IP addresses in their existing clusters, or pre-emptively over-allocating IP addresses during cluster creation time. With Discontiguous Pod and Node CIDRs, IP addresses become a mutable resource that can be added post-cluster creation thereby helping in the growing the cluster dynamically. Adding support for disjoint CIDRs also allows fitting clusters into fragmented IP spaces, a problem commonly faced by enterprise customers. This talk will describe how GKE solves the problem for customers and the lessons learnt along the way. This talk also proposes ideas on how to solve this natively in Kubernetes.
- 2 participants
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Dragonfly 2.0 — Bring a breakthrough Leap to the Domain of Cloud Native File and Image Distribution - Zuozheng Hu, Alibaba & Jim Ma, Ant Group
With the continuous development of dragonfly 1.X, more and more companies use it to solve the problems of image download and file distribution in their production environment. In this process, it also gradually exposed some deficiencies of the current system in architecture design, security and function, and faced more and more challenges. Therefore, it is necessary for us to launch the dragonfly 2.0 project and give it a clearer positioning: providing enterprise level (efficient, stable, secure, low-cost, product oriented) file distribution and management services, becoming the cloud native best practice and standard solution in this field. The new Dragonfly 2.0 will definitely bring a breakthrough in the field of file and image distribution.
Dragonfly 2.0 — Bring a breakthrough Leap to the Domain of Cloud Native File and Image Distribution - Zuozheng Hu, Alibaba & Jim Ma, Ant Group
With the continuous development of dragonfly 1.X, more and more companies use it to solve the problems of image download and file distribution in their production environment. In this process, it also gradually exposed some deficiencies of the current system in architecture design, security and function, and faced more and more challenges. Therefore, it is necessary for us to launch the dragonfly 2.0 project and give it a clearer positioning: providing enterprise level (efficient, stable, secure, low-cost, product oriented) file distribution and management services, becoming the cloud native best practice and standard solution in this field. The new Dragonfly 2.0 will definitely bring a breakthrough in the field of file and image distribution.
- 2 participants
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Efficient Model Exploring and Continuous Delivery With Polyaxon + Kubeflow - Shotaro Kohama, Mercari Inc
Machine learning projects are highly iterative. A project begins with an experiment phase, a productionization phase, an operation phase, and the next experiment phase. The smooth transition from the experimental stage to the productionization phase is the key to accelerate the iterations. Polyaxon is a cloud-native machine learning experiments platform that allows developers to run parallel and scalable hyperparameter tuning job in a declarative way. KubeflowPipelines is a workflow engine for machine learning pipelines. This talk shows how the Machine Learning Platform team at Mercari helps accelerate machine learning projects by Polyaxon and KubeflowPipelines.
Efficient Model Exploring and Continuous Delivery With Polyaxon + Kubeflow - Shotaro Kohama, Mercari Inc
Machine learning projects are highly iterative. A project begins with an experiment phase, a productionization phase, an operation phase, and the next experiment phase. The smooth transition from the experimental stage to the productionization phase is the key to accelerate the iterations. Polyaxon is a cloud-native machine learning experiments platform that allows developers to run parallel and scalable hyperparameter tuning job in a declarative way. KubeflowPipelines is a workflow engine for machine learning pipelines. This talk shows how the Machine Learning Platform team at Mercari helps accelerate machine learning projects by Polyaxon and KubeflowPipelines.
- 1 participant
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Enhancing Kubernetes with the Security Profiles Operator - Colleen Murphy & Sascha Grunert, Red Hat
Kubernetes provides ways for container workloads to leverage Linux security features like seccomp, Apparmor, and SELinux, technologies that allow applications to be bound by security profiles that prevent unexpected and malicious behavior. But crafting and deploying these profiles is a manual process that requires administrators to operate directly on the underlying host and end-users to have knowledge of the security configurations of the hosts.
The Security Profiles Operator is an out-of-tree Kubernetes enhancement that provides cloud-native APIs to manage these profiles.
In this session, Colleen and Sascha will discuss how the Security Profiles Operator has evolved. They demonstrate how the project empowers workload security by making seccomp profiles easier to use inside of Kubernetes. Besides that, they will speak about the future of the project, how it may integrate into Kubernetes and what it means to combine profile-based security features managed from one source of truth.
Enhancing Kubernetes with the Security Profiles Operator - Colleen Murphy & Sascha Grunert, Red Hat
Kubernetes provides ways for container workloads to leverage Linux security features like seccomp, Apparmor, and SELinux, technologies that allow applications to be bound by security profiles that prevent unexpected and malicious behavior. But crafting and deploying these profiles is a manual process that requires administrators to operate directly on the underlying host and end-users to have knowledge of the security configurations of the hosts.
The Security Profiles Operator is an out-of-tree Kubernetes enhancement that provides cloud-native APIs to manage these profiles.
In this session, Colleen and Sascha will discuss how the Security Profiles Operator has evolved. They demonstrate how the project empowers workload security by making seccomp profiles easier to use inside of Kubernetes. Besides that, they will speak about the future of the project, how it may integrate into Kubernetes and what it means to combine profile-based security features managed from one source of truth.
- 2 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Evaluating Business Risk for Open Source Cloud Native Projects - Dawn Foster, VMware
Most business decisions boil down to an assessment of risk and making tradeoffs. We should all be thinking about risks relative to how we’re using cloud native open source projects within our business. If we build our business on top of an open source technology, we want it to be as low of a risk as possible. This talk will: * Compare the risk between projects under neutral foundations vs. those owned by individual companies. * Provide details about how governance impacts risk relative to leadership selection, decision-making processes, and communication. * Evaluate business risk in terms of contributors and organizations to determine the level of risk associated with individuals or organizations leaving the project. * Look at how security and release processes can impact risk. The audience will walk away with practical advice about how to assess risk and evaluate projects for your organization while also learning about ways to decrease risk in your own projects.
Evaluating Business Risk for Open Source Cloud Native Projects - Dawn Foster, VMware
Most business decisions boil down to an assessment of risk and making tradeoffs. We should all be thinking about risks relative to how we’re using cloud native open source projects within our business. If we build our business on top of an open source technology, we want it to be as low of a risk as possible. This talk will: * Compare the risk between projects under neutral foundations vs. those owned by individual companies. * Provide details about how governance impacts risk relative to leadership selection, decision-making processes, and communication. * Evaluate business risk in terms of contributors and organizations to determine the level of risk associated with individuals or organizations leaving the project. * Look at how security and release processes can impact risk. The audience will walk away with practical advice about how to assess risk and evaluate projects for your organization while also learning about ways to decrease risk in your own projects.
- 1 participant
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Event Processing at Optum, the Cloud Events Way - Janani Pathangi & Murugappan Chetty, Optum
Event driven architectures are on the rise, organizations are scrambling to keep up with it. Will standardizing events with Cloud Events help in this process ? This talk by Janani Pathangi and Murugappan Chetty of Optum will help you find that answer, as they explain how teams at Optum are starting to embrace Cloud Events The audience will get know about * Cloud Events - the specification and 2.0 Go library * Easy wins and pain points of using Cloud Events. * Role, knative eventing is playing in sourcing and delivering cloud events. * Building events sources and consumers * Use Cases at Optum leveraging Cloud Events
Event Processing at Optum, the Cloud Events Way - Janani Pathangi & Murugappan Chetty, Optum
Event driven architectures are on the rise, organizations are scrambling to keep up with it. Will standardizing events with Cloud Events help in this process ? This talk by Janani Pathangi and Murugappan Chetty of Optum will help you find that answer, as they explain how teams at Optum are starting to embrace Cloud Events The audience will get know about * Cloud Events - the specification and 2.0 Go library * Easy wins and pain points of using Cloud Events. * Role, knative eventing is playing in sourcing and delivering cloud events. * Building events sources and consumers * Use Cases at Optum leveraging Cloud Events
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
FalcOMG That's AWESOME - New Things, Fixed Things, and YOU Panel - Leo Di Donato, Leonardo Grasso & Radhika Puthiyetath, Sysdig & Thomas Labarussias, Qonto
On this panel, the Falco maintainers will discuss the great things happening in Falco a cloud-native runtime security project, the de facto Kubernetes threat detection engine. This panel of key Falco maintainers will cover: *Brief Overview of Falco and its history *Updates on Falco and its subprojects (Falco, Falco sidekick etc) *Driver Donation(libsinsp , libscap, the kernel module driver the eBPF driver source) and what this means for the community *Roadmap Capabilities. Whats Coming! *Interactive QA on what you would like to see in the project
FalcOMG That's AWESOME - New Things, Fixed Things, and YOU Panel - Leo Di Donato, Leonardo Grasso & Radhika Puthiyetath, Sysdig & Thomas Labarussias, Qonto
On this panel, the Falco maintainers will discuss the great things happening in Falco a cloud-native runtime security project, the de facto Kubernetes threat detection engine. This panel of key Falco maintainers will cover: *Brief Overview of Falco and its history *Updates on Falco and its subprojects (Falco, Falco sidekick etc) *Driver Donation(libsinsp , libscap, the kernel module driver the eBPF driver source) and what this means for the community *Roadmap Capabilities. Whats Coming! *Interactive QA on what you would like to see in the project
- 5 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
First Principles of Cloud Native Technology - Ronald Petty, RX-M LLC
Have you ever inherited a system? If you ever feel unclear the system's purpose, it's time to break it down into first principles. With so many Cloud Native tools available it can be overwhelming to decide which tools are most directly solving the problem (or could solve it). We will take a systematic approach to enumerating and grouping core issues and how the related tools solve them. We start with a review of core operating concepts, basic data and network models. From there we contrast OS level solutions to these problems and their challenges. We next enter the Cloud Native layer and see how they leverage OS level concepts to solve these problems. Finally, we compare potential solutions to core issues at different levels (OS or Cloud Native). This talk is focused on how to break down tools into functional areas and contrast them to each other. Leaving this session you will have more techniques to reason about these tools and model solutions.
First Principles of Cloud Native Technology - Ronald Petty, RX-M LLC
Have you ever inherited a system? If you ever feel unclear the system's purpose, it's time to break it down into first principles. With so many Cloud Native tools available it can be overwhelming to decide which tools are most directly solving the problem (or could solve it). We will take a systematic approach to enumerating and grouping core issues and how the related tools solve them. We start with a review of core operating concepts, basic data and network models. From there we contrast OS level solutions to these problems and their challenges. We next enter the Cloud Native layer and see how they leverage OS level concepts to solve these problems. Finally, we compare potential solutions to core issues at different levels (OS or Cloud Native). This talk is focused on how to break down tools into functional areas and contrast them to each other. Leaving this session you will have more techniques to reason about these tools and model solutions.
- 1 participant
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Flux: Multi-tenancy Deep Dive - Philip Laine, Xenit
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories) and automating updates to the configuration when there is new code to deploy. In this presentation, we will look at how Flux can be used in multi-tenant environments to simplify the day to day work of developers and Kubernetes cluster operators.
Flux: Multi-tenancy Deep Dive - Philip Laine, Xenit
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories) and automating updates to the configuration when there is new code to deploy. In this presentation, we will look at how Flux can be used in multi-tenant environments to simplify the day to day work of developers and Kubernetes cluster operators.
- 1 participant
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
From Allyship to Sponsorship: Solutions to Design a Diverse and Inclusive Community, Sponsored by Red Hat - Yulkendy Valdez, Josuel Plasencia
From Allyship to Sponsorship: Solutions to Design a Diverse and Inclusive Community. This session will engage the audience in creating a more diverse and inclusive open-source community. Research undoubtedly shows that investing in diversity and inclusion helps you develop better technology and increases your bottom line. The challenge is how do we get there; and how do we, as individuals, develop the leadership skills required to be part of the solution.
From Allyship to Sponsorship: Solutions to Design a Diverse and Inclusive Community, Sponsored by Red Hat - Yulkendy Valdez, Josuel Plasencia
From Allyship to Sponsorship: Solutions to Design a Diverse and Inclusive Community. This session will engage the audience in creating a more diverse and inclusive open-source community. Research undoubtedly shows that investing in diversity and inclusion helps you develop better technology and increases your bottom line. The challenge is how do we get there; and how do we, as individuals, develop the leadership skills required to be part of the solution.
- 2 participants
- 35 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
From Tweet to BadIdea: Creating an Embeddable Kubernetes Style API Server - Jason DeTiberus, Equinix Metal
Kubernetes Custom Resource Definitions (CRDs) have made building Kubernetes-style declarative APIs easy. However they depend on an existing Kubernetes cluster, which can lead to difficult bootstrapping issues when building infrastructure management tooling. Would it be possible to remove the Kubernetes cluster dependency by piecing together the components that Kubernetes itself uses to implement the features needed to support CRDs? This talk explores the process of attempting to do just that through the process of building a minimal and embeddable Kubernetes style API Server with CRD support.
From Tweet to BadIdea: Creating an Embeddable Kubernetes Style API Server - Jason DeTiberus, Equinix Metal
Kubernetes Custom Resource Definitions (CRDs) have made building Kubernetes-style declarative APIs easy. However they depend on an existing Kubernetes cluster, which can lead to difficult bootstrapping issues when building infrastructure management tooling. Would it be possible to remove the Kubernetes cluster dependency by piecing together the components that Kubernetes itself uses to implement the features needed to support CRDs? This talk explores the process of attempting to do just that through the process of building a minimal and embeddable Kubernetes style API Server with CRD support.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
From Zero to Hero: Outcomes from Cloud-Native El Salvador Community Creation - Raul Flamenco, Acopula Networks & Mauricio Quevedo, KORINVER
People in El Salvador, Honduras and Guatemala leave the region for two reasons: security and lack of opportunities. We want people in those countries to have access to Cloud Native technologies. Our mission is: building the foundation to inspire talent. During the last few months, we have created a virtual space offering resources which help enthusiasts to understand and contribute to open source projects. The pandemic brought many challenges to local preexisting communities but this wasn't our case, we have to opportunity to establish the community in a region where cloud computing technologies are barely known. This talk will share lessons that we learned in our journey to establish a local technical community remotely.
From Zero to Hero: Outcomes from Cloud-Native El Salvador Community Creation - Raul Flamenco, Acopula Networks & Mauricio Quevedo, KORINVER
People in El Salvador, Honduras and Guatemala leave the region for two reasons: security and lack of opportunities. We want people in those countries to have access to Cloud Native technologies. Our mission is: building the foundation to inspire talent. During the last few months, we have created a virtual space offering resources which help enthusiasts to understand and contribute to open source projects. The pandemic brought many challenges to local preexisting communities but this wasn't our case, we have to opportunity to establish the community in a region where cloud computing technologies are barely known. This talk will share lessons that we learned in our journey to establish a local technical community remotely.
- 2 participants
- 17 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Gateway API: A New Set of Kubernetes APIs for Advanced Traffic Routing - Harry Bagdi, Kong Inc. & Rob Scott, Google
Existing networking APIs like Ingress and Service were designed in the very early days of Kubernetes. They got many things right, but it was quite difficult or even impossible to use those APIs for more advanced use cases. This resulted in a proliferation of implementation-specific annotations and custom resources that fragmented the user experience and have proven to be difficult to evolve. The Kubernetes networking SIG has been developing a new set of APIs that aim to solve these problems. The Gateway APIs project defines Kubernetes APIs to configure advanced concepts like traffic splitting, header matching, and load balancing configuration. In this talk, Harry and Rob will provide an overview of these APIs and some insight into the design decisions that have been made along the way. They will demo some of the advanced capabilities of these APIs, showcasing the portability of the APIs across implementations. Finally, they will provide a roadmap for the future of this project.
Gateway API: A New Set of Kubernetes APIs for Advanced Traffic Routing - Harry Bagdi, Kong Inc. & Rob Scott, Google
Existing networking APIs like Ingress and Service were designed in the very early days of Kubernetes. They got many things right, but it was quite difficult or even impossible to use those APIs for more advanced use cases. This resulted in a proliferation of implementation-specific annotations and custom resources that fragmented the user experience and have proven to be difficult to evolve. The Kubernetes networking SIG has been developing a new set of APIs that aim to solve these problems. The Gateway APIs project defines Kubernetes APIs to configure advanced concepts like traffic splitting, header matching, and load balancing configuration. In this talk, Harry and Rob will provide an overview of these APIs and some insight into the design decisions that have been made along the way. They will demo some of the advanced capabilities of these APIs, showcasing the portability of the APIs across implementations. Finally, they will provide a roadmap for the future of this project.
- 2 participants
- 32 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Get In Containerds, We’re Going Securing: Kubernetes SIG Security is Here! - Ian Coldwater, Twilio; Tabitha Sable, Datadog; Savitha Raghunathan, MathWorks; Aaron Small, Invitae
Kubernetes SIG Security is a newer and evolving SIG, and we’re excited to be here and tell you what we’re all about! Come learn about our work on horizontal security initiatives for the Kubernetes project including regular third-party security audits, cross-cutting security documentation, and building bridges both internally and externally to improve the security of the project as a whole. Most importantly, learn how you can get involved. Bring your thoughts, questions, and ideas! Can’t wait to see you there!
Get In Containerds, We’re Going Securing: Kubernetes SIG Security is Here! - Ian Coldwater, Twilio; Tabitha Sable, Datadog; Savitha Raghunathan, MathWorks; Aaron Small, Invitae
Kubernetes SIG Security is a newer and evolving SIG, and we’re excited to be here and tell you what we’re all about! Come learn about our work on horizontal security initiatives for the Kubernetes project including regular third-party security audits, cross-cutting security documentation, and building bridges both internally and externally to improve the security of the project as a whole. Most importantly, learn how you can get involved. Bring your thoughts, questions, and ideas! Can’t wait to see you there!
- 4 participants
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Ghosts in the Runtime: Who Ate My Capabilities and Other Mysteries - Laurent Bernaille & Eric Mountain, Datadog
In the last 3 years Datadog migrated most of its workloads to dozens of Kubernetes clusters, many of which consist of thousands of nodes each. At this scale, our engineers encounter strange and surprising bugs on a regular basis. Some of the most difficult bugs to investigate are those related to the kubelet and its interactions with the container runtime.
In this talk we will share some of our favorite investigations on this front, such as the container image that only worked when built on our laptops, rather than by our CI. You'll leave with a stronger understanding of the low level components that are responsible of a critical task: running your containers.
Ghosts in the Runtime: Who Ate My Capabilities and Other Mysteries - Laurent Bernaille & Eric Mountain, Datadog
In the last 3 years Datadog migrated most of its workloads to dozens of Kubernetes clusters, many of which consist of thousands of nodes each. At this scale, our engineers encounter strange and surprising bugs on a regular basis. Some of the most difficult bugs to investigate are those related to the kubelet and its interactions with the container runtime.
In this talk we will share some of our favorite investigations on this front, such as the container image that only worked when built on our laptops, rather than by our CI. You'll leave with a stronger understanding of the low level components that are responsible of a critical task: running your containers.
- 2 participants
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
GitOps Working Group Update - Cornelia Davis, Weaveworks & Chris Sanders, Microsoft
In late 2020 the GitOps Working Group was formed under the App Delivery SIG. The goal for the WG is to “provide companies and individuals with the skills, knowledge and competency to implement GitOps tooling and methodologies which simplify the operation and management of infrastructure and cloud native applications.” Within days of the announcement more than 60 individuals from more the 30 companies expressed an interest in participating and the working group was launched. The group is meeting these goals through content creation and evangelism – white papers, blog posts, sample applications, demonstrations and more. In this session we will give an update on the working group and we will evangelize. We’ll present agreed upon key principles and practices, and we’ll teach through demonstrations using a variety of CNCF and other OSS projects such as Flux, Argo, Tekton and more. Most importantly, we will present concrete steps that will help folks get started with cloud-native (Git)ops.
GitOps Working Group Update - Cornelia Davis, Weaveworks & Chris Sanders, Microsoft
In late 2020 the GitOps Working Group was formed under the App Delivery SIG. The goal for the WG is to “provide companies and individuals with the skills, knowledge and competency to implement GitOps tooling and methodologies which simplify the operation and management of infrastructure and cloud native applications.” Within days of the announcement more than 60 individuals from more the 30 companies expressed an interest in participating and the working group was launched. The group is meeting these goals through content creation and evangelism – white papers, blog posts, sample applications, demonstrations and more. In this session we will give an update on the working group and we will evangelize. We’ll present agreed upon key principles and practices, and we’ll teach through demonstrations using a variety of CNCF and other OSS projects such as Flux, Argo, Tekton and more. Most importantly, we will present concrete steps that will help folks get started with cloud-native (Git)ops.
- 2 participants
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Graduated Project Lightning Talk: Fluent Bit - Eduardo Silva, Calyptia
Learn about Fluent ecosystem and Fluent Bit best practices for cloud native environments
Graduated Project Lightning Talk: Fluent Bit - Eduardo Silva, Calyptia
Learn about Fluent ecosystem and Fluent Bit best practices for cloud native environments
- 1 participant
- 13 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Graduated Project Lightning Talk: Rook: Enterprise Storage for Kubernetes - Travis Nielsen, Red Hat
All Kubernetes clusters require storage! But how do you configure and manage it? Come catch a glimpse of how Rook provides an enterprise storage platform to the community as an upstream and open-source project, available to any Kubernetes cluster, whether running on-prem or in the cloud. Rook was accepted as a graduated project by the Cloud Native Computing Foundation in October 2020.
