30 Aug 2023
Fluentd and Fluent Bit are two highly popular open source projects for data collection and log forwarding in the realm of observability. Fluentd's flexibility and scalability have led to seamless integration with diverse applications and data sources, while Fluent Bit's lightweight and efficient log forwarding have made it a preferred choice for modern observability pipelines. But Fluent Bit can process more than just logs. The recent release of Fluent Bit v2 added major new integrations with OpenTelemetry, Prometheus, WebAssembly plugins and more.
On this episode I hosted Eduardo Silva Pereira, one of Fluentd project maintainers and creator of Fluent Bit. He also is the founder of Calyptia, the Fluent company. Eduardo shared with us the latest updates of Fluentd and Fluent Bit, as well as valuable insights into the future roadmap of these projects.
You can read the recap post: https://logz.io/blog/whats-new-with-fluentd-fluentbit/?utm_source=devrel&utm_medium=devrel
Resources
=========
Fluent Bit: https://fluentbit.io/
FluentD: https://www.fluentd.org/
Prometheus supports OTLP: https://horovits.medium.com/83f85878e46a
PromCon '23: https://promcon.io/2023-berlin/
Kubernetes 1.27: Query node logs using the kubelet API: https://logz.io/blog/a-practical-guide-to-kubernetes-logging/#Kubernetes_1_27
Kelemetry project: https://www.cncf.io/blog/2023/07/27/kelemetry-global-tracing-for-kubernetes-control-plane/
Chapters
========
00:00 - episode intro
02:11 - Fluentd and Fluent Bit background
09:51 - Should I choose FluentD or Fluent Bit?
13:26 - developing an active engaged OSS community
17:18 - enterprise needs and building commercial offering with Calyptia
19:54 - Fluent Bit v2 updates
29:22 - plugins, filters and processors in Fluent Bit
38:23 - A sneak peak into the planned announcements for KubeCon Chicago
44:16 - where to follow the community and Eduardo
47:43 - Prometheus now supports OTLP
48:57 - PromCon will take place in Berlin, 28-29 Sept.
50:11 - OpenTelemetry Semantic Conventions is separated from the Specification
53:38 - New in Kubernetes 1.27: Query node logs using the kubelet API
54:43 - Kelemetry: global tracing for Kubernetes control plane
57:45 - episode outro
Dotan Horovits
============
Twitter: https://twitter.com/horovits
LinkedIn: https://www.linkedin.com/in/horovits/
Mastodon: @horovits@fosstodon.org
Eduardo Silva Pereira
==================
Twitter: https://twitter.com/edsiper
LinkedIn: https://www.linkedin.com/in/edsiper
On this episode I hosted Eduardo Silva Pereira, one of Fluentd project maintainers and creator of Fluent Bit. He also is the founder of Calyptia, the Fluent company. Eduardo shared with us the latest updates of Fluentd and Fluent Bit, as well as valuable insights into the future roadmap of these projects.
You can read the recap post: https://logz.io/blog/whats-new-with-fluentd-fluentbit/?utm_source=devrel&utm_medium=devrel
Resources
=========
Fluent Bit: https://fluentbit.io/
FluentD: https://www.fluentd.org/
Prometheus supports OTLP: https://horovits.medium.com/83f85878e46a
PromCon '23: https://promcon.io/2023-berlin/
Kubernetes 1.27: Query node logs using the kubelet API: https://logz.io/blog/a-practical-guide-to-kubernetes-logging/#Kubernetes_1_27
Kelemetry project: https://www.cncf.io/blog/2023/07/27/kelemetry-global-tracing-for-kubernetes-control-plane/
Chapters
========
00:00 - episode intro
02:11 - Fluentd and Fluent Bit background
09:51 - Should I choose FluentD or Fluent Bit?
13:26 - developing an active engaged OSS community
17:18 - enterprise needs and building commercial offering with Calyptia
19:54 - Fluent Bit v2 updates
29:22 - plugins, filters and processors in Fluent Bit
38:23 - A sneak peak into the planned announcements for KubeCon Chicago
44:16 - where to follow the community and Eduardo
47:43 - Prometheus now supports OTLP
48:57 - PromCon will take place in Berlin, 28-29 Sept.
50:11 - OpenTelemetry Semantic Conventions is separated from the Specification
53:38 - New in Kubernetes 1.27: Query node logs using the kubelet API
54:43 - Kelemetry: global tracing for Kubernetes control plane
57:45 - episode outro
Dotan Horovits
============
Twitter: https://twitter.com/horovits
LinkedIn: https://www.linkedin.com/in/horovits/
Mastodon: @horovits@fosstodon.org
Eduardo Silva Pereira
==================
Twitter: https://twitter.com/edsiper
LinkedIn: https://www.linkedin.com/in/edsiper
- 2 participants
- 59 minutes
29 Aug 2023
Chapters
0:00 Introduction
5:02 Demo time
18:30 Running locally
27:00 Cross-component typed-client
40:50 TestKit Mocked Topic
1:11:23 Kalix Container Registry
1:24:50 Final Remarks
In the dynamic realm of cloud-native application development, optimizing efficiency and productivity is of paramount importance. Developers continually seek ways to streamline processes, achieve seamless local development, and accelerate feedback cycles. In this webinar, we will delve into the recent enhancements in Kalix, showcasing its features that expedite the application building and deployment process. Join us as we demonstrate how Kalix empowers developers to transform ideas into production-ready services capable of serving thousands of requests per second.
0:00 Introduction
5:02 Demo time
18:30 Running locally
27:00 Cross-component typed-client
40:50 TestKit Mocked Topic
1:11:23 Kalix Container Registry
1:24:50 Final Remarks
In the dynamic realm of cloud-native application development, optimizing efficiency and productivity is of paramount importance. Developers continually seek ways to streamline processes, achieve seamless local development, and accelerate feedback cycles. In this webinar, we will delve into the recent enhancements in Kalix, showcasing its features that expedite the application building and deployment process. Join us as we demonstrate how Kalix empowers developers to transform ideas into production-ready services capable of serving thousands of requests per second.
- 2 participants
- 1:28 hours
22 Aug 2023
Cloud Native Live: Troubleshooting eBPF Data Plane in Kubernetes cluster for networking and security
eBPF for networking in a Kubernetes cluster brings some advantages such as performance, lower resource utilization, shorter routing path, etc. However, due to the compiler nature of an eBPF program, it is not a trivial task to troubleshoot an issue. In this session, we will discuss the open-source tools that are embedded in Project Calico that you can use to gain insight into the inner working of the kernel and associated eBPF programs for networking and security.
https://github.com/frozenprocess/Tigera-Presentations/tree/master/2023-08-21-CNCF-Troubleshooting-eBPF-data-plane-cluster-for-networking-and-security
eBPF for networking in a Kubernetes cluster brings some advantages such as performance, lower resource utilization, shorter routing path, etc. However, due to the compiler nature of an eBPF program, it is not a trivial task to troubleshoot an issue. In this session, we will discuss the open-source tools that are embedded in Project Calico that you can use to gain insight into the inner working of the kernel and associated eBPF programs for networking and security.
https://github.com/frozenprocess/Tigera-Presentations/tree/master/2023-08-21-CNCF-Troubleshooting-eBPF-data-plane-cluster-for-networking-and-security
- 2 participants
- 1:00 hours
18 Aug 2023
Arm processors are disrupting the computer industry on many fronts. First, they took the mobile industry and now they are storming PCs and data centers. With an excellent performance per watt ratio and affordable prices, they look like an excellent choice for sustainability and efficiency.
Migrating your Kubernetes clusters to Arm processors is a common way to take advantage of these benefits, but there are several considerations and obstacles that you need to be prepared to overcome:
Should you choose pure or hybrid Arm clusters with x86 clusters?
- Can Kubernetes run smoothly on Arm machines?
- Are your apps ready to run on Arm processors?
- Are your build pipelines ready to generate the multi-architecture images?
- Is your registry ready to manage several architectures for the same images?
In this talk, we help you run your workloads in a more efficient and sustainable way on the Arm architecture by using different solutions and strategies with open-source applications, such as Harbor.
You will also hear practical tips and tricks about:
- How to take advantage of the compatibility of different languages or technologies.
- How to adequately build pipelines to generate images for different architectures.
- How to properly store and use the images.
- What happens when one or more of my apps can’t run on Arm?
About the speaker
Carlos has more than 15 years of experience in IT, currently focused on the cloud native ecosystem. He tried once to explain Kubernetes to his wife and then both didn’t understand it.
Currently Technical Product Marketing Engineer at Giant Swarm. Father of three. Technology, video games, movies and music are his hobbies in his (scarce) free time.
More about multi-arch cloud: https://www.arm.com/campaigns/multi-arch-cloud-infrastructure
○○○ Further Arm Software Developer Resources ○○○
- Twitter: https://twitter.com/ArmSoftwareDev
- Reddit: https://www.reddit.com/r/ArmSoftwareDev/
- GitHub: https://github.com/arm-software
- Discord: https://discord.gg/armsoftwaredev
- Arm Developer Program: https://www.arm.com/resources/developer-program
- Arm Developer Hub: https://www.arm.com/developer-hub/servers-and-cloud-computing
Migrating your Kubernetes clusters to Arm processors is a common way to take advantage of these benefits, but there are several considerations and obstacles that you need to be prepared to overcome:
Should you choose pure or hybrid Arm clusters with x86 clusters?
- Can Kubernetes run smoothly on Arm machines?
- Are your apps ready to run on Arm processors?
- Are your build pipelines ready to generate the multi-architecture images?
- Is your registry ready to manage several architectures for the same images?
In this talk, we help you run your workloads in a more efficient and sustainable way on the Arm architecture by using different solutions and strategies with open-source applications, such as Harbor.
You will also hear practical tips and tricks about:
- How to take advantage of the compatibility of different languages or technologies.
- How to adequately build pipelines to generate images for different architectures.
- How to properly store and use the images.
- What happens when one or more of my apps can’t run on Arm?
About the speaker
Carlos has more than 15 years of experience in IT, currently focused on the cloud native ecosystem. He tried once to explain Kubernetes to his wife and then both didn’t understand it.
Currently Technical Product Marketing Engineer at Giant Swarm. Father of three. Technology, video games, movies and music are his hobbies in his (scarce) free time.
More about multi-arch cloud: https://www.arm.com/campaigns/multi-arch-cloud-infrastructure
○○○ Further Arm Software Developer Resources ○○○
- Twitter: https://twitter.com/ArmSoftwareDev
- Reddit: https://www.reddit.com/r/ArmSoftwareDev/
- GitHub: https://github.com/arm-software
- Discord: https://discord.gg/armsoftwaredev
- Arm Developer Program: https://www.arm.com/resources/developer-program
- Arm Developer Hub: https://www.arm.com/developer-hub/servers-and-cloud-computing
- 2 participants
- 33 minutes
18 Aug 2023
Multi-architecture infrastructures enable workloads to run on the best hardware for the task (Arm or x86) and optimize price/performance ratios while boosting design flexibility. However, migrating from a single- to a multi-arch framework can be tricky.
Join Cheryl Hung, Senior Ecosystem Director at Arm to learn about:
- What is multi-architecture infrastructure?
- The trend for moving cloud workloads to multi-arch
- How early adopters handled the challenges
- The growing software ecosystem of Arm
- Comparing the price-performance of common workloads on x86 vs Arm
- Resources to get you started
This talk prepares developers for the road ahead with the ability to run workloads on the best hardware without needing to be concerned with the underlying architecture.
About the speaker:
Cheryl brings engineers together to build the future of infrastructure, especially cloud native and open source. As Senior Director at Arm, Cheryl leads ecosystem strategy to drive adoption across cloud, 5G and networking. She also founded the Cloud Native London meetup and runs events for 7000 architects, SREs and DevOps engineers monthly. Previously Cheryl was VP Ecosystem at the Cloud Native Computing Foundation / Linux Foundation, bringing Spotify, Apple and Airbnb into the End User Community. She was a C++ engineer on Google Maps and and engineering manager at Apple, and holds a Masters Computer Science from the University of Cambridge.
Find more resources to plan your migration and get started:
Whitepaper: The Insider’s Guide to Building a Multi-Arch Infrastructure - https://armkeil.blob.core.windows.net/developer/Files/pdf/white-paper/arm-whitepaper-insiders-guide-to-building-a-multi-arch-infrastructure.pdf
Hands-on tutorials to create Arm-based Kubernetes clusters
More multi-arch cloud resources: https://www.arm.com/campaigns/multi-arch-cloud-infrastructure
○○○ Further Arm Software Developer Resources ○○○
– Twitter: https://twitter.com/ArmSoftwareDev
- Reddit: https://www.reddit.com/r/ArmSoftwareDev/
- GitHub: https://github.com/arm-software
- Discord: https://discord.gg/armsoftwaredev
- Arm Developer Program: https://www.arm.com/resources/developer-program
- Arm Developer Hub: https://www.arm.com/developer-hub/servers-and-cloud-computing
Join Cheryl Hung, Senior Ecosystem Director at Arm to learn about:
- What is multi-architecture infrastructure?
- The trend for moving cloud workloads to multi-arch
- How early adopters handled the challenges
- The growing software ecosystem of Arm
- Comparing the price-performance of common workloads on x86 vs Arm
- Resources to get you started
This talk prepares developers for the road ahead with the ability to run workloads on the best hardware without needing to be concerned with the underlying architecture.
About the speaker:
Cheryl brings engineers together to build the future of infrastructure, especially cloud native and open source. As Senior Director at Arm, Cheryl leads ecosystem strategy to drive adoption across cloud, 5G and networking. She also founded the Cloud Native London meetup and runs events for 7000 architects, SREs and DevOps engineers monthly. Previously Cheryl was VP Ecosystem at the Cloud Native Computing Foundation / Linux Foundation, bringing Spotify, Apple and Airbnb into the End User Community. She was a C++ engineer on Google Maps and and engineering manager at Apple, and holds a Masters Computer Science from the University of Cambridge.
Find more resources to plan your migration and get started:
Whitepaper: The Insider’s Guide to Building a Multi-Arch Infrastructure - https://armkeil.blob.core.windows.net/developer/Files/pdf/white-paper/arm-whitepaper-insiders-guide-to-building-a-multi-arch-infrastructure.pdf
Hands-on tutorials to create Arm-based Kubernetes clusters
More multi-arch cloud resources: https://www.arm.com/campaigns/multi-arch-cloud-infrastructure
○○○ Further Arm Software Developer Resources ○○○
– Twitter: https://twitter.com/ArmSoftwareDev
- Reddit: https://www.reddit.com/r/ArmSoftwareDev/
- GitHub: https://github.com/arm-software
- Discord: https://discord.gg/armsoftwaredev
- Arm Developer Program: https://www.arm.com/resources/developer-program
- Arm Developer Hub: https://www.arm.com/developer-hub/servers-and-cloud-computing
- 2 participants
- 27 minutes
8 Aug 2023
In a recent article, Lakmal Warusawithana, Senior Director for Cloud Architecture at WSO2, wrote how programmable data planes offer dynamic control for cloud native applications and how technologies like the extended Berkeley Packet Filter (#eBPF) and #kubernetes provide an abstraction to improve flexibility, scalability, and performance. In this WordsUnplugged episode, Lakmal, and Kanchana Wickremasinghe, VP and GM for Choreo at WSO2, sit down to talk about eBPF and its role in creating effective programmable data planes in Kubernetes. They also discuss benefits, challenges, best practices, as well as future trends and opportunities.
Link to Lakmal’s article: https://wso2.com/blogs/thesource/unlocking-the-power-of-programmable-data-planes-in-kubernetes-with-ebpf/
0:00 - Introduction to eBPF
2:20 - Is eBPF safe in production?
3:11 - Programmable data planes in Kubernetes
4:30 - Improving performance and scalability with eBPF
7:03 - Enhancing security with eBPF
9:03 - Impact of eBPF on observability
10:53 - Impact on cloud native architecture and Linux kernel ecosystems
12:50 - Platform vs. DIY approach
15:00 - Overcoming eBPF challenges
17:20 - Learning more about eBPF
20:00 - Conclusion
Link to Lakmal’s article: https://wso2.com/blogs/thesource/unlocking-the-power-of-programmable-data-planes-in-kubernetes-with-ebpf/
0:00 - Introduction to eBPF
2:20 - Is eBPF safe in production?
3:11 - Programmable data planes in Kubernetes
4:30 - Improving performance and scalability with eBPF
7:03 - Enhancing security with eBPF
9:03 - Impact of eBPF on observability
10:53 - Impact on cloud native architecture and Linux kernel ecosystems
12:50 - Platform vs. DIY approach
15:00 - Overcoming eBPF challenges
17:20 - Learning more about eBPF
20:00 - Conclusion
- 2 participants
- 21 minutes
5 Jul 2023
During this presentation, Mackenzie Jackson, security advocate at GitGuardian walks through the challenging problem of secrets sprawl, the unwanted distribution of credentials sprawling through source code. The presentation takes a dive into not only how to find and secrets in our infrastructure but also into the challenges organizations face when remediating this issue, particularly at scale.
- 1 participant
- 26 minutes
26 Jun 2023
Agenda
[00:00] Introductions & highlights of TiDB 7.1
[20:21] Multi-value index
[24:05] Multi-Rocks
[35:40] Resource control
[46:21] Concurrency framework
[48:59] Wrap-up
[00:00] Introductions & highlights of TiDB 7.1
[20:21] Multi-value index
[24:05] Multi-Rocks
[35:40] Resource control
[46:21] Concurrency framework
[48:59] Wrap-up
- 2 participants
- 54 minutes
14 Jun 2023
In this session, we will review the steps required to secure a Kubernetes cluster and establish network observability.