Graduated Project Lightning Talk: Rook: Enterprise Storage for Kubernetes - Travis Nielsen, Red Hat
All Kubernetes clusters require storage! But how do you configure and manage it? Come catch a glimpse of how Rook provides an enterprise storage platform to the community as an upstream and open-source project, available to any Kubernetes cluster, whether running on-prem or in the cloud. Rook was accepted as a graduated project by the Cloud Native Computing Foundation in October 2020.
- 1 participant
- 7 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Graduated Project Lightning Talk: Time to Live (TTL) Support for TiKV - Bokang Zhang
Time to live (TTL) is a beneficial feature for developers to invalidate keys automatically. RocksDB supports TTL natively but with a limitation that all keys should be of the same TTL. This may cause inconvenience for developers who may have the demand to set different TTL for each key. This issue happens to TiKV, a distributed key value database built on RocksDB with Raft. To solve it, TiKV team achieved more flexible TTL support in TiKV level instead of using RocksDB’s TTL. In this talk, Bokang Zhang will walk through the TiKV architecture and talk about how they supported TTL in TiKV by leveraging the hook of RocksDB’s compaction filter and user defined properties, and how they made the disk space of TTL key-values recycled in time.
Graduated Project Lightning Talk: Time to Live (TTL) Support for TiKV - Bokang Zhang
Time to live (TTL) is a beneficial feature for developers to invalidate keys automatically. RocksDB supports TTL natively but with a limitation that all keys should be of the same TTL. This may cause inconvenience for developers who may have the demand to set different TTL for each key. This issue happens to TiKV, a distributed key value database built on RocksDB with Raft. To solve it, TiKV team achieved more flexible TTL support in TiKV level instead of using RocksDB’s TTL. In this talk, Bokang Zhang will walk through the TiKV architecture and talk about how they supported TTL in TiKV by leveraging the hook of RocksDB’s compaction filter and user defined properties, and how they made the disk space of TTL key-values recycled in time.
- 1 participant
- 10 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Graduated Project Lightning Talk: Using Trace Data for Monitoring & Alerting of Application Health, not Just Debugging - Albert Teoh
Trace data is ideal for debugging slow or erroneous requests, but how can we find (and be alerted about) these problem “needles” in our “haystack” of requests within our constellation of services and endpoints? A proposal of aggregating trace data into metrics is presented; identifying statistically significant problems such as a consistently slow endpoint, then visualizing these results within Jaeger UI or Grafana.
Graduated Project Lightning Talk: Using Trace Data for Monitoring & Alerting of Application Health, not Just Debugging - Albert Teoh
Trace data is ideal for debugging slow or erroneous requests, but how can we find (and be alerted about) these problem “needles” in our “haystack” of requests within our constellation of services and endpoints? A proposal of aggregating trace data into metrics is presented; identifying statistically significant problems such as a consistently slow endpoint, then visualizing these results within Jaeger UI or Grafana.
- 1 participant
- 9 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Graduated Project Lightning Talk: Vitess, are we Fast Yet? - Akilan Selvacoumar, Florent Poinsard, Planetscale
Vitess is a database clustering system for horizontal scaling of MySQL. Nowadays, performance is a considerable market factor, and things have to go fast and right. With over 23 000 commits, Vitess has to ensure it’s delivering flawless performance to its users. In order to meet this need, we created AreWeFastYet, a benchmarking monitoring tool for Vitess. This talk covers how we track the performance of Vitess and a high-level overview of the benchmarking tools we created.
Graduated Project Lightning Talk: Vitess, are we Fast Yet? - Akilan Selvacoumar, Florent Poinsard, Planetscale
Vitess is a database clustering system for horizontal scaling of MySQL. Nowadays, performance is a considerable market factor, and things have to go fast and right. With over 23 000 commits, Vitess has to ensure it’s delivering flawless performance to its users. In order to meet this need, we created AreWeFastYet, a benchmarking monitoring tool for Vitess. This talk covers how we track the performance of Vitess and a high-level overview of the benchmarking tools we created.
- 2 participants
- 9 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Graduated Project Lightning Talk: containerd Project Update - Derek McGowan
Come to this Lightning Talk to meet containerd's new sub projects.
Graduated Project Lightning Talk: containerd Project Update - Derek McGowan
Come to this Lightning Talk to meet containerd's new sub projects.
- 1 participant
- 8 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Groupless Autoscaling with Karpenter - Ellis Tarn & Prateek Gogia, Amazon
Autoscaling is a powerful technique to improve reliability and save costs. However, configuration of node autoscaling systems is a complex art. Karpenter is an open source, vendor neutral project that enables node autoscaling without the need for configuration and discovery for node groups in any cloud provider. With direct provider integration and out-of-the-box support for common node parameters like architecture, operating systems etc., taints, and labels, Karpenter gets users up and running quickly, while extending cleanly to more complex use cases.
In this session, we'll explore the history of autoscaling and our latest approach to low latency node autoscaling.
Groupless Autoscaling with Karpenter - Ellis Tarn & Prateek Gogia, Amazon
Autoscaling is a powerful technique to improve reliability and save costs. However, configuration of node autoscaling systems is a complex art. Karpenter is an open source, vendor neutral project that enables node autoscaling without the need for configuration and discovery for node groups in any cloud provider. With direct provider integration and out-of-the-box support for common node parameters like architecture, operating systems etc., taints, and labels, Karpenter gets users up and running quickly, while extending cleanly to more complex use cases.
In this session, we'll explore the history of autoscaling and our latest approach to low latency node autoscaling.
- 2 participants
- 36 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Hacking into Kubernetes Security for Beginners - Ellen Körbes, Tilt & Tabitha Sable, Datadog
While Kubernetes can be challenging to newcomers, Kubernetes security overwhelms even the most seasoned professionals. It's a big challenge, so where should you even start? In this talk, Ellen and Tabitha will present an overview of concerns in Kubernetes security. And not only that: they’ll exploit issues along the way! Topics covered will include RBAC, admission control, and vulnerabilities in Kubernetes, Linux, your code, and underlying dependencies. You'll learn a mental framework, see its real-world impact, and leave with the knowledge you need to be able to “look it up, baby."
Hacking into Kubernetes Security for Beginners - Ellen Körbes, Tilt & Tabitha Sable, Datadog
While Kubernetes can be challenging to newcomers, Kubernetes security overwhelms even the most seasoned professionals. It's a big challenge, so where should you even start? In this talk, Ellen and Tabitha will present an overview of concerns in Kubernetes security. And not only that: they’ll exploit issues along the way! Topics covered will include RBAC, admission control, and vulnerabilities in Kubernetes, Linux, your code, and underlying dependencies. You'll learn a mental framework, see its real-world impact, and leave with the knowledge you need to be able to “look it up, baby."
- 2 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Harbor - Enterprise Cloud Native Artifact Registry - Daniel Jiang & Yan Wang, VMware
Harbor is a CNCF graduated project, which help enterprise distribute and manage cloud native artifacts. We’ll use this session to give audience an overview of this project and the community we built around it. We’ll talk about Harbor’s key features and use cases, the latest updates introduced in the most recent release. In addition to that, we’ll give a sneak peek about the development that is working in progress in this project. We’ll also use this session to discuss with the users regarding the challenges the project is facing and share our thoughts on how to tackle them.
Harbor - Enterprise Cloud Native Artifact Registry - Daniel Jiang & Yan Wang, VMware
Harbor is a CNCF graduated project, which help enterprise distribute and manage cloud native artifacts. We’ll use this session to give audience an overview of this project and the community we built around it. We’ll talk about Harbor’s key features and use cases, the latest updates introduced in the most recent release. In addition to that, we’ll give a sneak peek about the development that is working in progress in this project. We’ll also use this session to discuss with the users regarding the challenges the project is facing and share our thoughts on how to tackle them.
- 2 participants
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Helm Users! What Flux 2 Can Do For You - Scott Rigby & Kingdon Barrett, Weaveworks
Helm, the Package manager for Kubernetes. Flux, the GitOps continuous delivery solution for Kubernetes. Both can be used independently, but are more powerful together. Scott Rigby, Helm and Flux maintainer — and Kingdon Barrett, OSS engineer — will share the benefits of Helm and GitOps for developers, with live demos showcasing the extra awesomeness of Flux v2 and Helm together. This talk is for Helm users who have either never used Flux, or Flux v1 users looking forward to new features in Flux v2.
Helm Users! What Flux 2 Can Do For You - Scott Rigby & Kingdon Barrett, Weaveworks
Helm, the Package manager for Kubernetes. Flux, the GitOps continuous delivery solution for Kubernetes. Both can be used independently, but are more powerful together. Scott Rigby, Helm and Flux maintainer — and Kingdon Barrett, OSS engineer — will share the benefits of Helm and GitOps for developers, with live demos showcasing the extra awesomeness of Flux v2 and Helm together. This talk is for Helm users who have either never used Flux, or Flux v1 users looking forward to new features in Flux v2.
- 2 participants
- 37 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Houston, We’ve Got a Problem! : How to Debug your Pipeline in Tekton - Vibhav Bobade & Vincent Demeester, Red Hat
It’s always been nice to have CI/CD as a part of your infrastructure. Nothing better than being able to automate your workflows and have jobs done for you in a timely manner. It would be a shame if your jobs/pipelines break now would it. Now all you need to do is sit and take apart the individual components of your pipeline and figure out where you went wrong. We have all been there. Only if we could debug our Pipelines :) As common as task debugging is in the programming world, in the CI/CD world, it is ridden with complexities of the infrastructure and reiterative approaches which kill time. With Tekton, it is possible to debug your pipelines on the go without stopping/restarting your PipelineRun. Tekton is a Kubernetes based, lightweight, serverless, and an easy to manage CI/CD solution which a user can use to create as well as debug their PipelineRuns at a Step level to understand what is wrong with their pipeline providing a more complete CI/CD solution.
Houston, We’ve Got a Problem! : How to Debug your Pipeline in Tekton - Vibhav Bobade & Vincent Demeester, Red Hat
It’s always been nice to have CI/CD as a part of your infrastructure. Nothing better than being able to automate your workflows and have jobs done for you in a timely manner. It would be a shame if your jobs/pipelines break now would it. Now all you need to do is sit and take apart the individual components of your pipeline and figure out where you went wrong. We have all been there. Only if we could debug our Pipelines :) As common as task debugging is in the programming world, in the CI/CD world, it is ridden with complexities of the infrastructure and reiterative approaches which kill time. With Tekton, it is possible to debug your pipelines on the go without stopping/restarting your PipelineRun. Tekton is a Kubernetes based, lightweight, serverless, and an easy to manage CI/CD solution which a user can use to create as well as debug their PipelineRuns at a Step level to understand what is wrong with their pipeline providing a more complete CI/CD solution.
- 2 participants
- 39 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
How Cloud Native Tech Helped Peloton Ride to Exponential Growth - Jim Haughwout, Vice President of Platform, Peloton
How Cloud Native Tech Helped Peloton Ride to Exponential Growth - Jim Haughwout, Vice President of Platform, Peloton
- 1 participant
- 12 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
How Deutsche Telekom Technik Built Das Schiff for Sailing the Cloud Native Seas - Vuk Gojnic, Squad Lead, Container & Cloud-native Engine, Deutsche Telekom Technik
How Deutsche Telekom Technik Built Das Schiff for Sailing the Cloud Native Seas - Vuk Gojnic, Squad Lead, Container & Cloud-native Engine, Deutsche Telekom Technik
- 1 participant
- 12 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
How DoD Uses K8s and Flux to Achieve Compliance and Deployment Consistency - Michael Medellin & Gordon Tillman, Department of Defense
Like many other organizations, the DoD also started the journey to K8s and had its own challenges. Due to the nature of DoD systems, there are applications that are deployed in a more relaxed environment such as AWS GovCloud and also in a more restricted air-gapped environments with no internet or external connectivity. In the beginning, it was all about manual deployment and operations. By introducing Helm and Flux, DoD moved to a more declarative model where everything is version controlled and deployed by Flux thereby reducing manual operations, improving deployment consistency and also bringing more compliance with regard to change management and application life cycle. This session will walk through the migration steps, what it takes to operate Flux in an air-gapped environment and how we achieved parity when applications are deployed to environments with different constraints.
How DoD Uses K8s and Flux to Achieve Compliance and Deployment Consistency - Michael Medellin & Gordon Tillman, Department of Defense
Like many other organizations, the DoD also started the journey to K8s and had its own challenges. Due to the nature of DoD systems, there are applications that are deployed in a more relaxed environment such as AWS GovCloud and also in a more restricted air-gapped environments with no internet or external connectivity. In the beginning, it was all about manual deployment and operations. By introducing Helm and Flux, DoD moved to a more declarative model where everything is version controlled and deployed by Flux thereby reducing manual operations, improving deployment consistency and also bringing more compliance with regard to change management and application life cycle. This session will walk through the migration steps, what it takes to operate Flux in an air-gapped environment and how we achieved parity when applications are deployed to environments with different constraints.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
How We are Dealing with Metrics at Scale on GitLab.com - Andrew Newdigate, GitLab
As GitLab.com has grown, the number of metrics generated by the application has grown exponentially. Ensuring our team has good quality dashboards and alerting rules was becoming an ever more challenging task. There’s no worse time than experiencing an outage that you expected to have been warned of, only to find out that the alert had been inoperable for months. As an engineer on the infrastructure team supporting GitLab.com, sometimes it felt, during an incident, that we were drowning in data while at the same time struggling to access the most pertinent indicators of the underlying issue. This talk discusses how we are addressing this problem by building up a catalog of key metrics for each component within our application, and then using this definition to automatically generate beautiful Grafana dashboards, rock-solid alerting rules and high-quality SLA indicators. This talk is primarily aimed at Prometheus users, but the fundamentals could be applied to any other metrics system.
How We are Dealing with Metrics at Scale on GitLab.com - Andrew Newdigate, GitLab
As GitLab.com has grown, the number of metrics generated by the application has grown exponentially. Ensuring our team has good quality dashboards and alerting rules was becoming an ever more challenging task. There’s no worse time than experiencing an outage that you expected to have been warned of, only to find out that the alert had been inoperable for months. As an engineer on the infrastructure team supporting GitLab.com, sometimes it felt, during an incident, that we were drowning in data while at the same time struggling to access the most pertinent indicators of the underlying issue. This talk discusses how we are addressing this problem by building up a catalog of key metrics for each component within our application, and then using this definition to automatically generate beautiful Grafana dashboards, rock-solid alerting rules and high-quality SLA indicators. This talk is primarily aimed at Prometheus users, but the fundamentals could be applied to any other metrics system.
- 1 participant
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
How You Can Tell Your Kubernetes Contributor Story with These Tips - Matt Broberg & Chris Short, Red Hat; Kaslin Fields, Google; Peeyush Gupta, DigitalOcean
The Upstream Marketing Working Group began as a vision to connect contributors. It has grown into a set of practices, channels, and bots that unite us all across the Kubernetes community. In this talk, contributors will walk through their experience of learning to tell their own contributor story. In doing so, we will walk through how anyone can write a great story, including key takeaways around narrative, call to action (CTA), structure, and available channels. Along the way, we'll highlight tips to publish a blog, including collaboration with the Blog team, asking for reviewers from Upstream Marketing, and a brief look at relevant SEO practices. Attendees will leave with a formula by which they can share their story of contributing to Kubernetes and encourage others to share their unique and personal experience. Our goal is to inspire the next generation of open source contributors through a broad range of perspectives on what it means to contribute.
How You Can Tell Your Kubernetes Contributor Story with These Tips - Matt Broberg & Chris Short, Red Hat; Kaslin Fields, Google; Peeyush Gupta, DigitalOcean
The Upstream Marketing Working Group began as a vision to connect contributors. It has grown into a set of practices, channels, and bots that unite us all across the Kubernetes community. In this talk, contributors will walk through their experience of learning to tell their own contributor story. In doing so, we will walk through how anyone can write a great story, including key takeaways around narrative, call to action (CTA), structure, and available channels. Along the way, we'll highlight tips to publish a blog, including collaboration with the Blog team, asking for reviewers from Upstream Marketing, and a brief look at relevant SEO practices. Attendees will leave with a formula by which they can share their story of contributing to Kubernetes and encourage others to share their unique and personal experience. Our goal is to inspire the next generation of open source contributors through a broad range of perspectives on what it means to contribute.
- 4 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
How to Break your Kubernetes Cluster with Networking - Thomas Graf, Isovalent
One of the best ways to learn about something is to understand how you can break it. In this talk, we will look at all the different ways you can break your Kubernetes cluster with networking. Learn from this before you learn in production. Misconfigured DNS, DNS, unreliable network protocols and DNS, DNS rate-limiting, network policy side effects, NodePort surprises, MTU and Kubernetes, effects of Kubernetes networking on distributed databases, network rate-limiting effects, bootstrapping race conditions, unexpected service behavior, sudden breakages at scale, and more. The list of potential ways to break your cluster is long. Half a decade of CNI development experience while working with many, many Kubernetes users as a maintainer of one of the leading open-source CNI projects have gone into this talk. It will be fun, you will laugh, and hopefully, in the end, you will avoid some of what others have already experienced.
How to Break your Kubernetes Cluster with Networking - Thomas Graf, Isovalent
One of the best ways to learn about something is to understand how you can break it. In this talk, we will look at all the different ways you can break your Kubernetes cluster with networking. Learn from this before you learn in production. Misconfigured DNS, DNS, unreliable network protocols and DNS, DNS rate-limiting, network policy side effects, NodePort surprises, MTU and Kubernetes, effects of Kubernetes networking on distributed databases, network rate-limiting effects, bootstrapping race conditions, unexpected service behavior, sudden breakages at scale, and more. The list of potential ways to break your cluster is long. Half a decade of CNI development experience while working with many, many Kubernetes users as a maintainer of one of the leading open-source CNI projects have gone into this talk. It will be fun, you will laugh, and hopefully, in the end, you will avoid some of what others have already experienced.
- 1 participant
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
I Can RBAC, and So Can You! - Marc Boorshtein, Tremolo Security, Inc.
This session takes the sharp edges off of Role Based Access Controls in Kubernetes and demystifies how to design and debug policies in both single tenant and multi-tenant clusters. This session will start with a quick overview of how Kubernetes integrates identity, how that identity is applied to authorization, and finally different strategies for automating authorizations in a cluster. This session will cover policy creation, debugging, aggregate role design, and automation. We'll also touch on the impacts of external systems that control your clusters, such as GitOps controllers. After this session attendees will have a clearer direction on how to approach authorizations in their clusters,
I Can RBAC, and So Can You! - Marc Boorshtein, Tremolo Security, Inc.
This session takes the sharp edges off of Role Based Access Controls in Kubernetes and demystifies how to design and debug policies in both single tenant and multi-tenant clusters. This session will start with a quick overview of how Kubernetes integrates identity, how that identity is applied to authorization, and finally different strategies for automating authorizations in a cluster. This session will cover policy creation, debugging, aggregate role design, and automation. We'll also touch on the impacts of external systems that control your clusters, such as GitOps controllers. After this session attendees will have a clearer direction on how to approach authorizations in their clusters,
- 1 participant
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Improving the Impact of Diversity Initiatives in Africa - Abubakar Siddiq Ango, GitLab
Africa as a whole is making giant strides in terms of technology adoption but job and educational opportunities remain scarce. Not everyone has the chance to be in the right place at the right time to access these opportunities.. Thankfully, alot of organizations have been creating new initiatives and programs to help Africans better access these opportunities. Despite these new intiatives, the impact has been limited. It will take more time and continued investment for them to generate a meaningful impact. . Some of these programs also struggle from a lack of experienced leadership, an inability to target the right audience, and unreasonable expectations. In this talk, Abubakar will be sharing how we can improve the success of outreach in Africa by approaching Africa as a continent and not as a single entity, how to reach the right audience, and how to get traction for your diversity programs.
Improving the Impact of Diversity Initiatives in Africa - Abubakar Siddiq Ango, GitLab
Africa as a whole is making giant strides in terms of technology adoption but job and educational opportunities remain scarce. Not everyone has the chance to be in the right place at the right time to access these opportunities.. Thankfully, alot of organizations have been creating new initiatives and programs to help Africans better access these opportunities. Despite these new intiatives, the impact has been limited. It will take more time and continued investment for them to generate a meaningful impact. . Some of these programs also struggle from a lack of experienced leadership, an inability to target the right audience, and unreasonable expectations. In this talk, Abubakar will be sharing how we can improve the success of outreach in Africa by approaching Africa as a continent and not as a single entity, how to reach the right audience, and how to get traction for your diversity programs.
- 2 participants
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Inside Kubernetes Networking - Dominik Tornow, Cisco
Kubernetes Networking is a core abstraction of Kubernetes: At the core, the Kubernetes Networking Model guarantees that all Kubernetes Pods on a cluster can communicate. On top of the Kubernetes Network Model, Kubernetes provides additional core abstractions, most notably Kubernetes Services and Kubernetes Ingress. Although K8s Networking is an essential aspect of every K8s Cluster and by extension every K8s Application, even experienced K8s users struggle to reason about K8s Networking end-to-end. Using a systems modeling approach, this presentation will provide a holistic mental model of K8s Networking - integrating Pod-to-Pod communication, Pod-to-Service communication, and Ingress, applicable to all CNI implementations. Walk away with a dependable, holistic understanding of the entire network stack, fill in the blanks and connect the dots between Kubernetes Networking, Kubernetes Services, and Kubernetes Ingress.