Topics that will be covered in this session:
* Understand Kubernetes Cluster Architecture
* Namespace isolation
* Role Based Access Control
* Policy design
* Networking flow logs
* Calico, fluent-bit integration
Previous sessions can be found
https://www.youtube.com/@ProjectCalico/streams
https://github.com/frozenprocess/calico_live
Like to learn more about Kubernetes?
https://github.com/frozenprocess/Tigera-Presentations
Hands-on Kubernetes workshops
https://www.tigera.io/tutorials/
#kubernetes #cncf #k8s #policy
Topics that will be covered in this session:
* Understand Kubernetes Cluster Architecture
* Namespace isolation
* Role Based Access Control
* Policy design
* Networking flow logs
* Calico, fluent-bit integration
Previous sessions can be found
https://www.youtube.com/@ProjectCalico/streams
https://github.com/frozenprocess/calico_live
Like to learn more about Kubernetes?
https://github.com/frozenprocess/Tigera-Presentations
Hands-on Kubernetes workshops
https://www.tigera.io/tutorials/
#kubernetes #cncf #k8s #policy
- 5 participants
- 1:10 hours
12 Jun 2023
What is Kubernetes cost allocation? How do you setup your Kubernetes environment to accurately trace the costs tied to the many different components involved in your Kubernetes clusters? In this video, Lukonde Mwila explains the importance of cost allocation in Kubernetes and demonstrates how you can accomplish this using Taints and Tolerations, Karpenter, KubeCost & Cost Explorer.
Activate user-defined cost allocation tags: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/activating-tags.html
00:00 - Introduction
00:05 - Why is Kubernetes cost allocation important?
02:30 - Using taints and tolerations to create dedicated nodes for workloads
03:12 - Using Karpenter to manage lifecycle of dedicated nodes for workloads
03:53 - Using Cost Explorer to see costs of dedicated nodes
04:25 - Using KubeCost for granular cost allocation breakdown for workloads
05:02 - Code walk-through and demo
#AWS #Kubernetes #EKS #karpenter #kubecost
Activate user-defined cost allocation tags: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/activating-tags.html
00:00 - Introduction
00:05 - Why is Kubernetes cost allocation important?
02:30 - Using taints and tolerations to create dedicated nodes for workloads
03:12 - Using Karpenter to manage lifecycle of dedicated nodes for workloads
03:53 - Using Cost Explorer to see costs of dedicated nodes
04:25 - Using KubeCost for granular cost allocation breakdown for workloads
05:02 - Code walk-through and demo
#AWS #Kubernetes #EKS #karpenter #kubecost
- 1 participant
- 13 minutes
8 Jun 2023
eBay is a high scale end user of open source observability. Collecting telemetry from millions of endpoints, and running thousands of queries per second, presents serious scaling challenges. eBay has chosen to use an open source stack to meet those challenges.
On this episode I hosted Vijay Samuel, Observability Architect at eBay, to hear about the challenges eBay faced in monitoring large Kubernetes installations. We discussed why eBay chose the open source stack, and the strategic decision behind eBay's migration from Elastic Beats to OpenTelemetry, and the remarkable experiences they had while deploying massively large scale telemetry installations using OpenTelemetry and Prometheus.
We also discussed a fascinating new proposal for a query language standard for observability, which eBay spearheads together with Netflix under the auspices of the CNCF’s TAG Observability (the CNCF’s technical advisory group for observability).
Vijay Samuel works with eBay's observability platform as its architect. During his time at eBay Vijay has transformed eBay's observability platform into a cloud native offering that is primarily built on top of open source technologies. He loves to code in Go and play video games.
The podcast episodes are available for listening on your favorite podcast app and on this YouTube channel.
We live-stream the episodes, and you’re welcome to join the stream here on YouTube Live or at https://www.twitch.tv/openobservability.
Follow us on Twitter @openobserv to get the live stream times and other updates, and to pitch in with your thoughts and comments.
Dotan Horovits
============
Twitter: https://twitter.com/horovits
LinkedIn: https://www.linkedin.com/in/horovits/
Vijay Samuel , eBay
===============
Twitter: @vjsamuel_
LinkedIn: vjsamuel
Resources
=========
New CNCF working group for Observability Query Language Standardization: https://github.com/cncf/tag-observability/blob/main/working-groups/query-standardization.md
Why and How eBay Pivoted to OpenTelemetry: https://tech.ebayinc.com/engineering/why-and-how-ebay-pivoted-to-opentelemetry/
Chapters
========
00:00 - show intro
00:33 - 3rd anniversary
02:00 - episode intro
04:48 - eBay monitoring solution
07:38 - planet scale at eBay
09:57 - distributed tracing at eBay
16:28 - migrating from Elastic Beats to OpenTelemetry
19:36 - why eBay chose open source
22:47 - open-sourcing eBay’s metrics store platform?
25:19 - scaling Prometheus
35:12 - ramping up tracing, from backend to frontend and mobile
40:03 - running OpenTelemetry Collector at scale
49:05 - Query Language Standardization for Observability under the CNCF
56:39 - Vijay Samuel contact and final notes
59:12 - episode outro
On this episode I hosted Vijay Samuel, Observability Architect at eBay, to hear about the challenges eBay faced in monitoring large Kubernetes installations. We discussed why eBay chose the open source stack, and the strategic decision behind eBay's migration from Elastic Beats to OpenTelemetry, and the remarkable experiences they had while deploying massively large scale telemetry installations using OpenTelemetry and Prometheus.
We also discussed a fascinating new proposal for a query language standard for observability, which eBay spearheads together with Netflix under the auspices of the CNCF’s TAG Observability (the CNCF’s technical advisory group for observability).
Vijay Samuel works with eBay's observability platform as its architect. During his time at eBay Vijay has transformed eBay's observability platform into a cloud native offering that is primarily built on top of open source technologies. He loves to code in Go and play video games.
The podcast episodes are available for listening on your favorite podcast app and on this YouTube channel.
We live-stream the episodes, and you’re welcome to join the stream here on YouTube Live or at https://www.twitch.tv/openobservability.
Follow us on Twitter @openobserv to get the live stream times and other updates, and to pitch in with your thoughts and comments.
Dotan Horovits
============
Twitter: https://twitter.com/horovits
LinkedIn: https://www.linkedin.com/in/horovits/
Vijay Samuel , eBay
===============
Twitter: @vjsamuel_
LinkedIn: vjsamuel
Resources
=========
New CNCF working group for Observability Query Language Standardization: https://github.com/cncf/tag-observability/blob/main/working-groups/query-standardization.md
Why and How eBay Pivoted to OpenTelemetry: https://tech.ebayinc.com/engineering/why-and-how-ebay-pivoted-to-opentelemetry/
Chapters
========
00:00 - show intro
00:33 - 3rd anniversary
02:00 - episode intro
04:48 - eBay monitoring solution
07:38 - planet scale at eBay
09:57 - distributed tracing at eBay
16:28 - migrating from Elastic Beats to OpenTelemetry
19:36 - why eBay chose open source
22:47 - open-sourcing eBay’s metrics store platform?
25:19 - scaling Prometheus
35:12 - ramping up tracing, from backend to frontend and mobile
40:03 - running OpenTelemetry Collector at scale
49:05 - Query Language Standardization for Observability under the CNCF
56:39 - Vijay Samuel contact and final notes
59:12 - episode outro
- 3 participants
- 1:00 hours
7 Jun 2023
CI/CD Secrets are... well... secret (or at least they should be)!
Think of all the credentials and tokens currently in use in your CI/CD pipeline.
These secrets provide critical authentication for essential infrastructure like source control, environments, and build and deployment tools, but they can also easily expose you to risk. Having a secure secret management process is more important than ever for protecting your company and ensuring only authorized personnel can access them.
Don’t leave yourself open to a plethora of insecurities; depending on how significant these insecurities can be, you welcome unnecessary work down the line and potentially even some legal consequences.
So let’s nip that in the bud on the next episode of Merging to Main and talk about:
Best Practices
Secret Management Tools
The Definitely “Dont’s”
Think of all the credentials and tokens currently in use in your CI/CD pipeline.
These secrets provide critical authentication for essential infrastructure like source control, environments, and build and deployment tools, but they can also easily expose you to risk. Having a secure secret management process is more important than ever for protecting your company and ensuring only authorized personnel can access them.
Don’t leave yourself open to a plethora of insecurities; depending on how significant these insecurities can be, you welcome unnecessary work down the line and potentially even some legal consequences.
So let’s nip that in the bud on the next episode of Merging to Main and talk about:
Best Practices
Secret Management Tools
The Definitely “Dont’s”
- 4 participants
- 1:00 hours
27 May 2023
Anyone embedded in the cloud native observability teams in any organization can voice their frustrations at not being taken seriously by their executive decision makers. This leads to way too much on-call stress, frustrations, and eventual burnout. With research showing us DevOps spending over 10 hrs a week on issues in their environments, we could all use quick action by our executives when we find ways to fix our cloud native issues. The trick is to tell the tales we accumulate in such a way as to engage, inspire, and effect change in our organizations. This session provides attendees with ample cloud native bedtime stories, tricks that make your tales land within the executive human mind, and actionable insights to head home with immediate results. Join me for a half hour of power where you are empowered to tell better observability stories for better executive decision outcomes.
- 1 participant
- 28 minutes
27 May 2023
Panelist: Lenka Bočincová
Speakers: Eric D. Schabell, Goutham Veeramachaneni, Petr Stýblo, Miro Adamy, Zdeněk Váňa
Welcome to the panel discussion from Kubernetes Community Days Czech & Slovak 2023, recorded on Saturday, May 20th. This video captures an insightful dialogue between leading minds in the Kubernetes field, brought together to explore the complexities and nuances of Kubernetes technology. Engaging in a lively exchange of ideas, the panelists offer their unique perspectives, drawing upon years of experience and deep knowledge in their respective areas of expertise.
They delve into intricate technical aspects, offering clear explanations that make even complex concepts accessible. The panelists' broad range of views ensures that topics are examined from multiple angles, fostering a comprehensive understanding for viewers. With a collective commitment to quality speech and thoughtful analysis, this discussion promises to engage, educate, and inspire.
Whether you're new to Kubernetes or an experienced professional, you'll find invaluable insights in this panel discussion that will help you navigate the Kubernetes landscape. Watch and join in our journey of discovery and learning at the Kubernetes Community Days Czech & Slovak 2023.
Speakers: Eric D. Schabell, Goutham Veeramachaneni, Petr Stýblo, Miro Adamy, Zdeněk Váňa
Welcome to the panel discussion from Kubernetes Community Days Czech & Slovak 2023, recorded on Saturday, May 20th. This video captures an insightful dialogue between leading minds in the Kubernetes field, brought together to explore the complexities and nuances of Kubernetes technology. Engaging in a lively exchange of ideas, the panelists offer their unique perspectives, drawing upon years of experience and deep knowledge in their respective areas of expertise.
They delve into intricate technical aspects, offering clear explanations that make even complex concepts accessible. The panelists' broad range of views ensures that topics are examined from multiple angles, fostering a comprehensive understanding for viewers. With a collective commitment to quality speech and thoughtful analysis, this discussion promises to engage, educate, and inspire.
Whether you're new to Kubernetes or an experienced professional, you'll find invaluable insights in this panel discussion that will help you navigate the Kubernetes landscape. Watch and join in our journey of discovery and learning at the Kubernetes Community Days Czech & Slovak 2023.
- 6 participants
- 1:30 hours
21 Apr 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 5 participants
- 49 minutes
15 Apr 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 20 minutes
12 Apr 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 41 minutes
9 Apr 2023
Join Shaked Askayo the CTO of Kubiya to learn how to create an efficient and secure DevOps Self-serve experience directly from Slack that will free your team from repetitive request and keep the Devs happy.
Learn how to easily create workflows and automation using generative AI and make them accessible to your team in seconds.
- Create an efficient and secure DevOps self-serve experience directly from Slack
- Use generative AI to easily create workflows and automation
- Use conversational AI to give Devs the operational access they need without context switching or a steep learning curve
- Free your Ops team from repetitive request and keep Devs happy
Learn how to easily create workflows and automation using generative AI and make them accessible to your team in seconds.
- Create an efficient and secure DevOps self-serve experience directly from Slack
- Use generative AI to easily create workflows and automation
- Use conversational AI to give Devs the operational access they need without context switching or a steep learning curve
- Free your Ops team from repetitive request and keep Devs happy
- 1 participant
- 38 minutes
6 Apr 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 54 minutes
6 Apr 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 46 minutes
5 Apr 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:02 hours
5 Apr 2023
Presented at Open Source 101 2023 - Charlotte
Presented by Eric D Schabell - Chronosphere
Title: Observability For You and Me with openTelemetry
Abstract: Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
You can find slides here: https://www.slideshare.net/AllThingsOpen/observability-for-you-and-me-with-opentelemetry
Find more info about Open Source 101:
On the web: https://opensource101.com/
Twitter: https://twitter.com/os101series
LinkedIn: https://www.linkedin.com/company/open-source-101/
Instagram: https://www.instagram.com/os101series/
Facebook: https://www.facebook.com/os101series/
Presented by Eric D Schabell - Chronosphere
Title: Observability For You and Me with openTelemetry
Abstract: Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
You can find slides here: https://www.slideshare.net/AllThingsOpen/observability-for-you-and-me-with-opentelemetry
Find more info about Open Source 101:
On the web: https://opensource101.com/
Twitter: https://twitter.com/os101series
LinkedIn: https://www.linkedin.com/company/open-source-101/
Instagram: https://www.instagram.com/os101series/
Facebook: https://www.facebook.com/os101series/
- 2 participants
- 37 minutes
30 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 45 minutes
30 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 1:03 hours
30 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 5 participants
- 57 minutes
30 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 26 minutes
30 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 24 minutes
29 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 54 minutes
23 Mar 2023
Krius is a CLI tool to set up and manage Prometheus, Thanos & friends across multiple clusters easily for scale.
- 2 participants
- 20 minutes
23 Mar 2023
Join Thomas Graf, Co-Creator of Cilium, CTO and Co-Founder of Isovalent to learn more about the latest and greatest open source and enterprise features of Isovalent Cilium Enterprise.
00:00 Intro
03:18 Service Mesh and Ingress Controller
18:14 Cluster Mesh Improvements
21:50 External Workload Improvements
25:25 Security, including Tetragon
30:34 Networking improvements
38:10 User Experience
41:44 Isovalent Cilium Enterprise v1.12, including Hubble Timescape update
45:40 Q&A
Related materials:
Cilium 1.12 Release Blog: https://isovalent.com/blog/post/cilium-release-112
CNCF Announcement: Cilium 1.12: https://www.cncf.io/blog/2022/07/20/cilium-1-12-ga-cilium-service-mesh-and-other-major-new-features-for-enterprise-kubernetes/
- - - - - - - - - -
To learn more about Isovalent: https://isovalent.com/
To try our product: https://isovalent.com/resource-library/labs/
Follow us on Twitter: https://twitter.com/isovalent
We're hiring! https://isovalent.com/careers/
00:00 Intro
03:18 Service Mesh and Ingress Controller
18:14 Cluster Mesh Improvements
21:50 External Workload Improvements
25:25 Security, including Tetragon
30:34 Networking improvements
38:10 User Experience
41:44 Isovalent Cilium Enterprise v1.12, including Hubble Timescape update
45:40 Q&A
Related materials:
Cilium 1.12 Release Blog: https://isovalent.com/blog/post/cilium-release-112
CNCF Announcement: Cilium 1.12: https://www.cncf.io/blog/2022/07/20/cilium-1-12-ga-cilium-service-mesh-and-other-major-new-features-for-enterprise-kubernetes/
- - - - - - - - - -
To learn more about Isovalent: https://isovalent.com/
To try our product: https://isovalent.com/resource-library/labs/
Follow us on Twitter: https://twitter.com/isovalent
We're hiring! https://isovalent.com/careers/
- 1 participant
- 53 minutes
23 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 22 minutes
23 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 10 minutes
23 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 4 participants
- 37 minutes
22 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:03 hours
22 Mar 2023
Modernizing your CI/CD can turn into a Sherlock-Holmes-style mystery if your organization or team is not fully prepared.
And when migrating from monoliths to microservices, people tend to only focus on the really technical nitty gritty details, and don’t focus enough time on questions like:
- How do we deliver the software?
- How do we troubleshoot?
- What do we do with our tech stack?
- How do all of these pieces all fit together?
- Is our company culturally ready for this change?
With experience as a consultant, architect, engineer, DevOps engineer, and developer evangelism, JJ Asghar, Developer Advocate at IBM has seen every side of the modernization process. And has so many stories to share.
Tune in and learn the Do's and Don'ts of modernizing your CI/CD.
Register for our next episode at www.codefresh.io/events
And when migrating from monoliths to microservices, people tend to only focus on the really technical nitty gritty details, and don’t focus enough time on questions like:
- How do we deliver the software?
- How do we troubleshoot?
- What do we do with our tech stack?
- How do all of these pieces all fit together?
- Is our company culturally ready for this change?
With experience as a consultant, architect, engineer, DevOps engineer, and developer evangelism, JJ Asghar, Developer Advocate at IBM has seen every side of the modernization process. And has so many stories to share.
Tune in and learn the Do's and Don'ts of modernizing your CI/CD.
Register for our next episode at www.codefresh.io/events
- 2 participants
- 57 minutes
21 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 23 minutes
20 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 24 minutes
16 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 30 minutes
16 Mar 2023
How did Cilium get started? Thomas Graf, Co-Creator of Cilium, explores the foundation story of the Cilium open source project: how we got started, how it relates to eBPF superpowers, and what lead to all major cloud providers adopting it as the default networking and security layer for at least one of their managed Kubernetes platforms.
0:00 Cilium Introduction
1:43 What is eBPF?
4:25 Why did we create Cilium? What are all Cilium projects?
5:50 The origins of Cilium - Founding Team
6:44 Kubernetes Networking
9:18 Network Security & Encryption
11:22 Hubble - Network Observability
13:11 Cluster Mesh - Multi-Cluster Kubernetes
14:40 Google & AWS pick Cilium
16:08 Tetragon
20:00 Load-Balancing
20:48 Timescape
23:51 Service Mesh
26:54 Service Mesh - Split between proxy and eBPF?
30:08 Isovalent and Grafana Labs
30:48 The Roadmap ahead
32:50 Q&A
0:00 Cilium Introduction
1:43 What is eBPF?
4:25 Why did we create Cilium? What are all Cilium projects?
5:50 The origins of Cilium - Founding Team
6:44 Kubernetes Networking
9:18 Network Security & Encryption
11:22 Hubble - Network Observability
13:11 Cluster Mesh - Multi-Cluster Kubernetes
14:40 Google & AWS pick Cilium
16:08 Tetragon
20:00 Load-Balancing
20:48 Timescape
23:51 Service Mesh
26:54 Service Mesh - Split between proxy and eBPF?