Inside Kubernetes Networking - Dominik Tornow, Cisco
Kubernetes Networking is a core abstraction of Kubernetes: At the core, the Kubernetes Networking Model guarantees that all Kubernetes Pods on a cluster can communicate. On top of the Kubernetes Network Model, Kubernetes provides additional core abstractions, most notably Kubernetes Services and Kubernetes Ingress. Although K8s Networking is an essential aspect of every K8s Cluster and by extension every K8s Application, even experienced K8s users struggle to reason about K8s Networking end-to-end. Using a systems modeling approach, this presentation will provide a holistic mental model of K8s Networking - integrating Pod-to-Pod communication, Pod-to-Service communication, and Ingress, applicable to all CNI implementations. Walk away with a dependable, holistic understanding of the entire network stack, fill in the blanks and connect the dots between Kubernetes Networking, Kubernetes Services, and Kubernetes Ingress.
- 1 participant
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Intro + DeepDive: Kubernetes Cloud Provider Project for IBM Cloud - Sahdev Zala & Richard Theis, IBM
In this session, the project leads will provide an overview of the IBM Cloud Provider subproject, its activities, and learning resources. The introduction will be followed by the newly added support in Kubernetes IBM Cluster API Provider for IBM VPC Gen 2 and PowerVS. The session will also deep dive into the IBM Cloud Provider and provide updates on the general Cloud Provider SIG. This session will be of value to a broad audience including active contributors, new contributors, and those with an interest in the IBM Cloud Provider features and capabilities or the Kubernetes Cloud Provider in general.
Intro + DeepDive: Kubernetes Cloud Provider Project for IBM Cloud - Sahdev Zala & Richard Theis, IBM
In this session, the project leads will provide an overview of the IBM Cloud Provider subproject, its activities, and learning resources. The introduction will be followed by the newly added support in Kubernetes IBM Cluster API Provider for IBM VPC Gen 2 and PowerVS. The session will also deep dive into the IBM Cloud Provider and provide updates on the general Cloud Provider SIG. This session will be of value to a broad audience including active contributors, new contributors, and those with an interest in the IBM Cloud Provider features and capabilities or the Kubernetes Cloud Provider in general.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Intro and Deep Dive: Kubernetes SIG Instrumentation - Frederic Branczyk, Polar Signals
Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. We will begin with an introductory overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. This deep dive session will go in detail currently ongoing efforts happening within SIG Instrumentation to share with the audience concrete pieces of work to encourage future collaboration. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make instrumentation even better!
Intro and Deep Dive: Kubernetes SIG Instrumentation - Frederic Branczyk, Polar Signals
Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. We will begin with an introductory overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. This deep dive session will go in detail currently ongoing efforts happening within SIG Instrumentation to share with the audience concrete pieces of work to encourage future collaboration. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make instrumentation even better!
- 1 participant
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Intro to KubeEdge: Kubernetes Native Edge Computing Framework - Kevin (Zefeng) Wang, Huawei Technologies Co., Ltd.
KubeEdge is an open source edge computing framework that extends the power of kubernetes from central cloud to edge. In the year 2020, KubeEdge made big progress on user adoption, community development, cross-community collaborations and successfully moved to incubation level. In this talk, Kevin will review KubeEdge motivation, architecture; then go through latest updates on new features, user adoptions, SIG updates and new subprojects. After that Kevin will introduce where the project is heading to, updated project roadmap and how new contributors to get involved. There will be an open Q&A for attendees to ask questions.
Intro to KubeEdge: Kubernetes Native Edge Computing Framework - Kevin (Zefeng) Wang, Huawei Technologies Co., Ltd.
KubeEdge is an open source edge computing framework that extends the power of kubernetes from central cloud to edge. In the year 2020, KubeEdge made big progress on user adoption, community development, cross-community collaborations and successfully moved to incubation level. In this talk, Kevin will review KubeEdge motivation, architecture; then go through latest updates on new features, user adoptions, SIG updates and new subprojects. After that Kevin will introduce where the project is heading to, updated project roadmap and how new contributors to get involved. There will be an open Q&A for attendees to ask questions.
- 1 participant
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Introduction and Deep Dive Into Containerd - Kohei Tokunaga & Akihiro Suda, NTT Corporation
Join containerd maintainers and reviewers in a combined introduction and deep dive session. They will discuss the overview and the recent updates of containerd as well as how it is being used by Kubernetes, Docker and other container-based systems. The brief introduction about its architecture and service design will be included. The talk will also deep dive into how to leverage contained by extending and customizing it for your use case with low-level plugins like remote snapshotters, as well as by implementing your own containerd client. Upcoming features and recent discussion in containerd community will also be covered.
Introduction and Deep Dive Into Containerd - Kohei Tokunaga & Akihiro Suda, NTT Corporation
Join containerd maintainers and reviewers in a combined introduction and deep dive session. They will discuss the overview and the recent updates of containerd as well as how it is being used by Kubernetes, Docker and other container-based systems. The brief introduction about its architecture and service design will be included. The talk will also deep dive into how to leverage contained by extending and customizing it for your use case with low-level plugins like remote snapshotters, as well as by implementing your own containerd client. Upcoming features and recent discussion in containerd community will also be covered.
- 2 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Introduction to Cloud Native Buildpacks - Stephen Levine, VMware & Jesse Brown, Salesforce
Cloud Native Buildpacks transform your application source code into images that can run on any cloud. In this session you'll learn the basics of using buildpacks, and why they make a great choice over the alternatives.
Introduction to Cloud Native Buildpacks - Stephen Levine, VMware & Jesse Brown, Salesforce
Cloud Native Buildpacks transform your application source code into images that can run on any cloud. In this session you'll learn the basics of using buildpacks, and why they make a great choice over the alternatives.
- 2 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Isolate the Users! Supporting User Namespaces in K8s for Increased Security - Mauricio Vásquez, Kinvolk
Running a process as root inside containers is a security risk: if such a process is able to break out of the container into the host, it can cause considerable damage as it will be running as a privileged user there. The good news is that Linux has a solution for this problem: user namespaces isolate user and group IDs, so a process running as root in a container runs as non-root in the host. The bad news is that Kubernetes doesn’t yet support user namespaces. So, we created a Kubernetes Enhancement Proposal (KEP-127) with a plan to bring this support to a future release. We also implemented a prototype of this idea in Kubernetes and containerd. In this talk, I’ll introduce user namespaces and how they can increase the security of a Kubernetes cluster. I’ll explain how we are working with the community to bring this support to Kubernetes, the challenges we are facing, in particular with volumes, and how different approaches like shiftfs and idmapped mounts are trying to fix them.
Isolate the Users! Supporting User Namespaces in K8s for Increased Security - Mauricio Vásquez, Kinvolk
Running a process as root inside containers is a security risk: if such a process is able to break out of the container into the host, it can cause considerable damage as it will be running as a privileged user there. The good news is that Linux has a solution for this problem: user namespaces isolate user and group IDs, so a process running as root in a container runs as non-root in the host. The bad news is that Kubernetes doesn’t yet support user namespaces. So, we created a Kubernetes Enhancement Proposal (KEP-127) with a plan to bring this support to a future release. We also implemented a prototype of this idea in Kubernetes and containerd. In this talk, I’ll introduce user namespaces and how they can increase the security of a Kubernetes cluster. I’ll explain how we are working with the community to bring this support to Kubernetes, the challenges we are facing, in particular with volumes, and how different approaches like shiftfs and idmapped mounts are trying to fix them.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Jaeger Intro and Deep Dive - Prithvi Raj, Uber & Joe Elliott, Grafana Labs
In this session we will cover both introductory and deep dive material for the Jaeger distributed tracing backend. For intro we will review methods of getting started installing Jaeger and the basics of distributed tracing. For the deep dive we will be discuss the future of Jaeger built on top of the OpenTelemetry collector and what that means for Jaeger architecture, future development and features. Jaeger is the most popular open source distributed tracing backend. Whether your goal is to get acquainted with Jaeger and distributed tracing or to keep abreast with the latest and greatest, please join us!
Jaeger Intro and Deep Dive - Prithvi Raj, Uber & Joe Elliott, Grafana Labs
In this session we will cover both introductory and deep dive material for the Jaeger distributed tracing backend. For intro we will review methods of getting started installing Jaeger and the basics of distributed tracing. For the deep dive we will be discuss the future of Jaeger built on top of the OpenTelemetry collector and what that means for Jaeger architecture, future development and features. Jaeger is the most popular open source distributed tracing backend. Whether your goal is to get acquainted with Jaeger and distributed tracing or to keep abreast with the latest and greatest, please join us!
- 2 participants
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
K8s Labels Everywhere! Decluttering With Node Profile Discovery. - Conor Nolan & Dave Cremins, Intel
A recent CNCF community survey showed that 57% of respondents have 100+ machines in their fleet and 17% have more than 5000 machines (including VM, bare metal etc.). When managing such broad and diverse clusters, variations in node capabilities and features are inevitable. So how exactly are individual features tracked on a node-by-node basis? Node Feature Discovery (NFD) is commonly used for basic feature discovery and labelling across a Kubernetes cluster. This talk, however, introduces a new component: Node Profile Discovery (NPD). NPD provides an extra layer of abstraction from NFD, alleviating the burden of managing individual features. NPD is designed to work in conjunction with NFD, aggregating individual features into higher level profiles and applying these profiles to suitable nodes. This talk will show how NPD can make life easier for application developers and sys-admins alike.
K8s Labels Everywhere! Decluttering With Node Profile Discovery. - Conor Nolan & Dave Cremins, Intel
A recent CNCF community survey showed that 57% of respondents have 100+ machines in their fleet and 17% have more than 5000 machines (including VM, bare metal etc.). When managing such broad and diverse clusters, variations in node capabilities and features are inevitable. So how exactly are individual features tracked on a node-by-node basis? Node Feature Discovery (NFD) is commonly used for basic feature discovery and labelling across a Kubernetes cluster. This talk, however, introduces a new component: Node Profile Discovery (NPD). NPD provides an extra layer of abstraction from NFD, alleviating the burden of managing individual features. NPD is designed to work in conjunction with NFD, aggregating individual features into higher level profiles and applying these profiles to suitable nodes. This talk will show how NPD can make life easier for application developers and sys-admins alike.
- 2 participants
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Keynote: CNCF Project Update: Flux - Stefan Prodan, Developer Experience Engineer, Weaveworks
Keynote: CNCF Project Update: Flux - Stefan Prodan, Developer Experience Engineer, Weaveworks
- 1 participant
- 10 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes Advanced Networking Testing with KIND - Antonio Ojea, RedHat
Kubernetes project evolution and its ecosystem is demanding new and more complex network requirements: multi-cluster and multi-zone connectivity, service topology awareness, traffic engineering, quality of service, ... KIND is a tool for running local multi-node Kubernetes clusters using Linux containers, it leverages current Linux networking capablities to emulate the cluster networking in a nested environment. This flexibility can be used to emulate more complex scenarios, let's go through some of these Kubernetes networking scenarios, and demonstrate how to use KIND to emulate and test them.
Kubernetes Advanced Networking Testing with KIND - Antonio Ojea, RedHat
Kubernetes project evolution and its ecosystem is demanding new and more complex network requirements: multi-cluster and multi-zone connectivity, service topology awareness, traffic engineering, quality of service, ... KIND is a tool for running local multi-node Kubernetes clusters using Linux containers, it leverages current Linux networking capablities to emulate the cluster networking in a nested environment. This flexibility can be used to emulate more complex scenarios, let's go through some of these Kubernetes networking scenarios, and demonstrate how to use KIND to emulate and test them.
- 2 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes Data Protection WG Intro and Deep Dive - Xing Yang, VMware & Xiangqian Yu, Google
Data Protection WG is dedicated to promoting data protection support in Kubernetes. The Working Group is working on identifying missing functionalities and collaborating across multiple SIGs to design features to enable data protection in Kubernetes. In this session, the co-chairs of this WG will discuss what is the current state of data protection in Kubernetes and where it is heading in the future. They will also talk about how interested parties (including backup and storage vendors, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.
Kubernetes Data Protection WG Intro and Deep Dive - Xing Yang, VMware & Xiangqian Yu, Google
Data Protection WG is dedicated to promoting data protection support in Kubernetes. The Working Group is working on identifying missing functionalities and collaborating across multiple SIGs to design features to enable data protection in Kubernetes. In this session, the co-chairs of this WG will discuss what is the current state of data protection in Kubernetes and where it is heading in the future. They will also talk about how interested parties (including backup and storage vendors, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.
- 2 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes IoT Edge WG: Intro to K8s at Edge + Device Connection Options - Steven Wong, VMware & Dejan Bosanac, Red Hat
The K8s IoT Edge working group focuses on using Kubernetes as a tool to support applications running on, communicating with, or using information gathered from edge devices. LoRa has been getting attention as a connection technology featuring long-range communication at low cost (power and financial). This session will open with an introduction to LoRa along with the associated LoRaWAN protocol. What can it do? How does it compare to alternatives (WIFI, BLE and LTE, others). We’ll also talk about the open source “Drogue cloud” project which can support LoraWAN, and other connections, between devices and Kubernetes hosted apps and services. The presentation will include a demo. There are opportunities to contribute to the evolution of Kubernetes to better serve edge use cases. We will close with details on how you can get involved with the community effort to help this happen.
Kubernetes IoT Edge WG: Intro to K8s at Edge + Device Connection Options - Steven Wong, VMware & Dejan Bosanac, Red Hat
The K8s IoT Edge working group focuses on using Kubernetes as a tool to support applications running on, communicating with, or using information gathered from edge devices. LoRa has been getting attention as a connection technology featuring long-range communication at low cost (power and financial). This session will open with an introduction to LoRa along with the associated LoRaWAN protocol. What can it do? How does it compare to alternatives (WIFI, BLE and LTE, others). We’ll also talk about the open source “Drogue cloud” project which can support LoraWAN, and other connections, between devices and Kubernetes hosted apps and services. The presentation will include a demo. There are opportunities to contribute to the evolution of Kubernetes to better serve edge use cases. We will close with details on how you can get involved with the community effort to help this happen.
- 2 participants
- 33 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes Project Update - Stephen Augustus, KubeCon + CloudNativeCon Europe 2021 Co-Chair & Head of Open Source, Emerging Technologies & Incubation Division, Cisco
Kubernetes Project Update - Stephen Augustus, KubeCon + CloudNativeCon Europe 2021 Co-Chair & Head of Open Source, Emerging Technologies & Incubation Division, Cisco
- 1 participant
- 18 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes SIG Node Intro and Deep Dive - Elana Hashman, Red Hat & Sergey Kanzhelev, Google
Kubernetes SIG Node is responsible for components that control interactions between pods and host resources, including the Kubelet, Container Runtime Interface (CRI), and Node API. SIG Node is responsible for the Pod’s lifecycle from allocation to teardown, to liveness checks and shared resource management. We work with the various container runtimes, kernels, networking, storage, and more; anything a pod touches is SIG Node’s responsibility! In this session, we will begin with an introductory overview of the SIG and what it has worked on in the past. We will then deep dive into ongoing efforts of the SIG, including features targeted for the 1.21 and 1.22 releases and future roadmap. Join this session to learn more about our SIG, and how you might get involved to make Node even better!
Kubernetes SIG Node Intro and Deep Dive - Elana Hashman, Red Hat & Sergey Kanzhelev, Google
Kubernetes SIG Node is responsible for components that control interactions between pods and host resources, including the Kubelet, Container Runtime Interface (CRI), and Node API. SIG Node is responsible for the Pod’s lifecycle from allocation to teardown, to liveness checks and shared resource management. We work with the various container runtimes, kernels, networking, storage, and more; anything a pod touches is SIG Node’s responsibility! In this session, we will begin with an introductory overview of the SIG and what it has worked on in the past. We will then deep dive into ongoing efforts of the SIG, including features targeted for the 1.21 and 1.22 releases and future roadmap. Join this session to learn more about our SIG, and how you might get involved to make Node even better!
- 2 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes SIG-Storage Intro and Update - Xing Yang, VMware & Jan Šafránek, Red Hat
Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled, storage capacity management (container ephemeral storage usage, volume resizing, etc.), influencing scheduling of containers based on storage (data gravity, availability, etc.), and generic operations on storage (snapshotting, etc.). In this session, we will give an introduction to SIG Storage and then deep dive into some projects that SIG Storage is currently working on, provide an update on the current status, and discuss what might be coming in the future.
Kubernetes SIG-Storage Intro and Update - Xing Yang, VMware & Jan Šafránek, Red Hat
Kubernetes SIG Storage is responsible for ensuring that different types of file and block storage are available wherever a container is scheduled, storage capacity management (container ephemeral storage usage, volume resizing, etc.), influencing scheduling of containers based on storage (data gravity, availability, etc.), and generic operations on storage (snapshotting, etc.). In this session, we will give an introduction to SIG Storage and then deep dive into some projects that SIG Storage is currently working on, provide an update on the current status, and discuss what might be coming in the future.
- 2 participants
- 26 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes VMware UG: What’s New for K8s Users on VMware Infrastructure - Steven Wong & Myles Gray, VMware
The K8s VMware User Group exists to serve users, and authors of tooling and support applications for running K8s on vSphere and desktop hypervisors. Agenda: -Users who initially deployed K8s using the legacy in-tree cloud provider and storage plugins have already received a deprecation warning and will be facing a migration in the 1.22-1.24 release timeframe - we'll cover what this means for those affected. -Recent and upcoming features and changes. -Top 3 under-recognized do’s and don’t’s for K8s on vSphere. -How to get involved in the User Group, to meet other users, and share advice and experiences.
Kubernetes VMware UG: What’s New for K8s Users on VMware Infrastructure - Steven Wong & Myles Gray, VMware
The K8s VMware User Group exists to serve users, and authors of tooling and support applications for running K8s on vSphere and desktop hypervisors. Agenda: -Users who initially deployed K8s using the legacy in-tree cloud provider and storage plugins have already received a deprecation warning and will be facing a migration in the 1.22-1.24 release timeframe - we'll cover what this means for those affected. -Recent and upcoming features and changes. -Top 3 under-recognized do’s and don’t’s for K8s on vSphere. -How to get involved in the User Group, to meet other users, and share advice and experiences.
- 1 participant
- 16 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes on Windows - A Journey - Jerry Lozano, RX-M LLC
Kubernetes is almost always used in a Linux environment. Tutorials and examples, regardless of hardware platform, always run some distribution of Linux. Yet since 1.14, Kubernetes worker nodes are actively supported on Windows. This session describes one developer’s journey of designing, developing, installing, and deploying Kubernetes on modern Windows Server. The need for microservice implementations on Windows is just as valid as it is on Linux. Windows Server is hosted on at least 3-times the number of servers in use in the world and market share is still increasing (Statista). Most of these servers run enterprise applications that must meet the requirements for scalability, availability, and maintainability that any modern application faces. This session describes the benefits of hosting Kubernetes nodes on Windows Server, similarities and differences from execution on Linux, and lessons learned when implementing a microservice application with the Windows infrastructure.
Kubernetes on Windows - A Journey - Jerry Lozano, RX-M LLC
Kubernetes is almost always used in a Linux environment. Tutorials and examples, regardless of hardware platform, always run some distribution of Linux. Yet since 1.14, Kubernetes worker nodes are actively supported on Windows. This session describes one developer’s journey of designing, developing, installing, and deploying Kubernetes on modern Windows Server. The need for microservice implementations on Windows is just as valid as it is on Linux. Windows Server is hosted on at least 3-times the number of servers in use in the world and market share is still increasing (Statista). Most of these servers run enterprise applications that must meet the requirements for scalability, availability, and maintainability that any modern application faces. This session describes the benefits of hosting Kubernetes nodes on Windows Server, similarities and differences from execution on Linux, and lessons learned when implementing a microservice application with the Windows infrastructure.
- 1 participant
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Lessons Learned Deploying Traditional Web Applications on Top of Kubernetes - Marcos Bjoerkelund, VMware
Traditional web applications are still very popular among developers, and it is unlikely that this will change over the course of the next few years. Deploying these applications on top of Kubernetes is a challenge as they are not usually designed to be run in such environments. In this session, you will learn from Bitnami’s experience how best to make your traditional web application run on Kubernetes. Attend this session to see a step by step guide on how you can create a container image for a traditional application, build its configuration scripts, and run it on Kubernetes with a Helm template. We will also talk about some of the challenges you may face, such as supporting for scaling or automatic application updates, and ways to solve them.
Lessons Learned Deploying Traditional Web Applications on Top of Kubernetes - Marcos Bjoerkelund, VMware
Traditional web applications are still very popular among developers, and it is unlikely that this will change over the course of the next few years. Deploying these applications on top of Kubernetes is a challenge as they are not usually designed to be run in such environments. In this session, you will learn from Bitnami’s experience how best to make your traditional web application run on Kubernetes. Attend this session to see a step by step guide on how you can create a container image for a traditional application, build its configuration scripts, and run it on Kubernetes with a Helm template. We will also talk about some of the challenges you may face, such as supporting for scaling or automatic application updates, and ways to solve them.