30:08 Isovalent and Grafana Labs
30:48 The Roadmap ahead
32:50 Q&A
- 1 participant
- 50 minutes
16 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 24 minutes
16 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:07 hours
15 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 1:02 hours
9 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 11 minutes
9 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:05 hours
8 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 59 minutes
7 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:01 hours
2 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 42 minutes
2 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 16 minutes
2 Mar 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 24 minutes
28 Feb 2023
This video highlights some of the new features in the latest Dapr release, version 1.10.
0:00 Intro
0:30 Blog post
0:43 Workflow
3:12 Pluggable Components SDKs
3:54 Multi-App Run
5:00 New Components: SQLite, Cloudflare KV, Cloudflare Queues, KubeMQ, Solace AMQP
6:40 Closing
Diagrid blog post about the Dapr 1.10 release: https://www.diagrid.io/blog/dapr-1-10-release-highlights
Join the Dapr Discord: https://bit.ly/dapr-discord
0:00 Intro
0:30 Blog post
0:43 Workflow
3:12 Pluggable Components SDKs
3:54 Multi-App Run
5:00 New Components: SQLite, Cloudflare KV, Cloudflare Queues, KubeMQ, Solace AMQP
6:40 Closing
Diagrid blog post about the Dapr 1.10 release: https://www.diagrid.io/blog/dapr-1-10-release-highlights
Join the Dapr Discord: https://bit.ly/dapr-discord
- 1 participant
- 7 minutes
28 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 4 participants
- 46 minutes
23 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 32 minutes
23 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 18 minutes
23 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 22 minutes
23 Feb 2023
Managing secrets is an essential consideration when you adopt Kubernetes.
There are several approaches to storing and correctly using secrets while following a GitOps approach. These improve the coordination between your developers and platform / SRE teams without compromising security and while getting the full benefits of GitOps.
Webinar participants will learn:
- Different options available when handling secrets in Kubernetes
- How we evaluated the options, the pros and cons of each and why we selected the External Secrets Operator
- How we implemented the External Secrets Operator with HashiCorp Vault and the lessons we learned in doing so
Presentation slides: https://bit.ly/3SowXGd
__________
- Interested in more great talks? Check the upcoming ones here: https://platformengineering.org/groups-upcoming-talks
- Join PlatformCon 2023: https://platformcon.com/
- Join our Platform Engineering Slack community: https://platformengineering.org/slack-rd
There are several approaches to storing and correctly using secrets while following a GitOps approach. These improve the coordination between your developers and platform / SRE teams without compromising security and while getting the full benefits of GitOps.
Webinar participants will learn:
- Different options available when handling secrets in Kubernetes
- How we evaluated the options, the pros and cons of each and why we selected the External Secrets Operator
- How we implemented the External Secrets Operator with HashiCorp Vault and the lessons we learned in doing so
Presentation slides: https://bit.ly/3SowXGd
__________
- Interested in more great talks? Check the upcoming ones here: https://platformengineering.org/groups-upcoming-talks
- Join PlatformCon 2023: https://platformcon.com/
- Join our Platform Engineering Slack community: https://platformengineering.org/slack-rd
- 3 participants
- 50 minutes
22 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:01 hours
16 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 19 minutes
16 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 46 minutes
10 Feb 2023
A WEBINAR SERIES ON HOW TOP SECURITY TEAMS LEVERAGE OPEN-SOURCE SOFTWARE:
The cloud threat horizon is rapidly shifting with the emergence of cutting-edge platforms and services, fueling the rise of specialized cloud attack vectors. Large and small companies can benefit from open-source software models that allow for customization and adaptation to their specific security needs. Listen to Nick Reva, Security Engineering Leader at Snap, answer critical questions covering how top technology teams use open source as the ultimate shield against the ever-evolving cloud threat landscape. Learn more and get started with your open-source security journey at https://deepfence.io/get-deepfence/
The cloud threat horizon is rapidly shifting with the emergence of cutting-edge platforms and services, fueling the rise of specialized cloud attack vectors. Large and small companies can benefit from open-source software models that allow for customization and adaptation to their specific security needs. Listen to Nick Reva, Security Engineering Leader at Snap, answer critical questions covering how top technology teams use open source as the ultimate shield against the ever-evolving cloud threat landscape. Learn more and get started with your open-source security journey at https://deepfence.io/get-deepfence/
- 2 participants
- 1:01 hours
9 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 39 minutes
9 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 32 minutes
8 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 57 minutes
2 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 17 minutes
2 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 19 minutes
2 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Cloud Native Security Landscape: Myths, Dragons, and Real Talk - Edd Wilder-James & Loris Degioanni, Sysdig; Kim Lewandowski, Chainguard; Isaac Hepworth, Google; Randall Degges, Snyk
The open source security landscape is moving fast, and affects you at all parts of the software lifecycle, from creating open source, to consuming it, to remedying vulnerabilities and detecting threats at runtime. The sheer number of moving parts represents great progress, but challenging when it comes to knowing what to prioritize. Do you like GUAC with your SLSA? Are you equipped to handle the latest OSS vulnerabilities? This panel will discuss where you should pay attention, what's real now, and what's coming in the future. Topics will include * From design-time to run-time: security is a multi-layer concern. All along the software development lifecycle, progress is being made in securing cloud-native, what are the most important projects to know about? * It's about the people, naturally: we're being told to "shift left" security focus to the developer, but are we ready for it? What are the challenges of connecting the security teams to developers and architects, and what really works? * What is real, what is myth? The field is full of hot takes, from grand ideas that won't take off, to draconian policies that throw the baby out with the bathwater. Where are the real risks, and how do you deal with the myths and the scares?
Cloud Native Security Landscape: Myths, Dragons, and Real Talk - Edd Wilder-James & Loris Degioanni, Sysdig; Kim Lewandowski, Chainguard; Isaac Hepworth, Google; Randall Degges, Snyk
The open source security landscape is moving fast, and affects you at all parts of the software lifecycle, from creating open source, to consuming it, to remedying vulnerabilities and detecting threats at runtime. The sheer number of moving parts represents great progress, but challenging when it comes to knowing what to prioritize. Do you like GUAC with your SLSA? Are you equipped to handle the latest OSS vulnerabilities? This panel will discuss where you should pay attention, what's real now, and what's coming in the future. Topics will include * From design-time to run-time: security is a multi-layer concern. All along the software development lifecycle, progress is being made in securing cloud-native, what are the most important projects to know about? * It's about the people, naturally: we're being told to "shift left" security focus to the developer, but are we ready for it? What are the challenges of connecting the security teams to developers and architects, and what really works? * What is real, what is myth? The field is full of hot takes, from grand ideas that won't take off, to draconian policies that throw the baby out with the bathwater. Where are the real risks, and how do you deal with the myths and the scares?
- 7 participants
- 39 minutes
2 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 14 minutes
2 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 47 minutes
1 Feb 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 1:01 hours
27 Jan 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 4 participants
- 55 minutes
26 Jan 2023
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 42 minutes
26 Jan 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 29 minutes
25 Jan 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 60 minutes
25 Jan 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 52 minutes
24 Jan 2023
A 3-node Kubernetes cluster with Prometheus will ship around 40k active series by default! Do we really need all that data?? The current state of Kubernetes open source monitoring is in need of improvement. High churn rate of pod metrics, proliferation of metrics with low usage, and configuration complexity are some of the issues that need to be addressed.
I discussed this topic with Aliaksandr Valialkin, CTO at VictoriaMetrics and creator of the open source project. We discussed the common problems, as well as directions and best practices to overcome some of these complexities as individuals and as a community. We also discussed VictoriaMetrics open source project and how it addresses some of these challenges.
Aliaksandr is a Golang engineer, who likes writing simple and performant code and creating easy-to-use programs. Sometimes these hard-to-match requirements work together, like in the VictoriaMetrics case.
The podcast episodes are available for listening on your favorite podcast app and on this YouTube channel.
We live-stream the episodes, and you’re welcome to join the stream here on YouTube Live or at https://www.twitch.tv/openobservability.
Follow us on Twitter @openobserv to get the live stream times and other updates, and to pitch in with your thoughts and comments.
Have you got an interesting topic you'd like to share in an episode? Reach out to us and submit your proposal at https://forms.gle/9LDkYCmegyS5D8Li7
Dotan Horovits
============
Twitter: https://twitter.com/horovits
LinkedIn: https://www.linkedin.com/in/horovits/
Aliaksandr Valialkin
===============
Twitter: https://twitter.com/valyala
LinkedIn: https://www.linkedin.com/in/valyala/
VictoriaMetrics: https://victoriametrics.com/
On GitHub: https://github.com/VictoriaMetrics/VictoriaMetrics
VictoriaMetrics community channels - https://docs.victoriametrics.com/#community-and-contributions
Resources
=========
Why Prometheus cannot query remote storage in an expected way via remote_read protocol - https://github.com/prometheus/prometheus/issues/4456
VictoriaMetrics: scaling to 100 million metrics per second https://www.youtube.com/watch?v=xfed9_Q0_qU
Chapters
========
00:00 show intro
02:07 topic and guest intro
03:13 monitoring microservice system, app and communications
05:43 high churn rate for pod metrics
12:02 Kubernetes produces too many metrics by defaults, most of which are unused
17:06 recommended listing of metrics
21:50 removing unused metric labels to reduce cardinality
24:16 Prometheus native (exponential buckets) historgrams
26:49 Configuration complexity with multiple deployments
33:16 OpenTelemetry and OpenMetrics open specifications
36:11 collecting system metrics and application metrics uniformly
40:20 VictoriaMetrics essentials
48:46 VictoriaMetrics extensions beyond Prometheus
54:06 a full stack monitoring collection, analysis and alerting
56:09 how to join the VictoriaMetrics community
58:05 industry update: 2023 cloud native predictions post by CNCF CTO
59:16 outro
I discussed this topic with Aliaksandr Valialkin, CTO at VictoriaMetrics and creator of the open source project. We discussed the common problems, as well as directions and best practices to overcome some of these complexities as individuals and as a community. We also discussed VictoriaMetrics open source project and how it addresses some of these challenges.