- 1 participant
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Lessons Learned from Operating ETCD - Pierre Zemb, OVHcloud
OVHcloud is the biggest European cloud provider. From dedicated servers to Managed Kubernetes, from VMware® based Hosted Private Cloud to OpenStack-based Public Cloud, we have over 1.4 million customers worldwide. Because of our Kubinception design(using Kubernetes to run Kubernetes), we are putting hundreds of customers in an ETCD cluster. This design is great to easily spawn control-planes for customers, but it is also putting a lot of pressure on ETCD. To keep it healthy while growing up constantly, we had to learn many things about how ETCD works under the hood and how we can operate it efficiently. In this talk, you will have the insights of how we are operating our ETCD clusters. We will tell you our journey to use ETCD, from our observability to deployments and management, what did work and what did not.
Lessons Learned from Operating ETCD - Pierre Zemb, OVHcloud
OVHcloud is the biggest European cloud provider. From dedicated servers to Managed Kubernetes, from VMware® based Hosted Private Cloud to OpenStack-based Public Cloud, we have over 1.4 million customers worldwide. Because of our Kubinception design(using Kubernetes to run Kubernetes), we are putting hundreds of customers in an ETCD cluster. This design is great to easily spawn control-planes for customers, but it is also putting a lot of pressure on ETCD. To keep it healthy while growing up constantly, we had to learn many things about how ETCD works under the hood and how we can operate it efficiently. In this talk, you will have the insights of how we are operating our ETCD clusters. We will tell you our journey to use ETCD, from our observability to deployments and management, what did work and what did not.
- 1 participant
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Lightning Talk: Parsec - Marc Meunier, Arm
Parsec, a security project at the CNCF is maturing and expanding. In today’s talk, Marc will go over the Parsec project and discuss the latest updates and roadmap. In the presentation, there are references to a newly published tutorial as well as a demo that walks through a multi-tenancy implementation.
Lightning Talk: Parsec - Marc Meunier, Arm
Parsec, a security project at the CNCF is maturing and expanding. In today’s talk, Marc will go over the Parsec project and discuss the latest updates and roadmap. In the presentation, there are references to a newly published tutorial as well as a demo that walks through a multi-tenancy implementation.
- 1 participant
- 10 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Linkerd vs. COVID-19: Addressing the global Pandemic with a Service Mesh - William Morgan, Chief Executive Officer, Buoyant
Linkerd vs. COVID-19: Addressing the global Pandemic with a Service Mesh - William Morgan, Chief Executive Officer, Buoyant
- 1 participant
- 9 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Live Experiments with K8s Applications: Pitfalls and How to Avoid Them - Fabio Oliveira & Srinivasan Parthasarathy, IBM Research
Your K8s apps are instrumented for observability. You are using ingress controllers/service meshes in your production K8s cluster and can shift traffic between different versions of your app. You wish to take your CI/CD to the next level by introducing metrics-driven automated rollouts using live experiments like canary, A/B, and A/B/n comparisons. What could go wrong? We demonstrate how subtle differences in the design of the experiment---how metrics are collected, queried, and used; the traffic shifting policy; the number of requests sent to different versions during the experiment and its duration; and when/how it is terminated---can lead to dramatically different outcomes, and in turn, directly impact the version of the app chosen to run in production. We also discuss simple and statistically effective remedies for the above problem, so that experiments become repeatable and their outcomes are more accurate and trustworthy.
Live Experiments with K8s Applications: Pitfalls and How to Avoid Them - Fabio Oliveira & Srinivasan Parthasarathy, IBM Research
Your K8s apps are instrumented for observability. You are using ingress controllers/service meshes in your production K8s cluster and can shift traffic between different versions of your app. You wish to take your CI/CD to the next level by introducing metrics-driven automated rollouts using live experiments like canary, A/B, and A/B/n comparisons. What could go wrong? We demonstrate how subtle differences in the design of the experiment---how metrics are collected, queried, and used; the traffic shifting policy; the number of requests sent to different versions during the experiment and its duration; and when/how it is terminated---can lead to dramatically different outcomes, and in turn, directly impact the version of the app chosen to run in production. We also discuss simple and statistically effective remedies for the above problem, so that experiments become repeatable and their outcomes are more accurate and trustworthy.
- 2 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Log Support in OpenTelemetry - Steve Flanders, Splunk
OpenTelemetry’s charter is to provide an observability framework for cloud-native software. Its goal is to provide full support for traces, metrics, and logs and provide a single implementation that can be leveraged. Traces have already reached a stable maturity level and metrics are well on their way. While logs were outside the GA scope of the project, they are an important data source and initial work has already kicked off to support them. - An initial data model has been accepted by the project - An initial implementation exists in the Java client library - Initial support has been added to the collector End users are interested in the plans for logs in OpenTelemetry. Will logging client libraries be introduced? Will native logging capabilities be added to the collector? How do context and resources work with logs? This session will dive into these topics to explain the current state and future direction. A demo of the current capabilities will be provided.
Log Support in OpenTelemetry - Steve Flanders, Splunk
OpenTelemetry’s charter is to provide an observability framework for cloud-native software. Its goal is to provide full support for traces, metrics, and logs and provide a single implementation that can be leveraged. Traces have already reached a stable maturity level and metrics are well on their way. While logs were outside the GA scope of the project, they are an important data source and initial work has already kicked off to support them. - An initial data model has been accepted by the project - An initial implementation exists in the Java client library - Initial support has been added to the collector End users are interested in the plans for logs in OpenTelemetry. Will logging client libraries be introduced? Will native logging capabilities be added to the collector? How do context and resources work with logs? This session will dive into these topics to explain the current state and future direction. A demo of the current capabilities will be provided.
- 1 participant
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Maintainer Q&A - Matt Klein, Lyft
Open Q&A with Envoy maintainers. Come and ask questions and we will answer them live!
Maintainer Q&A - Matt Klein, Lyft
Open Q&A with Envoy maintainers. Come and ask questions and we will answer them live!
- 1 participant
- 34 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Maximizing Workload's Performance With Smarter Runtimes - Krisztian Litkey & Alexander Kanevskiy, Intel
Mitigating noisy neighbours in the world of containers is not an easy task. There are several solutions exists and many of those have own limitations. This presentation will be focusing on exploring new ways of innovations for container runtimes that helps get maximum performance and resource utilisation without modifications of the workloads. In this talk we are planning to briefly cover existing extension points for containerd and CRI-O, talk about new ideas from NRI proposal, as well as covering evolution of dynamic resource usage optimisations in our project CRI-Resource-Manager. We want to share our experience on dealing with heterogenous CPU resources, multi-tiered Memory, Caches, Memory Bandwidth and Block I/O usage. We want to demonstrate how using various metrics and hints provided by Linux kernel can lead to improvements of workload performance and dynamic hardware resource utilisation optimisations.
Maximizing Workload's Performance With Smarter Runtimes - Krisztian Litkey & Alexander Kanevskiy, Intel
Mitigating noisy neighbours in the world of containers is not an easy task. There are several solutions exists and many of those have own limitations. This presentation will be focusing on exploring new ways of innovations for container runtimes that helps get maximum performance and resource utilisation without modifications of the workloads. In this talk we are planning to briefly cover existing extension points for containerd and CRI-O, talk about new ideas from NRI proposal, as well as covering evolution of dynamic resource usage optimisations in our project CRI-Resource-Manager. We want to share our experience on dealing with heterogenous CPU resources, multi-tiered Memory, Caches, Memory Bandwidth and Block I/O usage. We want to demonstrate how using various metrics and hints provided by Linux kernel can lead to improvements of workload performance and dynamic hardware resource utilisation optimisations.
- 2 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Mental Health In Unprecedented Times - Dr. Jennifer Akullian, Growth Coaching Institute
We work in a demanding industry with unusually high expectations; one that has normalized long hours and burnout. Innovation has a high frequency of failure, that we have been conditioned to personalize. Add normal life stressors, add a global pandemic… How these challenges impact our mental, cognitive and physical functioning, our ability to perform at work and in life, our behavior and well-being, (*everything* that makes us human), needs to be discussed openly now more than ever. In a society where this topic has been neglected for ages, it's time to bring it to the forefront of discussion. Let's get it started.
Mental Health In Unprecedented Times - Dr. Jennifer Akullian, Growth Coaching Institute
We work in a demanding industry with unusually high expectations; one that has normalized long hours and burnout. Innovation has a high frequency of failure, that we have been conditioned to personalize. Add normal life stressors, add a global pandemic… How these challenges impact our mental, cognitive and physical functioning, our ability to perform at work and in life, our behavior and well-being, (*everything* that makes us human), needs to be discussed openly now more than ever. In a society where this topic has been neglected for ages, it's time to bring it to the forefront of discussion. Let's get it started.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Minikube and Three Different Local Kubernetes Learning Environments - Anders Björklund & Predrag Rogic
We will do an Introduction to the Minikube project for running Kubernetes locally, including an updated development roadmap. Users will learn what is new with the project, and how they can contribute to it and get started wtih learning Kubernetes. The Deep Dive will be going into the three different environments that Minikube supports: Hypervisor, Container and Bare Metal There will be details about the pros and cons of each, and some suggestions and where you would choose one over the other...
Minikube and Three Different Local Kubernetes Learning Environments - Anders Björklund & Predrag Rogic
We will do an Introduction to the Minikube project for running Kubernetes locally, including an updated development roadmap. Users will learn what is new with the project, and how they can contribute to it and get started wtih learning Kubernetes. The Deep Dive will be going into the three different environments that Minikube supports: Hypervisor, Container and Bare Metal There will be details about the pros and cons of each, and some suggestions and where you would choose one over the other...
- 2 participants
- 33 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Multi-Cluster Service Deployments with Operators and KubeCarrier - Rastislav Szabó, Kubermatic
Complex application services consisting of multiple interconnected components can benefit from deployment in multiple Kubernetes clusters: Examples include for instance running the application core at a cloud provider and the database with sensitive data in a on-premises cluster or running computational-intensive tasks in a cluster with specialized hardware resources (e.g. GPUs) at the same time. This approach however brings several challenges. How can we interconnect the clusters so that the applications in different clusters can communicate with each other easily? How to allow for multi-tenancy and easily spin up multiple instances of such services in the same clusters? In this talk, you will learn how such a deployment may look like with the help of Kubernetes operators, the KubeCarrier service hub and the Submariner cross-cluster connectivity provider.
Multi-Cluster Service Deployments with Operators and KubeCarrier - Rastislav Szabó, Kubermatic
Complex application services consisting of multiple interconnected components can benefit from deployment in multiple Kubernetes clusters: Examples include for instance running the application core at a cloud provider and the database with sensitive data in a on-premises cluster or running computational-intensive tasks in a cluster with specialized hardware resources (e.g. GPUs) at the same time. This approach however brings several challenges. How can we interconnect the clusters so that the applications in different clusters can communicate with each other easily? How to allow for multi-tenancy and easily spin up multiple instances of such services in the same clusters? In this talk, you will learn how such a deployment may look like with the help of Kubernetes operators, the KubeCarrier service hub and the Submariner cross-cluster connectivity provider.
- 1 participant
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Multi-Tenancy in Kubernetes: How We Avoided Clusters Sprawl With Capsule - Dario Tranchitella, CLASTIX & Maksim Fedotov, Wargaming.net
Kubernetes is great when you have to deal with it as is and plays well with isolating workloads and limiting resources due to its primitives as ResourceQuota, LimitRange, NetworkPolicy, Namespace, and so on. But is it enough? Can you create a real isolated multi-tenant environment in it? With our experience with many production environments, we discovered it's not entirely. That is the reason why Capsule, an open-source Kubernetes Operator for multi-tenancy was born. Expanding the authentication Kubernetes capabilities, Capsule provides a viable and robust solution to avoid the hyped cluster sprawl while maintaining a native Kubernetes UX. And, last but not least, allowing a BYOD to push compute, storage, and network isolation and avoiding the noisy neighbors' effect. After a brief overview of the project by Dario Tranchitella (maintainer), Max Fedotov will explain how Capsule enhanced the operations and supercharged the provisioning mechanism for their k8s cluster at Wargaming.net
Multi-Tenancy in Kubernetes: How We Avoided Clusters Sprawl With Capsule - Dario Tranchitella, CLASTIX & Maksim Fedotov, Wargaming.net
Kubernetes is great when you have to deal with it as is and plays well with isolating workloads and limiting resources due to its primitives as ResourceQuota, LimitRange, NetworkPolicy, Namespace, and so on. But is it enough? Can you create a real isolated multi-tenant environment in it? With our experience with many production environments, we discovered it's not entirely. That is the reason why Capsule, an open-source Kubernetes Operator for multi-tenancy was born. Expanding the authentication Kubernetes capabilities, Capsule provides a viable and robust solution to avoid the hyped cluster sprawl while maintaining a native Kubernetes UX. And, last but not least, allowing a BYOD to push compute, storage, and network isolation and avoiding the noisy neighbors' effect. After a brief overview of the project by Dario Tranchitella (maintainer), Max Fedotov will explain how Capsule enhanced the operations and supercharged the provisioning mechanism for their k8s cluster at Wargaming.net
- 2 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Multi-tenancy vs. Multi-cluster: When Should you Use What? - Tasha Drew, VMware; Ryan Bezdicek, Medtronic; Adrian Ludwin, Google; Jim Bugwadia, Nirmata
The Kubernetes Working Group for Multi-Tenancy has a lot of fun projects helping people throughout the Kubernetes ecosystem manage sharing clusters. One question that comes up a lot is "when should I share a cluster using multi-tenancy, and when should I spin up multiple clusters?" We call this multi-tenancy versus multi-cluster. There are also a lot of people who are doing both simultaneously! People want to know when to do which, and we're here to help. Join this panel with the technical leads and chair of the Multi-tenancy working group to hear our thoughts on multi-tenancy versus multi-cluster, in a panel format.
Multi-tenancy vs. Multi-cluster: When Should you Use What? - Tasha Drew, VMware; Ryan Bezdicek, Medtronic; Adrian Ludwin, Google; Jim Bugwadia, Nirmata
The Kubernetes Working Group for Multi-Tenancy has a lot of fun projects helping people throughout the Kubernetes ecosystem manage sharing clusters. One question that comes up a lot is "when should I share a cluster using multi-tenancy, and when should I spin up multiple clusters?" We call this multi-tenancy versus multi-cluster. There are also a lot of people who are doing both simultaneously! People want to know when to do which, and we're here to help. Join this panel with the technical leads and chair of the Multi-tenancy working group to hear our thoughts on multi-tenancy versus multi-cluster, in a panel format.
- 4 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
NATS v2.2: The JetStream Release - Waldemar Quevedo Salinas, Synadia Communications, Inc
NATS v2.2 is the largest feature release since version v2.0. The NATS v2.2 release provides highly scalable, highly performant, secure and easy-to-use next generation streaming in the form of JetStream. It allows remote access via websockets, has simplified NATS account management with an embedded account server, extended monitoring metrics, subject mapping & traffic shaping, built-in headers, which together further enables NATS toward our goal of securely democratizing streams and services for the hyperconnected world we live in.
NATS v2.2: The JetStream Release - Waldemar Quevedo Salinas, Synadia Communications, Inc
NATS v2.2 is the largest feature release since version v2.0. The NATS v2.2 release provides highly scalable, highly performant, secure and easy-to-use next generation streaming in the form of JetStream. It allows remote access via websockets, has simplified NATS account management with an embedded account server, extended monitoring metrics, subject mapping & traffic shaping, built-in headers, which together further enables NATS toward our goal of securely democratizing streams and services for the hyperconnected world we live in.
- 1 participant
- 21 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Notary v2: Supply Chain Security for Containers - Justin Cormack, Docker & Steve Lasker, Microsoft
Notary v2 is a community project to solve the issues that the existing Notary project has that have hindered widespread adoption. The project is a community initiative with the main registry operators, including Docker, Microsoft and Amazon, as well as a broad community of other interested parties and end users. We will provide an overview of the state of the Notary v2 project to build registry native supply chain security for containers, and will show how it fits in with other supply chain initiatives that are being worked on. We will outline the road to production for Notary v2, and remaining work to do.
Notary v2: Supply Chain Security for Containers - Justin Cormack, Docker & Steve Lasker, Microsoft
Notary v2 is a community project to solve the issues that the existing Notary project has that have hindered widespread adoption. The project is a community initiative with the main registry operators, including Docker, Microsoft and Amazon, as well as a broad community of other interested parties and end users. We will provide an overview of the state of the Notary v2 project to build registry native supply chain security for containers, and will show how it fits in with other supply chain initiatives that are being worked on. We will outline the road to production for Notary v2, and remaining work to do.
- 2 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
OLM: A Declarative Way to Install, Manage, and Upgrade Operators - Dan Sover & Alex Greene, Red Hat
This presentation will cover the Operator Lifecycle Manager (OLM) — a suite of production-ready operators and tools that help manage the complexity of installing and upgrading operators on a Kubernetes cluster. OLM provides the following features out of the box: ▪ Over-the-Air Operator Updates and Catalogs ▪ A Rich Dependency Model ▪ Operator Discoverability ▪ Cluster Stability This talk will focus on the following topics: ▪ Introduction to OLM and its APIs ▪ Discovering and installing an operator via OLM ▪ Features that OLM provides on-cluster ▪ The operator bundle format ▪ The future direction of the OLM project Interested in joining the OLM community? We have weekly meetings every Thursday — check out https://github.com/operator-framework/community/blob/master/wg-olm/README.md to get started!
OLM: A Declarative Way to Install, Manage, and Upgrade Operators - Dan Sover & Alex Greene, Red Hat
This presentation will cover the Operator Lifecycle Manager (OLM) — a suite of production-ready operators and tools that help manage the complexity of installing and upgrading operators on a Kubernetes cluster. OLM provides the following features out of the box: ▪ Over-the-Air Operator Updates and Catalogs ▪ A Rich Dependency Model ▪ Operator Discoverability ▪ Cluster Stability This talk will focus on the following topics: ▪ Introduction to OLM and its APIs ▪ Discovering and installing an operator via OLM ▪ Features that OLM provides on-cluster ▪ The operator bundle format ▪ The future direction of the OLM project Interested in joining the OLM community? We have weekly meetings every Thursday — check out https://github.com/operator-framework/community/blob/master/wg-olm/README.md to get started!
- 2 participants
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Open Policy Agent Intro - Ash Narkar, Styra & Oren Shomron, VMware
Come to this session to learn about the Open Policy Agent (OPA) project. OPA is a general-purpose policy engine that solves a number of policy-related use cases for Kubernetes, microservices, CI/CD, cloud, and more. During this session the OPA maintainers will introduce the project for newcomers and then provide updates on the latest and greatest features landing in OPA and OPA Gatekeeper. If you are interested in policy and security as it relates to cloud native technology, this session is for you.
Open Policy Agent Intro - Ash Narkar, Styra & Oren Shomron, VMware
Come to this session to learn about the Open Policy Agent (OPA) project. OPA is a general-purpose policy engine that solves a number of policy-related use cases for Kubernetes, microservices, CI/CD, cloud, and more. During this session the OPA maintainers will introduce the project for newcomers and then provide updates on the latest and greatest features landing in OPA and OPA Gatekeeper. If you are interested in policy and security as it relates to cloud native technology, this session is for you.
- 2 participants
- 17 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Open Standards: Anchoring Extensibility for Cloud-Native Tooling - Katie Gamanji, CNCF
Within its 7 years of existence, Kubernetes has been the centerpiece of the Cloud Native landscape, elevating a pluggable system that contributed to the diversification of the entire ecosystem. As a result, multiple areas have developed in the industry, galvanizing solutions for components such as runtime, tracing, metrics, service mesh, and many more. However, to accommodate the expanding space of cloud-native tooling, it was necessary to introduce standardization and guidelines to simplify the interoperability and consumption of these tools. This talk will focus on the evolution of open standards and manifestos within the cloud-native landscape, including OCI, OpenTelemetry, Open Service Mesh, Open Application Model, and many more. Attendees will acquire an understanding of why open standards are pivotal in the path towards the extensibility of cloud-native tooling.
Open Standards: Anchoring Extensibility for Cloud-Native Tooling - Katie Gamanji, CNCF
Within its 7 years of existence, Kubernetes has been the centerpiece of the Cloud Native landscape, elevating a pluggable system that contributed to the diversification of the entire ecosystem. As a result, multiple areas have developed in the industry, galvanizing solutions for components such as runtime, tracing, metrics, service mesh, and many more. However, to accommodate the expanding space of cloud-native tooling, it was necessary to introduce standardization and guidelines to simplify the interoperability and consumption of these tools. This talk will focus on the evolution of open standards and manifestos within the cloud-native landscape, including OCI, OpenTelemetry, Open Service Mesh, Open Application Model, and many more. Attendees will acquire an understanding of why open standards are pivotal in the path towards the extensibility of cloud-native tooling.