Aliaksandr is a Golang engineer, who likes writing simple and performant code and creating easy-to-use programs. Sometimes these hard-to-match requirements work together, like in the VictoriaMetrics case.
The podcast episodes are available for listening on your favorite podcast app and on this YouTube channel.
We live-stream the episodes, and you’re welcome to join the stream here on YouTube Live or at https://www.twitch.tv/openobservability.
Follow us on Twitter @openobserv to get the live stream times and other updates, and to pitch in with your thoughts and comments.
Have you got an interesting topic you'd like to share in an episode? Reach out to us and submit your proposal at https://forms.gle/9LDkYCmegyS5D8Li7
Dotan Horovits
============
Twitter: https://twitter.com/horovits
LinkedIn: https://www.linkedin.com/in/horovits/
Aliaksandr Valialkin
===============
Twitter: https://twitter.com/valyala
LinkedIn: https://www.linkedin.com/in/valyala/
VictoriaMetrics: https://victoriametrics.com/
On GitHub: https://github.com/VictoriaMetrics/VictoriaMetrics
VictoriaMetrics community channels - https://docs.victoriametrics.com/#community-and-contributions
Resources
=========
Why Prometheus cannot query remote storage in an expected way via remote_read protocol - https://github.com/prometheus/prometheus/issues/4456
VictoriaMetrics: scaling to 100 million metrics per second https://www.youtube.com/watch?v=xfed9_Q0_qU
Chapters
========
00:00 show intro
02:07 topic and guest intro
03:13 monitoring microservice system, app and communications
05:43 high churn rate for pod metrics
12:02 Kubernetes produces too many metrics by defaults, most of which are unused
17:06 recommended listing of metrics
21:50 removing unused metric labels to reduce cardinality
24:16 Prometheus native (exponential buckets) historgrams
26:49 Configuration complexity with multiple deployments
33:16 OpenTelemetry and OpenMetrics open specifications
36:11 collecting system metrics and application metrics uniformly
40:20 VictoriaMetrics essentials
48:46 VictoriaMetrics extensions beyond Prometheus
54:06 a full stack monitoring collection, analysis and alerting
56:09 how to join the VictoriaMetrics community
58:05 industry update: 2023 cloud native predictions post by CNCF CTO
59:16 outro
- 2 participants
- 1:01 hours
19 Jan 2023
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 27 minutes
19 Jan 2023
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 19 minutes
18 Jan 2023
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 45 minutes
15 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 40 minutes
15 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 49 minutes
15 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 1:15 hours
15 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 26 minutes
13 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 59 minutes
13 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 35 minutes
8 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 3 participants
- 55 minutes
8 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 47 minutes
8 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 15 minutes
8 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 22 minutes
5 Dec 2022
Argo CD has become the defacto entry for engineering teams to deploy and manage their applications while Open Policy Agent has become one of the most reliable security policy enforcement engines. These two tools work perfectly together and yet there are very few articles and videos on the subject! In this talk, we look at the best strategies for getting these tools to work together to improve the software delivery supply chain. We’ll look at admission hooks, sync waves, and other ways to ensure your applications and clusters are always running in a secure and safe manner. Including example files and reference repos.
- 1 participant
- 40 minutes
2 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 58 minutes
1 Dec 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 31 minutes
17 Nov 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 1 participant
- 24 minutes
16 Nov 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 2 participants
- 56 minutes
15 Nov 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
- 4 participants
- 41 minutes
2 Nov 2022
In this webinar, Rubi Arbel, Scribe's CEO, talked with Tim Brown, CISO of SolarWinds, on his takeaways in the aftermath of the famous SolarWinds hack.
We'll hear what lessons can be learned for the rest of us and how did Tim and his team secure their pipelines to increase their resilience to software supply chain attacks.
Tim Brown's LinkedIn profile - https://www.linkedin.com/in/tim-brown-93639a1
Rubi Arbel's LinkedIn profile - https://www.linkedin.com/in/rubi-arbel-791631101/
Scribe Security's LinkedIn profile - https://www.linkedin.com/company/77925111
Scribe Security's website - https://scribesecurity.com/
We'll hear what lessons can be learned for the rest of us and how did Tim and his team secure their pipelines to increase their resilience to software supply chain attacks.
Tim Brown's LinkedIn profile - https://www.linkedin.com/in/tim-brown-93639a1
Rubi Arbel's LinkedIn profile - https://www.linkedin.com/in/rubi-arbel-791631101/
Scribe Security's LinkedIn profile - https://www.linkedin.com/company/77925111
Scribe Security's website - https://scribesecurity.com/
- 2 participants
- 41 minutes
28 Oct 2022
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe 2023 in Amsterdam, The Netherlands from April 17-21. Learn more at https://kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Keynote: Reality Check: Is it Time to Raise Your Metrics Game? - Martin Mao, Co-founder and CEO, Chronosphere & Yash Kumaraswamy, Senior Staff Engineer, Robinhood
How do you know when you have a world class metrics function? While we obsess about the metrics of our infrastructure and apps, how often do we take the time to inspect our own function? When was the last time you benchmarked your spend, people impact, and time it takes to remediate issues? This session will cover the KPIs you need to consider when benchmarking your own metrics function - and crucially, how to demonstrate the business value that you and your team provide to the business. Join both Martin Mao, Chronosphere co-founder and CEO and former observability engineering leader at Uber, and Yash Kumaraswamy, Senior Staff Engineer at Robinhood and observability tech lead to hear about their major takeaways from their past experience and lessons learned.
Keynote: Reality Check: Is it Time to Raise Your Metrics Game? - Martin Mao, Co-founder and CEO, Chronosphere & Yash Kumaraswamy, Senior Staff Engineer, Robinhood
How do you know when you have a world class metrics function? While we obsess about the metrics of our infrastructure and apps, how often do we take the time to inspect our own function? When was the last time you benchmarked your spend, people impact, and time it takes to remediate issues? This session will cover the KPIs you need to consider when benchmarking your own metrics function - and crucially, how to demonstrate the business value that you and your team provide to the business. Join both Martin Mao, Chronosphere co-founder and CEO and former observability engineering leader at Uber, and Yash Kumaraswamy, Senior Staff Engineer at Robinhood and observability tech lead to hear about their major takeaways from their past experience and lessons learned.
- 2 participants
- 7 minutes
21 Oct 2022
Ransomware is still on the rise and does not bypass DevOps ecosystems and SaaS services. Backup is the final line of defense against ransomware so it should be ransomware-proof itself. Watch the video and check on how to ensure the security and continuity of operations in your DevOps environments.
Join the discussion of Mackenzie Jackson, Developer Security Advocate at GitGuardian, and Greg Bak, Product Development Manager at GitProtect to learn more about:
- Ransomware's most alarming statistics
- Best security practices for compliance
- Ransomware-proof DevOps backup
- Disaster Recovery technologies and strategies
- A live demo of the GitProtect.io platform for GitHub, GitLab, Bitbucket, and Jira backups
More? Check out our website: https://gitprotect.io/
Start your free trial of GitProtect.io, and backup your DevOps stack:
https://gitprotect.io/sign-up.html
Join the discussion of Mackenzie Jackson, Developer Security Advocate at GitGuardian, and Greg Bak, Product Development Manager at GitProtect to learn more about:
- Ransomware's most alarming statistics
- Best security practices for compliance
- Ransomware-proof DevOps backup
- Disaster Recovery technologies and strategies
- A live demo of the GitProtect.io platform for GitHub, GitLab, Bitbucket, and Jira backups
More? Check out our website: https://gitprotect.io/
Start your free trial of GitProtect.io, and backup your DevOps stack:
https://gitprotect.io/sign-up.html
- 2 participants
- 1:18 hours
15 Sep 2022
- 1 participant
- 20 minutes
4 Aug 2022
What is PromQL? Essentially the Prometheus Query Language, PromQL helps you slice and dice chosen data among a variety of other superpowers. In this clip from our series, Observability for What's Next, our Technical Writer Chris Ward is joined by Co-Founder of Prometheus, Julius Volz, to discuss the in-and-outs of PromQL, and its relationship to Prometheus.