- 1 participant
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Optimizing Knowledge Distillation Training With Volcano - Ti Zhou, Baidu & William Wang, Huawei
Knowledge distillation is a classic model compression technology, which is a way of migrating knowledge from a complex model (Teacher) to another lightweight model (Student) to achieve model compression. EDL use Volcano as scheduler to deploy the Teacher model to an online Kubernetes GPU inference card cluster, and use the resources of the online inference GPU card to increase the throughput of the teacher model in knowledge distillation. At the same time, because the Teacher model can be flexibly scheduled by Volcano, there is no need to worry about task failures caused by preemption of online instances during peak hours. You can also deploy the Teacher model to cluster fragmented resources, or low-usage resources such as k40, to make full use of the cluster's idle and fragmented resources. In this lecture, we will explain in detail how to use Volcano to optimize elastic distillation training and give the corresponding benchmark data.
Optimizing Knowledge Distillation Training With Volcano - Ti Zhou, Baidu & William Wang, Huawei
Knowledge distillation is a classic model compression technology, which is a way of migrating knowledge from a complex model (Teacher) to another lightweight model (Student) to achieve model compression. EDL use Volcano as scheduler to deploy the Teacher model to an online Kubernetes GPU inference card cluster, and use the resources of the online inference GPU card to increase the throughput of the teacher model in knowledge distillation. At the same time, because the Teacher model can be flexibly scheduled by Volcano, there is no need to worry about task failures caused by preemption of online instances during peak hours. You can also deploy the Teacher model to cluster fragmented resources, or low-usage resources such as k40, to make full use of the cluster's idle and fragmented resources. In this lecture, we will explain in detail how to use Volcano to optimize elastic distillation training and give the corresponding benchmark data.
- 2 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Overview and State of Linkerd - William Morgan & Matei David, Buoyant, Inc.
In this talk, maintainers from the Linkerd project will present an overview of the project and an update on upcoming releases. They'll cover what Linkerd is and how it compares to other service meshes; what the latest features and functionality are; what to expect in upcoming releases; and how you can get involved in one of the CNCF's most talked-about projects. This talk will cover Linkerd's modular control plane (2.10) and upcoming policy (2.11) features, as well as the latest on Linkerd's Rust micro-proxy, Linkerd2-proxy.
Overview and State of Linkerd - William Morgan & Matei David, Buoyant, Inc.
In this talk, maintainers from the Linkerd project will present an overview of the project and an update on upcoming releases. They'll cover what Linkerd is and how it compares to other service meshes; what the latest features and functionality are; what to expect in upcoming releases; and how you can get involved in one of the CNCF's most talked-about projects. This talk will cover Linkerd's modular control plane (2.10) and upcoming policy (2.11) features, as well as the latest on Linkerd's Rust micro-proxy, Linkerd2-proxy.
- 2 participants
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Panel Discussion: Cloud Native Networking State of the Union - Raghavan Srinivas, InfoQ; Lin Sun & Christian Posta, Solo.io; Alyssa Wilk & Tim Hockin, Google
Note: LIVE panel. The Cloud Native networking landscape is particularly frightening. With the advent of service mesh and containers being deployed in the tens of thousands, L4/L7 load balancing, plus networking implementations for each public cloud being different, it's important for application developers and devops audiences to understand the nuances of Cloud Native networking.
The panelists, all cloud native networking experts including the Kubernetes Networking SIG chair, etc. will go into some of the fundamental design challenges and address some advanced scalability issues. We will include select questions from the audience as well.
This panel, intended for application developers and devops audience will look at the Cloud Native networking ecosystem, past present and future. Attendees will walk away with a better understanding of the challenges of some of the tools for the trade and how to best implement Cloud Native networking best practices.
Panel Discussion: Cloud Native Networking State of the Union - Raghavan Srinivas, InfoQ; Lin Sun & Christian Posta, Solo.io; Alyssa Wilk & Tim Hockin, Google
Note: LIVE panel. The Cloud Native networking landscape is particularly frightening. With the advent of service mesh and containers being deployed in the tens of thousands, L4/L7 load balancing, plus networking implementations for each public cloud being different, it's important for application developers and devops audiences to understand the nuances of Cloud Native networking.
The panelists, all cloud native networking experts including the Kubernetes Networking SIG chair, etc. will go into some of the fundamental design challenges and address some advanced scalability issues. We will include select questions from the audience as well.
This panel, intended for application developers and devops audience will look at the Cloud Native networking ecosystem, past present and future. Attendees will walk away with a better understanding of the challenges of some of the tools for the trade and how to best implement Cloud Native networking best practices.
- 5 participants
- 37 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Panel: Your Path To Non-code Contribution In The Kubernetes Community - Kaslin Fields, Google; Kat Cosgrove, JFrog; Matt Broberg, Red Hat; Kohei Ota, HPE
Your first look at the Kubernetes community can be intimidating. This talk is here to reassure you: whatever skills you have, Kubernetes needs them. Our panel of contributors, new and old, will talk through their unique experiences and how you can get involved. We will talk through the specific ways non-code contribution helps Kubernetes be a fun, inclusive, and expanding community and how you can be part of it. We will highlight how SIG Contribution Experience is the "front door" to your experience and provide examples of the remarkable ways people show up for others in our community. Examples include spinning up a baking show, administrating communication tools, writing blog posts, and much more. If you have an hour a week or 8 hours a day, we'll help you spend your time wisely and see how valuable you are as a contributor.
Panel: Your Path To Non-code Contribution In The Kubernetes Community - Kaslin Fields, Google; Kat Cosgrove, JFrog; Matt Broberg, Red Hat; Kohei Ota, HPE
Your first look at the Kubernetes community can be intimidating. This talk is here to reassure you: whatever skills you have, Kubernetes needs them. Our panel of contributors, new and old, will talk through their unique experiences and how you can get involved. We will talk through the specific ways non-code contribution helps Kubernetes be a fun, inclusive, and expanding community and how you can be part of it. We will highlight how SIG Contribution Experience is the "front door" to your experience and provide examples of the remarkable ways people show up for others in our community. Examples include spinning up a baking show, administrating communication tools, writing blog posts, and much more. If you have an hour a week or 8 hours a day, we'll help you spend your time wisely and see how valuable you are as a contributor.
- 4 participants
- 38 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Petabyte Scale Logging with Fluentd and Fluent Bit: A Use Case From Intuit - Hanzel Jesheen, Intuit & Anurag Gupta, Calyptia
In financial and software companies like Intuit, it’s mandatory to provide a reliable observability layer so internal end-users like developers from different line-of-businesses can access their application data. In the last few years, we faced several problems when scaling up logging. For all the new applications we deployed in our Kubernetes clusters, the data rate increased, creating decreased throughput, higher resource consumption, and unexpected backpressure. In this session, you will learn how we leveraged CNCF projects, Fluentd and Fluent Bit, to configure reliable buffering for network outages, flexible configurations for backpressure management, and tips to avoid common mistakes that will save you hours of troubleshooting. A secondary title for this talk would be: “How we achieved Petabyte scale logging with Fluentd and Fluent Bit”.
Petabyte Scale Logging with Fluentd and Fluent Bit: A Use Case From Intuit - Hanzel Jesheen, Intuit & Anurag Gupta, Calyptia
In financial and software companies like Intuit, it’s mandatory to provide a reliable observability layer so internal end-users like developers from different line-of-businesses can access their application data. In the last few years, we faced several problems when scaling up logging. For all the new applications we deployed in our Kubernetes clusters, the data rate increased, creating decreased throughput, higher resource consumption, and unexpected backpressure. In this session, you will learn how we leveraged CNCF projects, Fluentd and Fluent Bit, to configure reliable buffering for network outages, flexible configurations for backpressure management, and tips to avoid common mistakes that will save you hours of troubleshooting. A secondary title for this talk would be: “How we achieved Petabyte scale logging with Fluentd and Fluent Bit”.
- 2 participants
- 22 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Power Level 9000! Improving Application Performance with Chaos Engineering - Saiyam Pathak, Civo & Karthik Gaekwad, Verica
Chaos engineering is becoming a standard to test the resiliency and performance of cloud native applications. It allows you to validate assumptions, catch loopholes, and generally improve resiliency in your cluster. This talk will focus on the specific experiments that will improve cluster and application performance and cover tools in the ecosystem, including Litmuschaos, Kraken, and Chaos Mesh. At the end of the talk, the audience will understand the basics of experiments, apply them in their orgs, and code to run in their infrastructures. Breakdown: The idea of an experiment Application Performance Ideas Identifying Cluster Latency Issues (k8s, k3s) Improving App SLO Fixing issues with app latency Detecting latency in Service Meshes Rightsizing cluster auto-scaling issues Ways we use Chaos Experiments in our companies Demo: Running a latency Chaos Experiment continuously in a CI pipeline on k3s Chaos Tooling review FAQs about Chaos Engineering Conclusions
Power Level 9000! Improving Application Performance with Chaos Engineering - Saiyam Pathak, Civo & Karthik Gaekwad, Verica
Chaos engineering is becoming a standard to test the resiliency and performance of cloud native applications. It allows you to validate assumptions, catch loopholes, and generally improve resiliency in your cluster. This talk will focus on the specific experiments that will improve cluster and application performance and cover tools in the ecosystem, including Litmuschaos, Kraken, and Chaos Mesh. At the end of the talk, the audience will understand the basics of experiments, apply them in their orgs, and code to run in their infrastructures. Breakdown: The idea of an experiment Application Performance Ideas Identifying Cluster Latency Issues (k8s, k3s) Improving App SLO Fixing issues with app latency Detecting latency in Service Meshes Rightsizing cluster auto-scaling issues Ways we use Chaos Experiments in our companies Demo: Running a latency Chaos Experiment continuously in a CI pipeline on k3s Chaos Tooling review FAQs about Chaos Engineering Conclusions
- 2 participants
- 32 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Predictions from the Technical Oversight Committee (TOC) - Liz Rice, Chief Open Source Officer, Isovalent & Chair, Technical Oversight Committee & Lei Zhang, Staff Engineer, Alibaba Cloud & Member, Technical Oversight Committee
Predictions from the Technical Oversight Committee (TOC) - Liz Rice, Chief Open Source Officer, Isovalent & Chair, Technical Oversight Committee & Lei Zhang, Staff Engineer, Alibaba Cloud & Member, Technical Oversight Committee
- 2 participants
- 18 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Prometheus – What it is, What is New, and What is Coming - Richard Hartmann, Grafana Labs & Julien Pivotto, Inuits
Prometheus is a metrics-based monitoring and alerting system and also the project with the second longest tenure within the CNCF. As such you have probably heard about it by now. We will give you a short introduction to Prometheus, what it is and why it was such a big deal when it was initially released. In all those years since then, the project has only gained speed, which provides us with the opportunity to tell you about all the exciting new features that have just been released or are in the pipeline, including opportunities to contribute to the project and its wider ecosystem.
Prometheus – What it is, What is New, and What is Coming - Richard Hartmann, Grafana Labs & Julien Pivotto, Inuits
Prometheus is a metrics-based monitoring and alerting system and also the project with the second longest tenure within the CNCF. As such you have probably heard about it by now. We will give you a short introduction to Prometheus, what it is and why it was such a big deal when it was initially released. In all those years since then, the project has only gained speed, which provides us with the opportunity to tell you about all the exciting new features that have just been released or are in the pipeline, including opportunities to contribute to the project and its wider ecosystem.
- 2 participants
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Protecting Ourselves from CNCFgate. Software Supply Chain Security at CNCF - Practices, and Tools - Andres Vega & Emily Fox, CNCF SIG-Security & Jonathan Meadows, Cyber Security at Citi
As the complexity of our software systems grows – and they ingest more and more dependencies to deliver their functionality – the supply chain becomes more complex, and thus more difficult to secure. The industry is forming a consensus around a baseline set of properties for a secure software supply chain, yet these are not enough to protect against some of the high-profile attacks we have seen in recent years. In some cases they may not even have made detection easier. The industry needs to do better, we need to do better. An attacker who compromises a software supply chain can greatly increase the blast radius of their attack to all eventual users of the system. In some cases the exploits are overlooked or unintended bugs; some others have been known to be more deliberate and insidious (most recently, SunBurst/Solarigate).
This presentation shares the experience of the CNCF SIG-Security Supply Chain Working Group with particular attention to intricacies and sharp edges of the practice of creating and maintaining a tightly-secured software supply chain.
Protecting Ourselves from CNCFgate. Software Supply Chain Security at CNCF - Practices, and Tools - Andres Vega & Emily Fox, CNCF SIG-Security & Jonathan Meadows, Cyber Security at Citi
As the complexity of our software systems grows – and they ingest more and more dependencies to deliver their functionality – the supply chain becomes more complex, and thus more difficult to secure. The industry is forming a consensus around a baseline set of properties for a secure software supply chain, yet these are not enough to protect against some of the high-profile attacks we have seen in recent years. In some cases they may not even have made detection easier. The industry needs to do better, we need to do better. An attacker who compromises a software supply chain can greatly increase the blast radius of their attack to all eventual users of the system. In some cases the exploits are overlooked or unintended bugs; some others have been known to be more deliberate and insidious (most recently, SunBurst/Solarigate).
This presentation shares the experience of the CNCF SIG-Security Supply Chain Working Group with particular attention to intricacies and sharp edges of the practice of creating and maintaining a tightly-secured software supply chain.
- 3 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Putting Chaos Into Continuous Delivery to Increase Application Resiliency - Juergen Etzlstorfer, Dynatrace & Karthik Satchitanand, Mayadata
Continuous Delivery practices have evolved significantly with the cloud-native paradigm. GitOps & Chaos Engineering are at the forefront of this new CD approach, with an ever-increasing pattern involving Git-backed pipeline definitions that implement “chaos stages” in pre-prod environments to gauge SLO compliance. In this talk, maintainers of the Keptn (Juergen) & LitmusChaos (Karthik) CNCF sandbox projects will discuss how you can construct pipelines that include chaos experimentation (mapped to declarative hypothesis around application steady-state) while simulating real-world load, and implement quality gates to ensure resilient applications are deployed into production. All this - in a GitOps native manner. They will also demonstrate how you can include chaos tests to your existing CD pipelines without the need of rewriting them.
Putting Chaos Into Continuous Delivery to Increase Application Resiliency - Juergen Etzlstorfer, Dynatrace & Karthik Satchitanand, Mayadata
Continuous Delivery practices have evolved significantly with the cloud-native paradigm. GitOps & Chaos Engineering are at the forefront of this new CD approach, with an ever-increasing pattern involving Git-backed pipeline definitions that implement “chaos stages” in pre-prod environments to gauge SLO compliance. In this talk, maintainers of the Keptn (Juergen) & LitmusChaos (Karthik) CNCF sandbox projects will discuss how you can construct pipelines that include chaos experimentation (mapped to declarative hypothesis around application steady-state) while simulating real-world load, and implement quality gates to ensure resilient applications are deployed into production. All this - in a GitOps native manner. They will also demonstrate how you can include chaos tests to your existing CD pipelines without the need of rewriting them.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
RISC-V: The Lowest Layer of the Cloud-Native Landscape - Daniel Mangum, Senior Software Engineer, Upbound & Carlos Eduardo de Paula, Cloud Architect, Red Hat
RISC-V: The Lowest Layer of the Cloud-Native Landscape - Daniel Mangum, Senior Software Engineer, Upbound & Carlos Eduardo de Paula, Cloud Architect, Red Hat
- 2 participants
- 14 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Resource Requests and Limits Under the Hood: The Journey of a Pod Spec - Kohei Ota, Hewlett Packard Enterprise & Kaslin Fields, Google
Let's learn how resource requests and limits work by illustrating what is really happening inside of your cluster - literally! CNCF Ambassadors Kohei Ota and Kaslin Fields will use fun hand-drawn artwork to walk you through understanding what your cluster is really doing when you set a resource restriction in Kubernetes. Engineers and their applications are going through a transformation. From running apps on a machine or VM directly, to running it in containers, and then to container orchestration via Kubernetes. During this journey, it is easy to become disconnected from what’s really happening on the underlying infrastructure. By learning what Kubernetes is doing under the hood, you can get a deep understanding for how Kubernetes manages compute resources. This talk will cover what happens, starting from setting the restriction on a Kubernetes Pod, then how these parameters will be delivered from the Pod spec to the Linux kernel layer through kubelet and CRI/OCI runtimes.
Resource Requests and Limits Under the Hood: The Journey of a Pod Spec - Kohei Ota, Hewlett Packard Enterprise & Kaslin Fields, Google
Let's learn how resource requests and limits work by illustrating what is really happening inside of your cluster - literally! CNCF Ambassadors Kohei Ota and Kaslin Fields will use fun hand-drawn artwork to walk you through understanding what your cluster is really doing when you set a resource restriction in Kubernetes. Engineers and their applications are going through a transformation. From running apps on a machine or VM directly, to running it in containers, and then to container orchestration via Kubernetes. During this journey, it is easy to become disconnected from what’s really happening on the underlying infrastructure. By learning what Kubernetes is doing under the hood, you can get a deep understanding for how Kubernetes manages compute resources. This talk will cover what happens, starting from setting the restriction on a Kubernetes Pod, then how these parameters will be delivered from the Pod spec to the Linux kernel layer through kubelet and CRI/OCI runtimes.
- 2 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Rook: Intro and Ceph Deep Dive - Blaine Gardner, Red Hat & Satoru Takeuchi, Cybozu, Inc.
The Rook project will be introduced to attendees of all levels and experience. Rook is an open source cloud-native storage operator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with Kubernetes. Rook turns storage software into self-managing and self-healing storage services. The benefits and use cases of Rook will be explored along with an overview of each of the Rook storage providers: Ceph, NFS, and Cassandra. A deep-dive will be presented for the Ceph storage provider on how Rook provides stable block, shared file system, and object storage for your production data. The recent features in the v1.6 release will be covered to further illustrate how Rook continues to be enhanced for production environments. Rook was accepted as a graduated project by the Cloud Native Computing Foundation in October 2020.
Rook: Intro and Ceph Deep Dive - Blaine Gardner, Red Hat & Satoru Takeuchi, Cybozu, Inc.
The Rook project will be introduced to attendees of all levels and experience. Rook is an open source cloud-native storage operator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with Kubernetes. Rook turns storage software into self-managing and self-healing storage services. The benefits and use cases of Rook will be explored along with an overview of each of the Rook storage providers: Ceph, NFS, and Cassandra. A deep-dive will be presented for the Ceph storage provider on how Rook provides stable block, shared file system, and object storage for your production data. The recent features in the v1.6 release will be covered to further illustrate how Rook continues to be enhanced for production environments. Rook was accepted as a graduated project by the Cloud Native Computing Foundation in October 2020.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Running Cache-Efficient Builds at Scale on Kubernetes with BuildKit - Gautier Delorme, Apple Inc.
Many organizations already deploy services to Kubernetes, but to fully transition from bare-metal to ephemeral infrastructure they need a cache-efficient way to run build systems on top of Kubernetes (e.g. to build docker images). In this talk, Gautier Delorme will demonstrate how to use rootless and daemonless BuildKit to run secure, fast and cache-efficient builds in Kubernetes. As an operator, you will learn how to leverage BuildKit caching mechanisms and Kubernetes Scheduler features to scale your build systems and make sure builds always run as fast as they should. As a developer, you will learn how to write secure and cache-efficient Dockerfile using new features (e.g. RUN --mount flag) to produce docker images or any other type of artifacts.
Running Cache-Efficient Builds at Scale on Kubernetes with BuildKit - Gautier Delorme, Apple Inc.
Many organizations already deploy services to Kubernetes, but to fully transition from bare-metal to ephemeral infrastructure they need a cache-efficient way to run build systems on top of Kubernetes (e.g. to build docker images). In this talk, Gautier Delorme will demonstrate how to use rootless and daemonless BuildKit to run secure, fast and cache-efficient builds in Kubernetes. As an operator, you will learn how to leverage BuildKit caching mechanisms and Kubernetes Scheduler features to scale your build systems and make sure builds always run as fast as they should. As a developer, you will learn how to write secure and cache-efficient Dockerfile using new features (e.g. RUN --mount flag) to produce docker images or any other type of artifacts.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
SIG CLI: Intro and Updates - Maciej Szulik, Red Hat; Katrina Verey, Apple & Jeff Regan, Google
During the introduction section of the presentation, the leadership of the SIG CLI will give an overview of the projects hosted by the SIG. The presenters will describe the current state of these projects, including such popular ones as kubectl and kustomize. The introduction will also cover the contribution process for the SIG, including specific steps on how new contributors can successfully on-board. In addition to this introduction, the leaders will provide several short educational presentations, such as a deep dive into kubectl debug. The final part of this presentation will include a live Q&A.
SIG CLI: Intro and Updates - Maciej Szulik, Red Hat; Katrina Verey, Apple & Jeff Regan, Google
During the introduction section of the presentation, the leadership of the SIG CLI will give an overview of the projects hosted by the SIG. The presenters will describe the current state of these projects, including such popular ones as kubectl and kustomize. The introduction will also cover the contribution process for the SIG, including specific steps on how new contributors can successfully on-board. In addition to this introduction, the leaders will provide several short educational presentations, such as a deep dive into kubectl debug. The final part of this presentation will include a live Q&A.