- 2 participants
- 8 minutes
1 Jun 2022
Don’t miss out! Join us at our upcoming hybrid event: KubeCon + CloudNativeCon North America 2022 from October 24-28 in Detroit (and online!). Learn more at https://kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Kubernetes Networking 101 - Randy Abernethy, RX-M LLC
Kubernetes Networking 101 will introduce attendees to the world of network communications in a hands on Cloud Native setting. This talk delivers a high level but completely practical end to end look at service communications within and without a Kubernetes cluster. Attendees will see how the many facets of Kubernetes networking come together to enable powerful communications solutions first hand. The tutorial begins with the simplest types of service communications, using Kubernetes services, DNS (CoreDNS) and CNI plugins (Cilium) to facilitate interprocess communications and load balancing. The tutorial builds additional scenarios on this base, including ingress (Emissary/Envoy), NodePort / HostPort features, load balancing (Metal-lb) and finally a short look at service mesh functionality (Linkerd). Upon completion of this tutorial, attendees will have a clear understanding of the Kubernetes communications possibilities and pointers to next steps in the learning journey.
Kubernetes Networking 101 - Randy Abernethy, RX-M LLC
Kubernetes Networking 101 will introduce attendees to the world of network communications in a hands on Cloud Native setting. This talk delivers a high level but completely practical end to end look at service communications within and without a Kubernetes cluster. Attendees will see how the many facets of Kubernetes networking come together to enable powerful communications solutions first hand. The tutorial begins with the simplest types of service communications, using Kubernetes services, DNS (CoreDNS) and CNI plugins (Cilium) to facilitate interprocess communications and load balancing. The tutorial builds additional scenarios on this base, including ingress (Emissary/Envoy), NodePort / HostPort features, load balancing (Metal-lb) and finally a short look at service mesh functionality (Linkerd). Upon completion of this tutorial, attendees will have a clear understanding of the Kubernetes communications possibilities and pointers to next steps in the learning journey.
- 1 participant
- 1:27 hours
26 May 2022
https://go.dok.community/slack
https://dok.community/
From the DoK Day EU 2022 (https://youtu.be/Xi-h4XNd5tE)
Multiple clusters exist in most Kubernetes environments today, and number of clusters will increase overtime. The reasons for having multiple Kubernetes clusters are many, for example, overcoming scale limits, reducing complexity, geo separation, redundancy and having separate production, staging, and development environments. Once you have multiple K8S clusters, it can be useful to have the ability to easily move or duplicate workloads across these different clusters. Kubernetes does not have a native method to allow migration or duplication of workloads across clusters.
Fortunately, there are tools that provide this functionality. In this presentation we will explore the different uses cases for cross cluster migration, and what is involved, and how these migration tools work. We'll cover some popular uses cases, such as, Disaster Recovery, Test/Dev, and performance testing. Migration could entail moving the entire cluster, or individual workloads. The components that need to be moved would include configuration and resources stored in etcd, and persistent data residing on PVCs. We'll cover the uses cases and challenges for migration, and run through an example of using one of these migration tools.
-----
https://dok.community/
From the DoK Day EU 2022 (https://youtu.be/Xi-h4XNd5tE)
Multiple clusters exist in most Kubernetes environments today, and number of clusters will increase overtime. The reasons for having multiple Kubernetes clusters are many, for example, overcoming scale limits, reducing complexity, geo separation, redundancy and having separate production, staging, and development environments. Once you have multiple K8S clusters, it can be useful to have the ability to easily move or duplicate workloads across these different clusters. Kubernetes does not have a native method to allow migration or duplication of workloads across clusters.
Fortunately, there are tools that provide this functionality. In this presentation we will explore the different uses cases for cross cluster migration, and what is involved, and how these migration tools work. We'll cover some popular uses cases, such as, Disaster Recovery, Test/Dev, and performance testing. Migration could entail moving the entire cluster, or individual workloads. The components that need to be moved would include configuration and resources stored in etcd, and persistent data residing on PVCs. We'll cover the uses cases and challenges for migration, and run through an example of using one of these migration tools.
-----
- 1 participant
- 8 minutes
25 May 2022
Comparing different minification techniques and their vulnerability assessments
- 2 participants
- 1:01 hours
13 May 2022
Learn from Liz Rice and Thomas Graf about the future of security observability with eBPF
0:00 Headlines
4:35 Open sourcing Tetragon
21:35 Tetragon CLI example
0:00 Headlines
4:35 Open sourcing Tetragon
21:35 Tetragon CLI example
- 2 participants
- 53 minutes
3 May 2022
Whether you are new to Kubernetes or have some experience under your belt, there are things you should simply never ever do in Kubernetes.
Kendall Miller, President of Fairwinds, was one of the first hires at Fairwinds and has spent the past 6 years making the dream of disrupting infrastructure a reality, while keeping his finger on the pulse of changing demands in the market and valuable partnership opportunities. He joins Stevie Caldwell, Senior Site Reliability at Fairwinds. Stevie supports a growing platform of micro services running on Kubernetes in AWS.
Kendall Miller, President of Fairwinds, was one of the first hires at Fairwinds and has spent the past 6 years making the dream of disrupting infrastructure a reality, while keeping his finger on the pulse of changing demands in the market and valuable partnership opportunities. He joins Stevie Caldwell, Senior Site Reliability at Fairwinds. Stevie supports a growing platform of micro services running on Kubernetes in AWS.
- 3 participants
- 52 minutes
29 Apr 2022
Get the latest on the sidecarless Cilium Service Mesh from Liz Rice and Thomas Graf
00:00 Introduction & headlines
07:53 What is Cilium Service Mesh?
11:52 Cilium Service Mesh moves service mesh into the operating system
15:27 Beta tester comments
18:44 Early performance data
26:52 Security and mutual authentication in Cilium Service Mesh
37:37 Performance improvements with Cilium for authenticated, encrypted traffic
43:43 Cilium Service Mesh roadmap
00:00 Introduction & headlines
07:53 What is Cilium Service Mesh?
11:52 Cilium Service Mesh moves service mesh into the operating system
15:27 Beta tester comments
18:44 Early performance data
26:52 Security and mutual authentication in Cilium Service Mesh
37:37 Performance improvements with Cilium for authenticated, encrypted traffic
43:43 Cilium Service Mesh roadmap
- 2 participants
- 1:00 hours
27 Apr 2022
Validate, verify, and transform a request using WASM using the Saaras EnRoute Kubernetes Ingress API Gateway.
- 2 participants
- 1:02 hours
1 Apr 2022
Monokle makes #Kubernetes manifests easy.
Core Features
⚡ Quickly get a high-level view of your manifests, their contained resources and relationships
🖊️ Easily edit resources without having to learn or look up yaml syntax
🔨 Refactor resources with maintained integrity of names and references
📷 Preview and debug resources generated with kustomize or helm
🤝 Diff resources against your cluster and apply changes immediately
📚 Create multi-step forms using Monokle's templating system to quickly generate manifests
Learn more about Monokle at http://monokle.io
Check it out on Github: https://github.com/kubeshop/monokle
Review the documentation: https://kubeshop.github.io/monokle/
Join our Discord: https://discord.gg/5B8tBjx5zv
Timestamps:
00:00 - What is Monokle?
01:01 - How does Monokle fit in with existing tooling?
02:00 - Monokle Demo
Core Features
⚡ Quickly get a high-level view of your manifests, their contained resources and relationships
🖊️ Easily edit resources without having to learn or look up yaml syntax
🔨 Refactor resources with maintained integrity of names and references
📷 Preview and debug resources generated with kustomize or helm
🤝 Diff resources against your cluster and apply changes immediately
📚 Create multi-step forms using Monokle's templating system to quickly generate manifests
Learn more about Monokle at http://monokle.io
Check it out on Github: https://github.com/kubeshop/monokle
Review the documentation: https://kubeshop.github.io/monokle/
Join our Discord: https://discord.gg/5B8tBjx5zv
Timestamps:
00:00 - What is Monokle?
01:01 - How does Monokle fit in with existing tooling?
02:00 - Monokle Demo
- 2 participants
- 18 minutes
1 Apr 2022
Liz shows how Cilium's Clustermesh feature makes it easy to run services backed by pods distributed across multiple Kubernetes clusters
0:00 Introduction
5:42 Clustermesh introduction
6:35 Clustermesh for high availability services
8:23 Two-cluster demo
11:22 How Clustermesh works
14:38 Clustermesh connect joins the clusters
17:05 Marking a service as a global service
24:58 Splitting stateful and stateless clusters
26:40 Demo: delete the pods backing a service
28:28 What happens if you scale the deployment?
34:41 Applying network policy across multiple clusters
41:30 A classic network policy error!
42:20 Allow DNS in the network policy
--
Whether you are just starting to learn about eBPF, you're looking for further material or you're a seasoned contributor to major eBPF projects, the eBPF & Cilium Community is here to support you. Join the community on Slack 24/7 for help with, and discussions about eBPF and Cilium: https://ebpf.io/slack.
—-
Cilium is an open source software for providing, securing and observing network connectivity between container workloads - cloud native, and fueled by the revolutionary Kernel technology eBPF.
Learn more on the website: https://cilium.io/
Follow us on Twitter: https://twitter.com/ciliumproject
Download and contribute on Github: https://github.com/cilium/cilium
—-
eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in an operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules.