- 1 participant
- 17 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
SIG Contributor Experience Deep Dive - Bob Killen, Google; Alison Dowdney, Weaveworks; Christoph Blecker, Red Hat; Nikhita Raghunath, VMware
The Kubernetes Contributor Experience Special Interest Group (SIG) is tasked with developing and sustaining a healthy contributor community. Things like feature velocity, community scaling, mentoring, pull request latency, and more all fall within scope of the SIG. In this talk, we will provide an introduction to SIG Contributor Experience, its role within the project, and dive into the various subprojects that support its mission. Additionally, we will provide a general community update and go over how you can get involved.
SIG Contributor Experience Deep Dive - Bob Killen, Google; Alison Dowdney, Weaveworks; Christoph Blecker, Red Hat; Nikhita Raghunath, VMware
The Kubernetes Contributor Experience Special Interest Group (SIG) is tasked with developing and sustaining a healthy contributor community. Things like feature velocity, community scaling, mentoring, pull request latency, and more all fall within scope of the SIG. In this talk, we will provide an introduction to SIG Contributor Experience, its role within the project, and dive into the various subprojects that support its mission. Additionally, we will provide a general community update and go over how you can get involved.
- 4 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
SIG Multicluster Intro - Paul Morie, Red Hat & Jeremy Olmsted-Thompson, Google
SIG-Multicluster is focused on solving common challenges related to the management of many Kubernetes clusters, across multiple cloud providers (so-called hybrid cloud) and applications deployed across many clusters. In the introduction, we'll give attendees an overview of the current status of the multi-cluster problem space in Kubernetes and of the SIG. We’ll discuss current thinking around best practices for multi-cluster deployments and what it means to be part of a ClusterSet. Then we’ll highlight current SIG projects, focused use cases, and ideas for what’s next. Most importantly, we’ll provide information on how you can get involved either as a contributor or as a user who wants to provide feedback about the SIG's current efforts and future direction. Bring your questions, problems, and ideas - help us expand the multi-cluster Kubernetes landscape.
SIG Multicluster Intro - Paul Morie, Red Hat & Jeremy Olmsted-Thompson, Google
SIG-Multicluster is focused on solving common challenges related to the management of many Kubernetes clusters, across multiple cloud providers (so-called hybrid cloud) and applications deployed across many clusters. In the introduction, we'll give attendees an overview of the current status of the multi-cluster problem space in Kubernetes and of the SIG. We’ll discuss current thinking around best practices for multi-cluster deployments and what it means to be part of a ClusterSet. Then we’ll highlight current SIG projects, focused use cases, and ideas for what’s next. Most importantly, we’ll provide information on how you can get involved either as a contributor or as a user who wants to provide feedback about the SIG's current efforts and future direction. Bring your questions, problems, and ideas - help us expand the multi-cluster Kubernetes landscape.
- 2 participants
- 18 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
SIG Scheduling Intro and Deep Dive - Mike Dame & Jan Chaloupka, Red Hat
SIG Scheduling is responsible for kube-scheduler and its related subprojects such as the scheduling framework and Descheduler. These projects share the common goal of enabling users and developers to ensure that pods are assigned to the appropriate nodes based on various scheduling criteria. This talk will introduce attendees to SIG-Scheduling with an overview of the current goals and ongoing work within the SIG, as well as opportunities for new contributors to get involved. About half of the time will be devoted to informal Q&A and feedback.
SIG Scheduling Intro and Deep Dive - Mike Dame & Jan Chaloupka, Red Hat
SIG Scheduling is responsible for kube-scheduler and its related subprojects such as the scheduling framework and Descheduler. These projects share the common goal of enabling users and developers to ensure that pods are assigned to the appropriate nodes based on various scheduling criteria. This talk will introduce attendees to SIG-Scheduling with an overview of the current goals and ongoing work within the SIG, as well as opportunities for new contributors to get involved. About half of the time will be devoted to informal Q&A and feedback.
- 2 participants
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
SIG-network: Updates and Future Directions - Bowei Du & Tim Hockin, Google
This session will be a deep-dive into recent changes in networking in Kubernetes. The talk will provide an overview of current and future projects, including APIs and interfaces (Service, Endpoint[Slice], DNS, Gateway, NetworkPolicy), infrastructure (kube-proxy, IPv4/6 dual-stack. Attendees to this session will come away with a good understanding of the areas covered by sig-network and what the future directions will be.
SIG-network: Updates and Future Directions - Bowei Du & Tim Hockin, Google
This session will be a deep-dive into recent changes in networking in Kubernetes. The talk will provide an overview of current and future projects, including APIs and interfaces (Service, Endpoint[Slice], DNS, Gateway, NetworkPolicy), infrastructure (kube-proxy, IPv4/6 dual-stack. Attendees to this session will come away with a good understanding of the areas covered by sig-network and what the future directions will be.
- 2 participants
- 19 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Scaling Apache Spark on Kube to Apple Scale - Amanda Moran & Holden Karau, Apple
Amanda and Holden will explore the customer workloads that easily ported to Apache Spark on Kubernetes, and which ones had more difficulty. The goal of this talk is to help the audience in their journey as either the operators of an Apache Spark-Kubernetes platform or as an end user. Considerations and best practices for end users of an Apache Spark on Kubernetes platform will be discussed. Additional advice for folks migrating from YARN with HDFS to Kubernetes will be included. This talk will include how to effectively deploy the new enhancements of Spark on Kube, like shuffle tracking and graceful decommissioning, as well as when not to use this.
Scaling Apache Spark on Kube to Apple Scale - Amanda Moran & Holden Karau, Apple
Amanda and Holden will explore the customer workloads that easily ported to Apache Spark on Kubernetes, and which ones had more difficulty. The goal of this talk is to help the audience in their journey as either the operators of an Apache Spark-Kubernetes platform or as an end user. Considerations and best practices for end users of an Apache Spark on Kubernetes platform will be discussed. Additional advice for folks migrating from YARN with HDFS to Kubernetes will be included. This talk will include how to effectively deploy the new enhancements of Spark on Kube, like shuffle tracking and graceful decommissioning, as well as when not to use this.
- 2 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Seamless multi-cluster Communication and Observability with Linkerd - Max Körbächer, Liquid Reply
Considering migrating a traditional cross-cluster app containing sensitive data to a meshed microservices-based application? In this session, Max will discuss how his team migrated an app with GDPR protected data to a Kubernetes-based architecture meshed with Linkerd for one of their telco customers. He'll share lessons learned, insights into the motivation driving this change, as well the challenges faced along the way. Technical examples and concrete solutions implemented by his team will illustrate how other teams can start tackling their multi-cluster journey.
Seamless multi-cluster Communication and Observability with Linkerd - Max Körbächer, Liquid Reply
Considering migrating a traditional cross-cluster app containing sensitive data to a meshed microservices-based application? In this session, Max will discuss how his team migrated an app with GDPR protected data to a Kubernetes-based architecture meshed with Linkerd for one of their telco customers. He'll share lessons learned, insights into the motivation driving this change, as well the challenges faced along the way. Technical examples and concrete solutions implemented by his team will illustrate how other teams can start tackling their multi-cluster journey.
- 1 participant
- 39 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Secrets Store CSI Driver: Keeping Secrets Secret - Anish Ramasekar, Microsoft & Tommy Murphy, Google
Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the Secrets Store CSI Driver, a sig-auth subproject providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault. In this session, Anish and Tommy will demonstrate how to use the Secrets Store CSI Driver to mount and rotate sensitive information from external secrets stores in the Kubernetes application. They will also discuss trade-offs of the CSI driver versus other solutions to accessing external secret stores and how CRDs are used to make pod portability across Kubernetes environments possible.
Secrets Store CSI Driver: Keeping Secrets Secret - Anish Ramasekar, Microsoft & Tommy Murphy, Google
Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the Secrets Store CSI Driver, a sig-auth subproject providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault. In this session, Anish and Tommy will demonstrate how to use the Secrets Store CSI Driver to mount and rotate sensitive information from external secrets stores in the Kubernetes application. They will also discuss trade-offs of the CSI driver versus other solutions to accessing external secret stores and how CRDs are used to make pod portability across Kubernetes environments possible.
- 2 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Securing Content Distribution with The Update Framework (TUF) - Lukas Puehringer, NYU, Tandon School of Engineering & Joshua Lock, VMware
Time and again we see insecure content delivery systems – such as software updaters, and configuration management systems – being compromised to deliver malicious content. The Update Framework (TUF) was designed not only to prevent and detect attacks, but also with risk mitigation (reducing the damage from a successful attack) as a core principle. Being the first security-focused project to graduate in the CNCF, TUF is widely used both inside and outside of the cloud ecosystem. It is in use today in places including CNAB, AWS Labs BottleRocket OS, and Datadog. With several ongoing integrations being actively developed including the Python Package Index (PyPI), Drupal, TYPO3 and Joomla. We will introduce TUF by describing the basic architecture, including how TUF protects against a variety of real-world attacks on any content distribution infrastructure. Then we look forward to discussion with the audience as we deep dive on a current technical issue.
Securing Content Distribution with The Update Framework (TUF) - Lukas Puehringer, NYU, Tandon School of Engineering & Joshua Lock, VMware
Time and again we see insecure content delivery systems – such as software updaters, and configuration management systems – being compromised to deliver malicious content. The Update Framework (TUF) was designed not only to prevent and detect attacks, but also with risk mitigation (reducing the damage from a successful attack) as a core principle. Being the first security-focused project to graduate in the CNCF, TUF is widely used both inside and outside of the cloud ecosystem. It is in use today in places including CNAB, AWS Labs BottleRocket OS, and Datadog. With several ongoing integrations being actively developed including the Python Package Index (PyPI), Drupal, TYPO3 and Joomla. We will introduce TUF by describing the basic architecture, including how TUF protects against a variety of real-world attacks on any content distribution infrastructure. Then we look forward to discussion with the audience as we deep dive on a current technical issue.
- 2 participants
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Shaping Kubernetes Community Culture - Aeva Black, Open Source Program Manager, Microsoft & Bob Killen, Program Manager, Google
Shaping Kubernetes Community Culture - Aeva Black, Open Source Program Manager, Microsoft & Bob Killen, Program Manager, Google
- 2 participants
- 13 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sidecars at Netflix: From Basic Injection to First Class Citizens - Rodrigo Campos Catelin, Kinvolk & Manas Alekar, Netflix
The concept of sidecar containers has been around since the early days of Kubernetes. Over the years the sidecar pattern has become more common in applications, gained popularity and the uses cases are getting more diverse. The current Kubernetes primitives handled that well, but they are starting to fall short for several use cases and force weird work-arounds in the applications. During this talk we will share how Netflix is using sidecar containers on Kubernetes, from their early design of process injection into docker containers, to a cutting edge fork of k8s where sidecar containers have special status and extra features over other containers in a pod. We would like to share our experience with sidecar containers and encourage others to do the same so we all benefit and learn. We will also share our efforts (past and ongoing) in collaboration with Kinvolk to progress a KEP to make sidecars a first-class concept in Kubernetes, and the status and implications of that process.
Sidecars at Netflix: From Basic Injection to First Class Citizens - Rodrigo Campos Catelin, Kinvolk & Manas Alekar, Netflix
The concept of sidecar containers has been around since the early days of Kubernetes. Over the years the sidecar pattern has become more common in applications, gained popularity and the uses cases are getting more diverse. The current Kubernetes primitives handled that well, but they are starting to fall short for several use cases and force weird work-arounds in the applications. During this talk we will share how Netflix is using sidecar containers on Kubernetes, from their early design of process injection into docker containers, to a cutting edge fork of k8s where sidecar containers have special status and extra features over other containers in a pod. We would like to share our experience with sidecar containers and encourage others to do the same so we all benefit and learn. We will also share our efforts (past and ongoing) in collaboration with Kinvolk to progress a KEP to make sidecars a first-class concept in Kubernetes, and the status and implications of that process.
- 2 participants
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Keynote: A Mesh has Immense Psychological Value - Vijoy Pandey, Vice President, Engineering for Emerging Technologies and Incubation, Cisco
Sponsored Keynote: A Mesh has Immense Psychological Value - Vijoy Pandey, Vice President, Engineering for Emerging Technologies and Incubation, Cisco
- 1 participant
- 7 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Keynote: Commit to the Cause. Push for Change. Take on the World’s Greatest Challenges with Kubernetes - Briana Frank, Director of Product Management, IBM Cloud
Sponsored Keynote: Commit to the Cause. Push for Change. Take on the World’s Greatest Challenges with Kubernetes - Briana Frank, Director of Product Management, IBM Cloud
- 1 participant
- 6 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Keynote: Day 2 with Kubernetes - This Is Fine! - Vaibhav Kamra, Chief Technology Officer, Kasten by Veeam
Sponsored Keynote: Day 2 with Kubernetes - This Is Fine! - Vaibhav Kamra, Chief Technology Officer, Kasten by Veeam
- 1 participant
- 6 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Keynote: Kubernetes as the Control Plane for the Hybrid Cloud - Clayton Coleman, Architect for Kubernetes and OpenShift, Red Hat
Sponsored Keynote: Kubernetes as the Control Plane for the Hybrid Cloud - Clayton Coleman, Architect for Kubernetes and OpenShift, Red Hat
- 1 participant
- 6 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Keynote: Open Source Innovation – Success Through Failure - Thomas Di Giacomo, Chief Technology & Product Officer, SUSE
Sponsored Keynote: Open Source Innovation – Success Through Failure - Thomas Di Giacomo, Chief Technology & Product Officer, SUSE
- 1 participant
- 6 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Keynote: Smoothing the onramp to Kubernetes with Knative - Brenda Chan, Director of Engineering, VMware Tanzu Developer Experience, VMware
Sponsored Keynote: Smoothing the onramp to Kubernetes with Knative - Brenda Chan, Director of Engineering, VMware Tanzu Developer Experience, VMware
- 1 participant
- 5 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: An Open-source HCI Platform Built on Kubernetes - Sheng Yang, Rancher
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
In the past few years, there have been many attempts to bring VM management into container platforms. But in the end, none of these solutions have come close to the popularity of industry-standard virtualization products like vSphere and Nutanix.
We believe the reason is, despite Kubernetes becoming an industry standard, knowledge of it is not widespread among VM administrators. They are familiar with concepts like ISO images, disk volumes, NICs, and VLANS – not concepts like pods and PVCs.
Project Harvester is an open-source alternative to traditional proprietary hyperconverged (HCI) infrastructure software, built on top of Kubernetes. Harvester is designed to be easy to understand, install and operate, even without the knowledge of Kubernetes.
In this session, Sheng will talk about the motivation of building Harvester, explain the architecture, and show a demo of the latest release.
Sponsored Session: An Open-source HCI Platform Built on Kubernetes - Sheng Yang, Rancher
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
In the past few years, there have been many attempts to bring VM management into container platforms. But in the end, none of these solutions have come close to the popularity of industry-standard virtualization products like vSphere and Nutanix.
We believe the reason is, despite Kubernetes becoming an industry standard, knowledge of it is not widespread among VM administrators. They are familiar with concepts like ISO images, disk volumes, NICs, and VLANS – not concepts like pods and PVCs.
Project Harvester is an open-source alternative to traditional proprietary hyperconverged (HCI) infrastructure software, built on top of Kubernetes. Harvester is designed to be easy to understand, install and operate, even without the knowledge of Kubernetes.
In this session, Sheng will talk about the motivation of building Harvester, explain the architecture, and show a demo of the latest release.
- 1 participant
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Kubernetes Package Management Using Unix Philosophy with Carvel - Helen George & João Pereira, VMware
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Managing hundreds or thousands of workloads on a Kubernetes cluster is not an easy task. On top of that, dealing with various workflows to customize and deploy applications can pose even more of a challenge. No single Kubernetes tool is going to solve everyone’s problem, and as an operator you might be forced to use multiple kubernetes tools to manage a single Kubernetes cluster. But then there’s no guarantee that these tools are going to work well together seamlessly.
Carvel is a suite of open-source projects that aims to solve these problems. It provides a set of reliable, single-purpose, composable tools that aid in your application building, packaging, configuration, and deployment to Kubernetes. Carvel enables users to get software installed and keep it updated on a Kubernetes cluster in a secure, scalable, and automated way.
In this session, João Pereira and Helen George will explore how the whole suite of Carvel tools (ytt, kbld, kapp, imgpkg, kapp-controller) work and show how you can integrate them for managing packages on Kubernetes. We’ll look at a few concrete examples where Carvel can be used as a part of your toolchain together with Helm Charts, kustomize and http library.
Sponsored Session: Kubernetes Package Management Using Unix Philosophy with Carvel - Helen George & João Pereira, VMware
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Managing hundreds or thousands of workloads on a Kubernetes cluster is not an easy task. On top of that, dealing with various workflows to customize and deploy applications can pose even more of a challenge. No single Kubernetes tool is going to solve everyone’s problem, and as an operator you might be forced to use multiple kubernetes tools to manage a single Kubernetes cluster. But then there’s no guarantee that these tools are going to work well together seamlessly.
Carvel is a suite of open-source projects that aims to solve these problems. It provides a set of reliable, single-purpose, composable tools that aid in your application building, packaging, configuration, and deployment to Kubernetes. Carvel enables users to get software installed and keep it updated on a Kubernetes cluster in a secure, scalable, and automated way.
In this session, João Pereira and Helen George will explore how the whole suite of Carvel tools (ytt, kbld, kapp, imgpkg, kapp-controller) work and show how you can integrate them for managing packages on Kubernetes. We’ll look at a few concrete examples where Carvel can be used as a part of your toolchain together with Helm Charts, kustomize and http library.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Mining Large Data Sets of Biomedical Omics Data Made Easy with Managed Kubernetes! Doug Davis, IBM & Theodore Alexandrov, EMBL
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Wouldn’t it be nice to accelerate your delivery cycle by not focusing on Kubernetes? That’s exactly what developers from the European Molecular Biology Laboratory (EMBL) did. Their mission: reveal the role that metabolites play in biology and medicine by finding the molecules hidden in big spatial metabolomics data. Their challenge: the amount of data they needed to analyze (sometimes larger than 1TB) required significant resources and compute power working at scale to produce timely results with a development team that were not K8s experts.
In this session, you'll learn how EMBL researchers used IBM Cloud Code Engine to speed-up their delivery cycle by allowing them to focus on their research and analytic engine development rather than worrying about the management and technical details of the compute resources needed to perform their data analysis.
Sponsored Session: Mining Large Data Sets of Biomedical Omics Data Made Easy with Managed Kubernetes! Doug Davis, IBM & Theodore Alexandrov, EMBL
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
Wouldn’t it be nice to accelerate your delivery cycle by not focusing on Kubernetes? That’s exactly what developers from the European Molecular Biology Laboratory (EMBL) did. Their mission: reveal the role that metabolites play in biology and medicine by finding the molecules hidden in big spatial metabolomics data. Their challenge: the amount of data they needed to analyze (sometimes larger than 1TB) required significant resources and compute power working at scale to produce timely results with a development team that were not K8s experts.
In this session, you'll learn how EMBL researchers used IBM Cloud Code Engine to speed-up their delivery cycle by allowing them to focus on their research and analytic engine development rather than worrying about the management and technical details of the compute resources needed to perform their data analysis.
- 2 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Palo Alto Networks - Reimagining the MITRE ATT&CK Framework for Cloud Native Applications - Keith Mokris & Ashley Ward
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
This is an on-demand session and will be available for the duration of the event.
Today, enterprises use a combination of virtual machines, containers and Kubernetes, and platform as a service (PaaS) offerings to power their cloud native applications. While customers love and trust MITRE ATT&CK® to measure the effectiveness of their security operations and identify areas of improvements, they are now looking to extend this framework to their portfolio of cloud native applications. In this 15-minute demo session, Prisma Cloud will unveil industry's first comprehensive cloud native threat matrix. Watch a Prisma® Cloud expert walk you through the new interactive dashboard that references the ATT&CK Framework™ to 12 distinct categories for audits and events.
Sponsored Session: Palo Alto Networks - Reimagining the MITRE ATT&CK Framework for Cloud Native Applications - Keith Mokris & Ashley Ward
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
This is an on-demand session and will be available for the duration of the event.
Today, enterprises use a combination of virtual machines, containers and Kubernetes, and platform as a service (PaaS) offerings to power their cloud native applications. While customers love and trust MITRE ATT&CK® to measure the effectiveness of their security operations and identify areas of improvements, they are now looking to extend this framework to their portfolio of cloud native applications. In this 15-minute demo session, Prisma Cloud will unveil industry's first comprehensive cloud native threat matrix. Watch a Prisma® Cloud expert walk you through the new interactive dashboard that references the ATT&CK Framework™ to 12 distinct categories for audits and events.
- 2 participants
- 10 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Securing S3 Backups Against Ransomware - Tom Manville & Michael Cade, Kasten by Veeam
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
When backing up cloud-native data, there is no better place than object storage. From databases to data protection applications, the cloud-native landscape is littered with projects that backup data to object storage. With all this mission-critical data being stored in object storage it’s no wonder that it’s become a high-value target for cyber criminals. This, in combination with the rising popularity of cryptocurrency, means that ransomware protection is now a requirement for IT departments of any size.
The S3 protocol has become the de-facto standard API for interacting with Object Storage. It is implemented by nearly all object storage providers and consumed by modern cloud native applications. Thankfully it provides all the primitives needed to develop a robust strategy to protect against ransomware attacks.
In this session, we’ll walk through how backups saved in an S3-compatible can be made ransomware resistant. We’ll show which APIs are used and how to configure the buckets. If you’re considering backing up data in object storage and your data is too valuable to lose, then this talk is for you!
Sponsored Session: Securing S3 Backups Against Ransomware - Tom Manville & Michael Cade, Kasten by Veeam
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
When backing up cloud-native data, there is no better place than object storage. From databases to data protection applications, the cloud-native landscape is littered with projects that backup data to object storage. With all this mission-critical data being stored in object storage it’s no wonder that it’s become a high-value target for cyber criminals. This, in combination with the rising popularity of cryptocurrency, means that ransomware protection is now a requirement for IT departments of any size.
The S3 protocol has become the de-facto standard API for interacting with Object Storage. It is implemented by nearly all object storage providers and consumed by modern cloud native applications. Thankfully it provides all the primitives needed to develop a robust strategy to protect against ransomware attacks.
In this session, we’ll walk through how backups saved in an S3-compatible can be made ransomware resistant. We’ll show which APIs are used and how to configure the buckets. If you’re considering backing up data in object storage and your data is too valuable to lose, then this talk is for you!
- 2 participants
- 18 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Studying Kubernetes' Users with SIG Usability - Gaby Moreno Cesar, IBM; Josie Pynadath & Tasha Drew, VMware; Carl J Pearson, UserZoom
Part of our charter is to make sure that the upstream community is building for users of Kubernetes, as well as for the builders of Kubernetes. To further that goal, SIG Usability has been engaging in user research and a jobs to be done study, to better understand who is using Kubernetes, what they are trying to accomplish, and how our project is meeting their needs, and where we need to improve the project and the user experience. Join our SIG's update to learn about our latest research results, what our plans are for the upcoming year, and how to get involved in the upstream usability team as a contributor!
Studying Kubernetes' Users with SIG Usability - Gaby Moreno Cesar, IBM; Josie Pynadath & Tasha Drew, VMware; Carl J Pearson, UserZoom
Part of our charter is to make sure that the upstream community is building for users of Kubernetes, as well as for the builders of Kubernetes. To further that goal, SIG Usability has been engaging in user research and a jobs to be done study, to better understand who is using Kubernetes, what they are trying to accomplish, and how our project is meeting their needs, and where we need to improve the project and the user experience. Join our SIG's update to learn about our latest research results, what our plans are for the upcoming year, and how to get involved in the upstream usability team as a contributor!
- 4 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Tackling New Challenges in a Virtual Focused Community - Bob Killen, Google & Alison Dowdney, Weaveworks
The pandemic has had many communities scrambling to find ways to capture, grow, and continue to strengthen the bonds of their community members. Virtual events, zoom burn out, and increased familial responsibilities are things that are impacting not only contributors but software communities as a whole. They do pose an opportunity - They can be made more accessible, there are less financial pressures for attendees, and they open up possibilities for others that might not be able to previously contribute to open source. In this talk, we’ll go over some of the successes and failures that we have encountered over the past year, share our experiences, and explore strategies to mitigate “virtual” fatigue. Attendees will learn the following things: - How to approach virtual events and activities, both as an organizer and an attendee - Set and manage expectations with themselves and others - Technical do’s and don’ts with virtual events
Tackling New Challenges in a Virtual Focused Community - Bob Killen, Google & Alison Dowdney, Weaveworks
The pandemic has had many communities scrambling to find ways to capture, grow, and continue to strengthen the bonds of their community members. Virtual events, zoom burn out, and increased familial responsibilities are things that are impacting not only contributors but software communities as a whole. They do pose an opportunity - They can be made more accessible, there are less financial pressures for attendees, and they open up possibilities for others that might not be able to previously contribute to open source. In this talk, we’ll go over some of the successes and failures that we have encountered over the past year, share our experiences, and explore strategies to mitigate “virtual” fatigue. Attendees will learn the following things: - How to approach virtual events and activities, both as an organizer and an attendee - Set and manage expectations with themselves and others - Technical do’s and don’ts with virtual events
- 2 participants
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Taking Bare Metal to the Clouds with Tinkerbell - Mark Coleman, Equinix Metal
The technologies involved in provisioning bare metal machines have remained mostly unchanged since the 1990s. With the recent surge in interest in running cloud native workloads on-prem, this previously underappreciated part of the stack is experiencing a renaissance. Tinkerbell, an open source project for provisioning bare metal using the same API-centric, declarative configuration and automation approach pioneered by the Kubernetes community, helps companies bring cloud native workloads to bare metal. In this talk, Mark Coleman will discuss how the project is built with a focus on openness and transparency, demonstrate how to get from a bunch of servers to a cloud native application, and explain how attendees can get involved with the project.
Taking Bare Metal to the Clouds with Tinkerbell - Mark Coleman, Equinix Metal
The technologies involved in provisioning bare metal machines have remained mostly unchanged since the 1990s. With the recent surge in interest in running cloud native workloads on-prem, this previously underappreciated part of the stack is experiencing a renaissance. Tinkerbell, an open source project for provisioning bare metal using the same API-centric, declarative configuration and automation approach pioneered by the Kubernetes community, helps companies bring cloud native workloads to bare metal. In this talk, Mark Coleman will discuss how the project is built with a focus on openness and transparency, demonstrate how to get from a bunch of servers to a cloud native application, and explain how attendees can get involved with the project.
- 1 participant
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Taking the Helm: Becoming a Maintainer - Bridget Kromhout & Matt Butcher, Microsoft; Karena Angell, Red Hat; Matt Farina, Rancher Labs
As a graduated CNCF project, Helm is well-known as the package manager for Kubernetes. Despite being established for years, Helm continues to require ongoing work in the realm of growing the maintainer community. Join long-time and new Helm maintainers as we discuss scaling an open source project, illustrated by specifics from Helm’s journey. We’ll talk about where new contributors can make the most impact and how to navigate when the waters get choppy. Learn about where the Helm project is headed and how you can help steer it!
Taking the Helm: Becoming a Maintainer - Bridget Kromhout & Matt Butcher, Microsoft; Karena Angell, Red Hat; Matt Farina, Rancher Labs
As a graduated CNCF project, Helm is well-known as the package manager for Kubernetes. Despite being established for years, Helm continues to require ongoing work in the realm of growing the maintainer community. Join long-time and new Helm maintainers as we discuss scaling an open source project, illustrated by specifics from Helm’s journey. We’ll talk about where new contributors can make the most impact and how to navigate when the waters get choppy. Learn about where the Helm project is headed and how you can help steer it!
- 4 participants
- 35 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
TechDocs: Unlocking the Potential of Engineers' Collective Knowledge - Emma Indal, Spotify
Emma is an engineer with a big goal: her new service should provide the best developer experience, including well-maintained, discoverable and usable documentation. So she thinks, “Which tool should I use to write my docs?” followed by “How will other engineers find it?” What if she could instead, in one click, get docs generated together with her service when it's created? Documentation that lives in her repository, together with her code. Documentation that becomes discoverable automatically, to all engineers within the organization. Documentation in one single place: Backstage. This talk will guide you through how we fulfilled Emma’s big goal by adopting the “docs like code” approach and developing TechDocs, one of the core features of Backstage. It will also walk you through why we decided to open source this successful internal product to remove the friction of writing and discovering technical documentation for all engineers.
TechDocs: Unlocking the Potential of Engineers' Collective Knowledge - Emma Indal, Spotify
Emma is an engineer with a big goal: her new service should provide the best developer experience, including well-maintained, discoverable and usable documentation. So she thinks, “Which tool should I use to write my docs?” followed by “How will other engineers find it?” What if she could instead, in one click, get docs generated together with her service when it's created? Documentation that lives in her repository, together with her code. Documentation that becomes discoverable automatically, to all engineers within the organization. Documentation in one single place: Backstage. This talk will guide you through how we fulfilled Emma’s big goal by adopting the “docs like code” approach and developing TechDocs, one of the core features of Backstage. It will also walk you through why we decided to open source this successful internal product to remove the friction of writing and discovering technical documentation for all engineers.
- 1 participant
- 21 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Thanos: Easier Than Ever to Scale Prometheus and Make It Highly Available - Giedrius Statkevičius, Vinted & Prem Saraswat; Red Hat
Prometheus is a leading CNCF Graduated project that provides a solution for all things metrics. However, it lacks scalability and high availability features. Thanos turbocharges Prometheus by adding those features while keeping storage and maintenance costs low. In the first part of the session, you will discover how to leverage Thanos in your organization just as many other companies have already done . You will learn enough to continue on your journey toward deploying Thanos in Kubernetes or any other cloud native environment. In the deep dive, you will find out what we have been working on recently to make everything even better - deleting series from blocks, caching queries with the query frontend, making the ruler scalable and stateless, optimizing the compaction of very large blocks, streamlining the receiver, and more!
Thanos: Easier Than Ever to Scale Prometheus and Make It Highly Available - Giedrius Statkevičius, Vinted & Prem Saraswat; Red Hat
Prometheus is a leading CNCF Graduated project that provides a solution for all things metrics. However, it lacks scalability and high availability features. Thanos turbocharges Prometheus by adding those features while keeping storage and maintenance costs low. In the first part of the session, you will discover how to leverage Thanos in your organization just as many other companies have already done . You will learn enough to continue on your journey toward deploying Thanos in Kubernetes or any other cloud native environment. In the deep dive, you will find out what we have been working on recently to make everything even better - deleting series from blocks, caching queries with the query frontend, making the ruler scalable and stateless, optimizing the compaction of very large blocks, streamlining the receiver, and more!
- 2 participants
- 21 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
The Art of Hiding Yourself - Lorenzo Fontana, Sysdig
Kubernetes security is an ongoing effort today. In this talk we look at how a hacker would attempt to remain anonymous while compromising a Kubernetes cluster. Seconds after a node or a cluster are compromised, the bad actors start to take measures to make sure their hard work can profit for a while. What do they do? They start hiding their traces. Depending on the attack vector, they will need to hide their traces at multiple levels. They will begin by asking themselves some questions: - Are there are audit log mechanisms? - Kubernetes audit log is enabled? Can I tamper it? - There is deep packet inspection? Can I tamper it? - How to hide processes, containers, tasks to the owners? - There’s any non-conventional place where I can put files? - What about hiding my files in the kubernetes etcd? - How can I hide the network connections I make? In this talk we are going to discuss the broader picture of how the second part of an attack is handled by a bad actor.
The Art of Hiding Yourself - Lorenzo Fontana, Sysdig
Kubernetes security is an ongoing effort today. In this talk we look at how a hacker would attempt to remain anonymous while compromising a Kubernetes cluster. Seconds after a node or a cluster are compromised, the bad actors start to take measures to make sure their hard work can profit for a while. What do they do? They start hiding their traces. Depending on the attack vector, they will need to hide their traces at multiple levels. They will begin by asking themselves some questions: - Are there are audit log mechanisms? - Kubernetes audit log is enabled? Can I tamper it? - There is deep packet inspection? Can I tamper it? - How to hide processes, containers, tasks to the owners? - There’s any non-conventional place where I can put files? - What about hiding my files in the kubernetes etcd? - How can I hide the network connections I make? In this talk we are going to discuss the broader picture of how the second part of an attack is handled by a bad actor.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
The CNCF Sandbox: An Exploration and Guided Tour - Justin Cormack, Chief Technology Officer, Docker
The CNCF Sandbox: An Exploration and Guided Tour - Justin Cormack, Chief Technology Officer, Docker
- 1 participant
- 15 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
The Long, Winding and Bumpy Road to CronJob’s GA - Maciej Szulik, Red Hat & Alay Patel, Red Hat
The CronJob API just reached GA, and the new controller is solving all the performance and reliability problems of the past. Come join us to learn about the 6 year journey that got us here! We will talk about the people who sparked the discussions and delivered the initial implementation. We will cover all the major problems that users were faced to handle over the years. Finally, we will discuss the solutions and our gratitude to the users and developers standing behind this part of Kubernetes. Maciej (one of the co-authors of CronJob) and Alay (developer of the new controller) will try to squeeze as much as possible in 30 minutes: - From scheduled jobs, through jobs, to cron jobs - Evolution of the API - Known issues with the old controller implementation - Performance boost and improvements in the new controller - Possible future improvements
The Long, Winding and Bumpy Road to CronJob’s GA - Maciej Szulik, Red Hat & Alay Patel, Red Hat
The CronJob API just reached GA, and the new controller is solving all the performance and reliability problems of the past. Come join us to learn about the 6 year journey that got us here! We will talk about the people who sparked the discussions and delivered the initial implementation. We will cover all the major problems that users were faced to handle over the years. Finally, we will discuss the solutions and our gratitude to the users and developers standing behind this part of Kubernetes. Maciej (one of the co-authors of CronJob) and Alay (developer of the new controller) will try to squeeze as much as possible in 30 minutes: - From scheduled jobs, through jobs, to cron jobs - Evolution of the API - Known issues with the old controller implementation - Performance boost and improvements in the new controller - Possible future improvements
- 2 participants
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
The New Stack Makers Virtual Pancake Breakfast + Podcast: IT, Developer Strategies, and Open Source - Moderators: Alex Williams, Speakers: Cheryl Hung, Itzik Reich, Nivas Iyer
It’s pancake time! How do you manage your pancake stack? That’s the question. Well, it has nothing to do with modern applications but those pancakes sure taste good! So what about that app data management? The needs are outpacing the reach of today’s DevSecOps digital transformation plans. Join us for a short stack with The New Stack and the CNCF for this Pancake & Podcast discussion with sponsor Dell Technologies to talk about how DevOps, AppSec and IT teams can best use open source projects and enterprise management tools to enable developers to be free from the overhead of IT demands and keep data secure.
We’ll look at persistent data and the role developers play with IT now that Kubernetes has emerged as the orchestration engine for at-scale architectures and microservices are taking center stage. Bring your questions for a chance to win a custom TNS spatula!
The New Stack Makers Virtual Pancake Breakfast + Podcast: IT, Developer Strategies, and Open Source - Moderators: Alex Williams, Speakers: Cheryl Hung, Itzik Reich, Nivas Iyer
It’s pancake time! How do you manage your pancake stack? That’s the question. Well, it has nothing to do with modern applications but those pancakes sure taste good! So what about that app data management? The needs are outpacing the reach of today’s DevSecOps digital transformation plans. Join us for a short stack with The New Stack and the CNCF for this Pancake & Podcast discussion with sponsor Dell Technologies to talk about how DevOps, AppSec and IT teams can best use open source projects and enterprise management tools to enable developers to be free from the overhead of IT demands and keep data secure.
We’ll look at persistent data and the role developers play with IT now that Kubernetes has emerged as the orchestration engine for at-scale architectures and microservices are taking center stage. Bring your questions for a chance to win a custom TNS spatula!
- 4 participants
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
The New Stack Makers Virtual Pancake Breakfast + Podcast: Securing GitOps: Self-Healing Through Open Source - Speakers: Katie Gamanji, Alex Williams, Om Moolchandani, Cindy Blake, Frank Kim, Sanjeev Sharma
GitOps is as hot as a campfire griddle! So cook up some hot cakes as we discuss GitOps and all that makes it hot, hot, hot! Join us for a short stack with The New Stack and sponsor Accurics to get all of your questions answered about GitOps — the movement that is defining how teams are achieving the world of desired state.
TNS Founder and Publisher Alex Williams will moderate an expert panel and take as many questions as we can answer from you and our worldwide virtual audience. Our panelists will offer their explanation and analysis about how pull request automation practices have emerged, why Infrastructure as Code is integral to GitOps practices, and how open source projects are emerging. Argo CD, Flux, Atlantis, Tekton, Kaniko, Skaffold and Terrascan can be used to create GitOps workflows with security and compliance baked in. Bring your questions for a chance to win a custom TNS spatula!
The New Stack Makers Virtual Pancake Breakfast + Podcast: Securing GitOps: Self-Healing Through Open Source - Speakers: Katie Gamanji, Alex Williams, Om Moolchandani, Cindy Blake, Frank Kim, Sanjeev Sharma
GitOps is as hot as a campfire griddle! So cook up some hot cakes as we discuss GitOps and all that makes it hot, hot, hot! Join us for a short stack with The New Stack and sponsor Accurics to get all of your questions answered about GitOps — the movement that is defining how teams are achieving the world of desired state.
TNS Founder and Publisher Alex Williams will moderate an expert panel and take as many questions as we can answer from you and our worldwide virtual audience. Our panelists will offer their explanation and analysis about how pull request automation practices have emerged, why Infrastructure as Code is integral to GitOps practices, and how open source projects are emerging. Argo CD, Flux, Atlantis, Tekton, Kaniko, Skaffold and Terrascan can be used to create GitOps workflows with security and compliance baked in. Bring your questions for a chance to win a custom TNS spatula!
- 6 participants
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
The Road to Interoperability in Cloud Native Continuous Delivery - Kara de la Marck, CloudBees & Fatih Degirmenci, Ericsson
The emergence of cloud native has resulted in tremendous advances in enabling organizations to develop new services and make them available to end users. In addition, new paradigms such as Continuous Delivery (CD) allow organisations to do this much faster than before, empowering them to go to market ahead of the competition. Despite its many advantages, the cloud native CD ecosystem has its challenges. This session will discuss issues arising from the lack of interoperability across proliferating cloud native CD technologies. We will look at end user case studies, including existing integration initiatives such as that between Tekton and Jenkins X. However, these initiatives are localised to the projects involved and do not address the challenges holistically. We will highlight the necessity, and greater sustainability, of a holistic approach to interoperability in the CD ecosystem and invite attendees to join community efforts.
The Road to Interoperability in Cloud Native Continuous Delivery - Kara de la Marck, CloudBees & Fatih Degirmenci, Ericsson
The emergence of cloud native has resulted in tremendous advances in enabling organizations to develop new services and make them available to end users. In addition, new paradigms such as Continuous Delivery (CD) allow organisations to do this much faster than before, empowering them to go to market ahead of the competition. Despite its many advantages, the cloud native CD ecosystem has its challenges. This session will discuss issues arising from the lack of interoperability across proliferating cloud native CD technologies. We will look at end user case studies, including existing integration initiatives such as that between Tekton and Jenkins X. However, these initiatives are localised to the projects involved and do not address the challenges holistically. We will highlight the necessity, and greater sustainability, of a holistic approach to interoperability in the CD ecosystem and invite attendees to join community efforts.
- 2 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
There is a New Spec in Town: Getting to Know the Device Information Spec - Billy McFall & Adrián Moreno, Red Hat
Cloud Native Network Functions (CNFs) will be the cornerstone of the 5G revolution. Unlike traditional workloads, CNFs require access to high speed network interfaces. Unfortunately, Kubernetes traditional networking does not fulfil this requirement out of the box. In order to close these gaps, a new specification has been developed called the Device Information Specification, which expands the existing multi-net specification developed by the Network Plumbing Working Group (NPWG). It not only enriches the information about the network interfaces, but also allows new accelerated technologies to be added and consumed by CNFs using an API-compliant library. This session will give an overview of the Device Information Specification and provide details of how it enables new network accelerating technologies to be integrated into Kubernetes through an end-to-end example.
There is a New Spec in Town: Getting to Know the Device Information Spec - Billy McFall & Adrián Moreno, Red Hat
Cloud Native Network Functions (CNFs) will be the cornerstone of the 5G revolution. Unlike traditional workloads, CNFs require access to high speed network interfaces. Unfortunately, Kubernetes traditional networking does not fulfil this requirement out of the box. In order to close these gaps, a new specification has been developed called the Device Information Specification, which expands the existing multi-net specification developed by the Network Plumbing Working Group (NPWG). It not only enriches the information about the network interfaces, but also allows new accelerated technologies to be added and consumed by CNFs using an API-compliant library. This session will give an overview of the Device Information Specification and provide details of how it enables new network accelerating technologies to be integrated into Kubernetes through an end-to-end example.
- 2 participants
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Towards CNI v2.0 - Casey Callendrello, Red Hat
CNI v1.0 is out! In this talk, we'll discuss some directions the CNI project could take as we look to define the next generation of container networking.
We'll look at -- Where CNI is today -- What it does and doesn't do well -- How we might improve it -- How can Kubernetes better use CNI?
Towards CNI v2.0 - Casey Callendrello, Red Hat
CNI v1.0 is out! In this talk, we'll discuss some directions the CNI project could take as we look to define the next generation of container networking.
We'll look at -- Where CNI is today -- What it does and doesn't do well -- How we might improve it -- How can Kubernetes better use CNI?
- 1 participant
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Traces from Events: A New Way to Visualise Kubernetes Activities - Bryan Boreham, Weaveworks
Many people know Distributed Tracing as a powerful way to visualise such complex operations, but as yet Kubernetes is not instrumented for tracing.
In this talk, Bryan will explore how Events, which are already emitted from all parts of Kubernetes, can be turned into OpenTelemetry Traces and visualised using Jaeger.
Outline of the talk:
- What are Kubernetes Events?
- What is Distributed Tracing?
- The Event data model
- Turning Events into Spans
- Reconstructing the parent-child relationships between Spans
- Demo
Traces from Events: A New Way to Visualise Kubernetes Activities - Bryan Boreham, Weaveworks
Many people know Distributed Tracing as a powerful way to visualise such complex operations, but as yet Kubernetes is not instrumented for tracing.
In this talk, Bryan will explore how Events, which are already emitted from all parts of Kubernetes, can be turned into OpenTelemetry Traces and visualised using Jaeger.
Outline of the talk:
- What are Kubernetes Events?
- What is Distributed Tracing?
- The Event data model
- Turning Events into Spans
- Reconstructing the parent-child relationships between Spans
- Demo
- 1 participant
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Trust No One: Bringing Confidential Computing to Containers - Samuel Ortiz, Intel & Eric Ernst, Apple
Today’s containers run in wildly heterogeneous environments. When deployed on multi-tenant clouds, they can span across nodes, regions, and multiple Cloud Service Providers (CSPs) while sharing CSP-owned resources between tenants. In such hostile environments, protecting containers data and code requires full trust on the CSP stack. Confidential computing leverages emerging hardware technologies to build Trusted Execution Environments (TEE) that protect cloud code and data at rest, in transit and in use, allowing tenants to trust no one but themselves. In this presentation, we will describe cloud native gaps for supporting confidential computing through memory encryption, authenticated launch and application attestability. Attendees will learn how secure container runtimes like Kata can close those gaps and leave with a proposed software architecture to bring confidential computing to cloud native workloads.
Trust No One: Bringing Confidential Computing to Containers - Samuel Ortiz, Intel & Eric Ernst, Apple
Today’s containers run in wildly heterogeneous environments. When deployed on multi-tenant clouds, they can span across nodes, regions, and multiple Cloud Service Providers (CSPs) while sharing CSP-owned resources between tenants. In such hostile environments, protecting containers data and code requires full trust on the CSP stack. Confidential computing leverages emerging hardware technologies to build Trusted Execution Environments (TEE) that protect cloud code and data at rest, in transit and in use, allowing tenants to trust no one but themselves. In this presentation, we will describe cloud native gaps for supporting confidential computing through memory encryption, authenticated launch and application attestability. Attendees will learn how secure container runtimes like Kata can close those gaps and leave with a proposed software architecture to bring confidential computing to cloud native workloads.
- 2 participants
- 27 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Turning Your Cloud Native Apps Inside Out With a Service Mesh - Adam Zwickey & Liam White, Tetrate
Cloud native best practices have come a long way from the mid-2010’s when adopters of cloud native patterns were utilizing in-app libraries to manage concerns around load balancing, circuit breaking, service discovery, etc. Many adopters of modern cloud platforms have now realized greater agility and ease of use when those primitives are separated away from the application and managed independently in a cloud platform. This talk will review the pitfalls of those earlier application patterns with an assessment of why we've moved on and, most importantly, the benefits of now operating with an Envoy-based Service Mesh to help you manage your environment and enhance your development practices. It will also address how using a service mesh will help you migrate to this newer development style faster and safer to better enhance your organization's delivery times for updates to products and services.
Turning Your Cloud Native Apps Inside Out With a Service Mesh - Adam Zwickey & Liam White, Tetrate
Cloud native best practices have come a long way from the mid-2010’s when adopters of cloud native patterns were utilizing in-app libraries to manage concerns around load balancing, circuit breaking, service discovery, etc. Many adopters of modern cloud platforms have now realized greater agility and ease of use when those primitives are separated away from the application and managed independently in a cloud platform. This talk will review the pitfalls of those earlier application patterns with an assessment of why we've moved on and, most importantly, the benefits of now operating with an Envoy-based Service Mesh to help you manage your environment and enhance your development practices. It will also address how using a service mesh will help you migrate to this newer development style faster and safer to better enhance your organization's delivery times for updates to products and services.
- 2 participants
- 30 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Uncovering a Sophisticated Kubernetes Attack in Real-Time - Jed Salazar & Natália Réka Ivánkó, Isovalent
As Kubernetes adoption continues to explode, the threat actors working on attacks are growing in sophistication. Simple mitigations and security best practices are no longer sufficient alone to protect production workloads. While tools like vulnerability scanning, signed container images, and distroless containers help, constant monitoring must take place in a running environment to ensure it remains safe from compromise. eBPF, an emerging Linux kernel technology, provides us unique visibility directly into any Kubernetes pod. Because pods on a node share a single kernel, a single eBPF program has full visibility to the entire node’s workloads. We’ll show how using such a program gives us the network and process-level visibility to detect and a live sophisticated attack on our cluster. We’ll finish by showcasing how security teams can easily put these same tools to use to protect their critical Kubernetes environments from threats.
Uncovering a Sophisticated Kubernetes Attack in Real-Time - Jed Salazar & Natália Réka Ivánkó, Isovalent
As Kubernetes adoption continues to explode, the threat actors working on attacks are growing in sophistication. Simple mitigations and security best practices are no longer sufficient alone to protect production workloads. While tools like vulnerability scanning, signed container images, and distroless containers help, constant monitoring must take place in a running environment to ensure it remains safe from compromise. eBPF, an emerging Linux kernel technology, provides us unique visibility directly into any Kubernetes pod. Because pods on a node share a single kernel, a single eBPF program has full visibility to the entire node’s workloads. We’ll show how using such a program gives us the network and process-level visibility to detect and a live sophisticated attack on our cluster. We’ll finish by showcasing how security teams can easily put these same tools to use to protect their critical Kubernetes environments from threats.
- 2 participants
- 20 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Understanding Isolation Levels in the Kubernetes Landscape - Jiaqi Liu, University of Chicago
In building open-source software with Kubernetes, it becomes important to understand the support and limitations for isolation and security at different levels. The ecosystem can be complex and it might be challenging to verify or fully understand the guarantees for isolation at each layer - from the cluster level to the container level. More importantly, how do you know what level of isolation you need at each level? Maybe if your cluster is secure, there is less of a concern for container level isolation? This talk will go over the impact and tradeoffs for optimizing for isolation at a given layer and help you understand what can be done at the cluster level, the namespace level, the pod, the container. As an example, this talk will present the case study of running Jupyter Notebooks within Kubernetes and supporting the requirement to provide isolation between each pod in order to create separate user spaces for each notebook launched in the cluster.
Understanding Isolation Levels in the Kubernetes Landscape - Jiaqi Liu, University of Chicago
In building open-source software with Kubernetes, it becomes important to understand the support and limitations for isolation and security at different levels. The ecosystem can be complex and it might be challenging to verify or fully understand the guarantees for isolation at each layer - from the cluster level to the container level. More importantly, how do you know what level of isolation you need at each level? Maybe if your cluster is secure, there is less of a concern for container level isolation? This talk will go over the impact and tradeoffs for optimizing for isolation at a given layer and help you understand what can be done at the cluster level, the namespace level, the pod, the container. As an example, this talk will present the case study of running Jupyter Notebooks within Kubernetes and supporting the requirement to provide isolation between each pod in order to create separate user spaces for each notebook launched in the cluster.
- 1 participant
- 25 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Using a Distributed Key-Value Store - Nick Cameron & Andy Lok, PingCAP
Key-value stores are well-known and the concept is simple, but there are myriad differences in the details of different stores. How you choose and use a key-value store in your projects is dictated by these details. TiKV is a distributed and transactional key-value store, which makes it massively scalable and a great choice if you have huge volumes of data and need low-latency access with low tolerance for inconsistency. In this talk, Nick Cameron and Di’an Luo will walk through building an application around TiKV using a language-native client. They will delve into the features, architecture, and limitations of TiKV, and the design principles and APIs of the clients. The talk focuses on the practical aspects of building an application using TiKV, so that you can easily leverage this technology in your own projects. TiKV and its clients are open source and have an open and active community; TiKV is a graduated CNCF project.
Using a Distributed Key-Value Store - Nick Cameron & Andy Lok, PingCAP
Key-value stores are well-known and the concept is simple, but there are myriad differences in the details of different stores. How you choose and use a key-value store in your projects is dictated by these details. TiKV is a distributed and transactional key-value store, which makes it massively scalable and a great choice if you have huge volumes of data and need low-latency access with low tolerance for inconsistency. In this talk, Nick Cameron and Di’an Luo will walk through building an application around TiKV using a language-native client. They will delve into the features, architecture, and limitations of TiKV, and the design principles and APIs of the clients. The talk focuses on the practical aspects of building an application using TiKV, so that you can easily leverage this technology in your own projects. TiKV and its clients are open source and have an open and active community; TiKV is a graduated CNCF project.
- 2 participants
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
We Didn’t Start the Fire: Communication Breakdowns and How to Prevent Them - Ian Coldwater, Twilio & Kat Cosgrove, JFrog
When the Kubernetes project was smaller and fewer people used it, core maintainers could assume shared context, and we didn't have to think about communication as much. We've grown a lot since, but we haven't always adjusted these assumptions. We don't all know each other anymore, and can no longer rely on everyone sharing the same context or concerns. With more growth, communication becomes more critical.
Design decisions and the way we communicate about them are affected by the assumptions we make about each other. If we aren't careful, problems can arise for everyone. The Dockershim deprecation conflagration is one example of how this can go wrong, but it wasn't the first or the last communication breakdown of its kind. Let's look at this history together, learn from it, and figure out how we can prevent such breakdowns in the future.
It's on all of us to work together to address this. We can do better when we come together, communicate more, and check our assumptions. We've got this.
We Didn’t Start the Fire: Communication Breakdowns and How to Prevent Them - Ian Coldwater, Twilio & Kat Cosgrove, JFrog
When the Kubernetes project was smaller and fewer people used it, core maintainers could assume shared context, and we didn't have to think about communication as much. We've grown a lot since, but we haven't always adjusted these assumptions. We don't all know each other anymore, and can no longer rely on everyone sharing the same context or concerns. With more growth, communication becomes more critical.
Design decisions and the way we communicate about them are affected by the assumptions we make about each other. If we aren't careful, problems can arise for everyone. The Dockershim deprecation conflagration is one example of how this can go wrong, but it wasn't the first or the last communication breakdown of its kind. Let's look at this history together, learn from it, and figure out how we can prevent such breakdowns in the future.
It's on all of us to work together to address this. We can do better when we come together, communicate more, and check our assumptions. We've got this.
- 2 participants
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Closing Remarks - KubeCon + CloudNativeCon Europe 2021 Co-Chairs: Constance Caramanolis, Principal Engineer, Splunk & Stephen Augustus, Head of Open Source, Emerging Technologies & Incubation Division, Cisco
Closing Remarks - KubeCon + CloudNativeCon Europe 2021 Co-Chairs: Constance Caramanolis, Principal Engineer, Splunk & Stephen Augustus, Head of Open Source, Emerging Technologies & Incubation Division, Cisco
- 3 participants
- 8 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
What Do You Mean K8s Doesn't Have Users? How Do I Manage User Access Then? - Jussi Nummelin, Mirantis Inc.
What if I told you that once you give someone client certificate access to your Kubernetes cluster you can't take it away again? It's true. Once you create an authentication key and give it access to the cluster, there's no way to revoke it. That person has access forever. And that's just one of the weird things about Kubernetes Authentication and Authorization. In this session, you will learn about how Kubernetes handles users and permissions, and how to set up your cluster to do it more efficiently and securely. You'll learn: How access keys work How permissions work How to segment your cluster for greater security How Role-Based Access Control limits what individual users can see and do How to use OpenID Connect to get around the issue of permanent access without having to manage hundreds or thousands of individual Roles You will leave this session ready to create a more secure and convenient way to manage your cluster.
What Do You Mean K8s Doesn't Have Users? How Do I Manage User Access Then? - Jussi Nummelin, Mirantis Inc.
What if I told you that once you give someone client certificate access to your Kubernetes cluster you can't take it away again? It's true. Once you create an authentication key and give it access to the cluster, there's no way to revoke it. That person has access forever. And that's just one of the weird things about Kubernetes Authentication and Authorization. In this session, you will learn about how Kubernetes handles users and permissions, and how to set up your cluster to do it more efficiently and securely. You'll learn: How access keys work How permissions work How to segment your cluster for greater security How Role-Based Access Control limits what individual users can see and do How to use OpenID Connect to get around the issue of permanent access without having to manage hundreds or thousands of individual Roles You will leave this session ready to create a more secure and convenient way to manage your cluster.
- 1 participant
- 28 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
When Prometheus Can’t Take the Load Anymore - Liron Cohen, Riskified
Riskified started from using a pair of Prometheus servers in each of its clusters, but soon enough, Prometheus couldn’t take the load anymore. Once it happened, the SRE team started to check what is the best tool for Multi, HA, long-term Prometheus. They decided to check Thanos, Cortex, and M3. In this session, Liron will share her outtakes of the different tools - which tool can provide the best performance and High Availability, the most cost-effective, and the easiest to deploy and operate.
By the end, you’ll get a better understanding of the different tools and which one is the best solution for your use case.
When Prometheus Can’t Take the Load Anymore - Liron Cohen, Riskified
Riskified started from using a pair of Prometheus servers in each of its clusters, but soon enough, Prometheus couldn’t take the load anymore. Once it happened, the SRE team started to check what is the best tool for Multi, HA, long-term Prometheus. They decided to check Thanos, Cortex, and M3. In this session, Liron will share her outtakes of the different tools - which tool can provide the best performance and High Availability, the most cost-effective, and the easiest to deploy and operate.
By the end, you’ll get a better understanding of the different tools and which one is the best solution for your use case.
- 1 participant
- 31 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Why Use Managed Kubernetes?: It's Dangerous to Go Alone! - Seth McCombs, Workday
Seth will cover common misconceptions and dispel myths around the usage of managed Kubernetes services. Without focus on specific services in particular, more of a push towards acceptance of managed services, especially if you're an engineer or leader that is considering Kubernetes but don't know how to get started. When discussing a managed Kubernetes service, responses have range from “why?” or “managed services aren’t as powerful” or the all too common reference to "vendor lock in" - often leaving those on the receiving end with a feeling of being lesser. Viewers will walk away from this session with more acceptance of managed services, and realize that using a managed service doesn't make one a bad engineer. There are many benefits to be had adoption of Kubernetes, and it's not a contest to prove how much you can build. If you have a small team and want to use Kubernetes, then a managed service can be the first step or only step towards Kubernetes usage.
Why Use Managed Kubernetes?: It's Dangerous to Go Alone! - Seth McCombs, Workday
Seth will cover common misconceptions and dispel myths around the usage of managed Kubernetes services. Without focus on specific services in particular, more of a push towards acceptance of managed services, especially if you're an engineer or leader that is considering Kubernetes but don't know how to get started. When discussing a managed Kubernetes service, responses have range from “why?” or “managed services aren’t as powerful” or the all too common reference to "vendor lock in" - often leaving those on the receiving end with a feeling of being lesser. Viewers will walk away from this session with more acceptance of managed services, and realize that using a managed service doesn't make one a bad engineer. There are many benefits to be had adoption of Kubernetes, and it's not a contest to prove how much you can build. If you have a small team and want to use Kubernetes, then a managed service can be the first step or only step towards Kubernetes usage.
- 1 participant
- 24 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Windows Containers in Kubernetes and a Deep Dive into Windows Networking - Mark Rossetti, Kalya Subramanian & David Schott, Microsoft; Jay Vyas, VMware
Members of the SIG-Windows community will provide an update on the efforts to brining Windows workloads to Kubernetes. We'll start off by going over recent improvements. Next we'll talk about planned future improvements and demo privileged contianers for Windows. We'll then start deep diving into some networking topics like network load balancing with DSR, discussing network policy, and providing updates on the states of various CNI solutions for Windows. Lastly we'll finish up with some Questions and Answers with the speakers.
Windows Containers in Kubernetes and a Deep Dive into Windows Networking - Mark Rossetti, Kalya Subramanian & David Schott, Microsoft; Jay Vyas, VMware
Members of the SIG-Windows community will provide an update on the efforts to brining Windows workloads to Kubernetes. We'll start off by going over recent improvements. Next we'll talk about planned future improvements and demo privileged contianers for Windows. We'll then start deep diving into some networking topics like network load balancing with DSR, discussing network policy, and providing updates on the states of various CNI solutions for Windows. Lastly we'll finish up with some Questions and Answers with the speakers.
- 4 participants
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Writing for Developers: Take your Project Docs to the Next Level - Celeste Horgan, CNCF
As maintainers know, when choosing an open source project to use in production, great documentation and community support are key. Yet they often struggle with creating and maintaining documentation because of lack of time and skill. This talk, delivered by one of CNCF’s full-time technical writers, will teach you how to approach writing for developers. We’ll go over deciding what to write, thinking about documentation from a user’s perspective, and what makes great writing. We’ll walk through improving an existing page of documentation on an actual CNCF project(*), as well as how to draft new feature documentation from scratch. This talk is aimed at developers who would like to write better, and folks considering a career switch into technical writing. (*) Project TBD.
Writing for Developers: Take your Project Docs to the Next Level - Celeste Horgan, CNCF
As maintainers know, when choosing an open source project to use in production, great documentation and community support are key. Yet they often struggle with creating and maintaining documentation because of lack of time and skill. This talk, delivered by one of CNCF’s full-time technical writers, will teach you how to approach writing for developers. We’ll go over deciding what to write, thinking about documentation from a user’s perspective, and what makes great writing. We’ll walk through improving an existing page of documentation on an actual CNCF project(*), as well as how to draft new feature documentation from scratch. This talk is aimed at developers who would like to write better, and folks considering a career switch into technical writing. (*) Project TBD.
- 1 participant
- 23 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Zero Pain Microservice Development and Deployment with Dapr and KubeVela - Hongchao Deng, Alibaba Cloud
Developing and deploying microservices could be cumbersome on Kubernetes as developers need to manage deployment configurations of the services per se, MySQL, Kafka, Redis, etc. Those config files are complex and time consuming to learn and write. It becomes a huge burden to developers as they want to focus on business logic, not underlying platform details. In this talk, we will introduce how Alibaba abstracts away infrastructure details and provides consistent experience across various deployment environments by leveraging Dapr and KubeVela. In Alibaba, many developers can now focus only on app code, and the microservice components and their environments will all be setup and managed by the platform with sidecar based approach.
Zero Pain Microservice Development and Deployment with Dapr and KubeVela - Hongchao Deng, Alibaba Cloud
Developing and deploying microservices could be cumbersome on Kubernetes as developers need to manage deployment configurations of the services per se, MySQL, Kafka, Redis, etc. Those config files are complex and time consuming to learn and write. It becomes a huge burden to developers as they want to focus on business logic, not underlying platform details. In this talk, we will introduce how Alibaba abstracts away infrastructure details and provides consistent experience across various deployment environments by leveraging Dapr and KubeVela. In Alibaba, many developers can now focus only on app code, and the microservice components and their environments will all be setup and managed by the platform with sidecar based approach.
- 1 participant
- 14 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
eBPF on the Rise - Getting Started - Quentin Monnet, Isovalent
eBPF is rising as an essential component for observability and networking programmability on Linux and in containers. Due to its performance, flexibility, and scalability, Liz Rice listed it as one of the five CNCF technologies to watch for 2021! In an opportunity to fully comprehend its potential, this introduction will help you get started with eBPF. First, the core architecture. What is an eBPF program? How to attach and run it safely in the kernel, and most importantly, what for? And what are the other components of the eBPF subsystem? Come and learn the basics. Then, augment your toolbox with utilities to manipulate eBPF objects. Inspect, debug or trace with bpftool, bcc tools, bpftrace, or libbpf and its Golang equivalent. Equipped with knowledge and tools, here you come, now prepared to instrument clusters with eBPF! Before you go load-balancing traffic and chasing metrics, the last part focuses on eBPF's benefits for cloud-native environments. Ready to surf the eBPF wave?
eBPF on the Rise - Getting Started - Quentin Monnet, Isovalent
eBPF is rising as an essential component for observability and networking programmability on Linux and in containers. Due to its performance, flexibility, and scalability, Liz Rice listed it as one of the five CNCF technologies to watch for 2021! In an opportunity to fully comprehend its potential, this introduction will help you get started with eBPF. First, the core architecture. What is an eBPF program? How to attach and run it safely in the kernel, and most importantly, what for? And what are the other components of the eBPF subsystem? Come and learn the basics. Then, augment your toolbox with utilities to manipulate eBPF objects. Inspect, debug or trace with bpftool, bcc tools, bpftrace, or libbpf and its Golang equivalent. Equipped with knowledge and tools, here you come, now prepared to instrument clusters with eBPF! Before you go load-balancing traffic and chasing metrics, the last part focuses on eBPF's benefits for cloud-native environments. Ready to surf the eBPF wave?
- 1 participant
- 29 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
xDS in gRPC for Service Mesh - Megan Yahya, Google LLC
This presentation will introduce the xDS functionality in gRPC and talk about the exciting development of service mesh features in gRPC.
xDS in gRPC for Service Mesh - Megan Yahya, Google LLC
This presentation will introduce the xDS functionality in gRPC and talk about the exciting development of service mesh features in gRPC.
- 1 participant
- 16 minutes