Learn more on the website: https://ebpf.io/
#ebpf #cilium #cloudnative
0:00 Introduction
5:42 Clustermesh introduction
6:35 Clustermesh for high availability services
8:23 Two-cluster demo
11:22 How Clustermesh works
14:38 Clustermesh connect joins the clusters
17:05 Marking a service as a global service
24:58 Splitting stateful and stateless clusters
26:40 Demo: delete the pods backing a service
28:28 What happens if you scale the deployment?
34:41 Applying network policy across multiple clusters
41:30 A classic network policy error!
42:20 Allow DNS in the network policy
--
Whether you are just starting to learn about eBPF, you're looking for further material or you're a seasoned contributor to major eBPF projects, the eBPF & Cilium Community is here to support you. Join the community on Slack 24/7 for help with, and discussions about eBPF and Cilium: https://ebpf.io/slack.
—-
Cilium is an open source software for providing, securing and observing network connectivity between container workloads - cloud native, and fueled by the revolutionary Kernel technology eBPF.
Learn more on the website: https://cilium.io/
Follow us on Twitter: https://twitter.com/ciliumproject
Download and contribute on Github: https://github.com/cilium/cilium
—-
eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in an operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules.
Learn more on the website: https://ebpf.io/
#ebpf #cilium #cloudnative
- 1 participant
- 54 minutes
23 Mar 2022
Peter McCarron (Sr. Product Marketing Manager, Consul) and Rosemary Wang (Developer Advocate, HashiCorp) demonstrate how to use HashiCorp Consul, Vault, and Terraform to implement GitOps workflows on Kubernetes. By combining infrastructure as code, service mesh, gateways, secrets management, and GitOps, they show how to manage, secure, connect, and deploy applications to Kubernetes using Flux and managed services, including Terraform Cloud and HashiCorp Cloud Platform (HCP).
00:24 - Agenda
01:01 - Introductions
02:08 - Set up Kubernetes, Vault, Consul, and database on AWS with Terraform Cloud
05:25 - Introduction to GitOps
06:41 - Infrastructure and application architecture
08:52 - Workflows for the platform engineer & developer
29:48 - Conclusion
Platform Engineer Workflow
10:23 - Configure service mesh certificate to use Vault
15:33 - Configure Consul API Gateway for services that need ingress
17:03 - Configure Consul terminating gateway for external services
Developer Workflow
17:48 - Secure service-to-service communication with Consul intentions
19:54 - Deploy applications with Flux
20:47 - Connect database to service mesh with terminating gateway
21:16 - Add an HTTP route to API Gateway
22:46 - Inject database username and password to application
24:36 - Configure Consul service mesh in applications
25:53 - Deploy a new version of frontend application
28:20 - Revert commit and roll forward previous version of application
To learn more, check out...
Demo Code: https://github.com/joatmon08/gitops-hashicups
Sign up for HashiCorp Cloud Platform: https://portal.cloud.hashicorp.com/sign-up
Sign up for Terraform Cloud: https://app.terraform.io/signup/account
Consul API Gateway: https://learn.hashicorp.com/tutorials/consul/kubernetes-api-gateway?in=consul/kubernetes
Consul Service Mesh on Kubernetes: https://learn.hashicorp.com/collections/consul/kubernetes
Vault on Kubernetes: https://learn.hashicorp.com/collections/vault/kubernetes
Manage Kubernetes with Terraform: https://learn.hashicorp.com/collections/terraform/kubernetes
Vault as Certificate Manager on Kubernetes: https://learn.hashicorp.com/tutorials/vault/kubernetes-cert-manager
#Consul #HashiCorp #Vault #Terraform #GitOps #Kubernetes #Flux #ServiceMesh #SecretsManagement #Security #TLS #InfrastructureAsCode #CertificateManagement #APIGateway #NetworkPolicy #Envoy #AWS
-
If you liked this video and want to see more from HashiCorp, subscribe to our channel: https://www.youtube.com/c/HashiCorp?sub_confirmation=1
To learn more, visit our hands-on interactive lab environment, HashiCorp Learn: https://learn.hashicorp.com/
HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.
For more information, visit: www.hashicorp.com or follow us on social media:
Twitter: @hashicorp
LinkedIn: https://www.linkedin.com/company/hashicorp
Facebook: https://www.facebook.com/HashiCorp
00:24 - Agenda
01:01 - Introductions
02:08 - Set up Kubernetes, Vault, Consul, and database on AWS with Terraform Cloud
05:25 - Introduction to GitOps
06:41 - Infrastructure and application architecture
08:52 - Workflows for the platform engineer & developer
29:48 - Conclusion
Platform Engineer Workflow
10:23 - Configure service mesh certificate to use Vault
15:33 - Configure Consul API Gateway for services that need ingress
17:03 - Configure Consul terminating gateway for external services
Developer Workflow
17:48 - Secure service-to-service communication with Consul intentions
19:54 - Deploy applications with Flux
20:47 - Connect database to service mesh with terminating gateway
21:16 - Add an HTTP route to API Gateway
22:46 - Inject database username and password to application
24:36 - Configure Consul service mesh in applications
25:53 - Deploy a new version of frontend application
28:20 - Revert commit and roll forward previous version of application
To learn more, check out...
Demo Code: https://github.com/joatmon08/gitops-hashicups
Sign up for HashiCorp Cloud Platform: https://portal.cloud.hashicorp.com/sign-up
Sign up for Terraform Cloud: https://app.terraform.io/signup/account
Consul API Gateway: https://learn.hashicorp.com/tutorials/consul/kubernetes-api-gateway?in=consul/kubernetes
Consul Service Mesh on Kubernetes: https://learn.hashicorp.com/collections/consul/kubernetes
Vault on Kubernetes: https://learn.hashicorp.com/collections/vault/kubernetes
Manage Kubernetes with Terraform: https://learn.hashicorp.com/collections/terraform/kubernetes
Vault as Certificate Manager on Kubernetes: https://learn.hashicorp.com/tutorials/vault/kubernetes-cert-manager
#Consul #HashiCorp #Vault #Terraform #GitOps #Kubernetes #Flux #ServiceMesh #SecretsManagement #Security #TLS #InfrastructureAsCode #CertificateManagement #APIGateway #NetworkPolicy #Envoy #AWS
-
If you liked this video and want to see more from HashiCorp, subscribe to our channel: https://www.youtube.com/c/HashiCorp?sub_confirmation=1
To learn more, visit our hands-on interactive lab environment, HashiCorp Learn: https://learn.hashicorp.com/
HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.
For more information, visit: www.hashicorp.com or follow us on social media:
Twitter: @hashicorp
LinkedIn: https://www.linkedin.com/company/hashicorp
Facebook: https://www.facebook.com/HashiCorp
- 2 participants
- 31 minutes
21 Mar 2022
In this First Look webcast, SANS Analyst Matt Bromiley talks with Sandro Janita, Zero-Trust Solution Architect, about how Appaegis Isolation Access Cloud (IAC) can help security teams improve their security posture and reduce operational complexity.
Specifically, they discuss:
* Consolidating access to critical resources and infrastructures by securing access for general users, DevOps teams, and external consultants
Implementing zero trust and enforce least-privileged access to protect against data loss and lateral movement of malware and ransomware
* Utilizing browser isolation for agentless deployments to enable easy access to infrastructure, platforms, and applications
* Improving visibility for auditing and compliance with detailed activity logging and session recording
Specifically, they discuss:
* Consolidating access to critical resources and infrastructures by securing access for general users, DevOps teams, and external consultants
Implementing zero trust and enforce least-privileged access to protect against data loss and lateral movement of malware and ransomware
* Utilizing browser isolation for agentless deployments to enable easy access to infrastructure, platforms, and applications
* Improving visibility for auditing and compliance with detailed activity logging and session recording
- 3 participants
- 32 minutes
7 Mar 2022
Cristian Klein, Head Architect @ Elastisys, is doing a demo on how to integrate a CI/CD pipline with Elastisys Compliant Kubernetes.
This is a video clip from Elastisys Compliant Kubernetes office hour #7.
Read the open source documentation for Elastisys Compliant Kubernetes here: https://elastisys.io/compliantkubernetes/
This is a video clip from Elastisys Compliant Kubernetes office hour #7.
Read the open source documentation for Elastisys Compliant Kubernetes here: https://elastisys.io/compliantkubernetes/
- 2 participants
- 30 minutes
1 Mar 2022
In this workshop, Edidiong Asikpo (Developer Advocate for Ambassador Labs) shares an overview of Kubernetes through the lens of an application developer. Tune in to learn how to configure your local development environment for Kubernetes using Kind & Kubie, package code into containers and run them on a remote cluster, and improve the coding feedback loop with Telepresence.
Follow along with the demo with the following resources:
Ambassador Cloud account: http://a8r.io/workshop
Free demo cluster: https://www.getambassador.io/docs/telepresence/latest/quick-start/demo-node/
Docker Desktop: https://www.docker.com/products/docker-desktop
Follow along with the demo with the following resources:
Ambassador Cloud account: http://a8r.io/workshop
Free demo cluster: https://www.getambassador.io/docs/telepresence/latest/quick-start/demo-node/
Docker Desktop: https://www.docker.com/products/docker-desktop
- 5 participants
- 1:27 hours
24 Feb 2022
Thanks for another great OC3! Check out Constellation, the first confidential orchestration platform: https://www.edgeless.systems/products/constellation/
Welcome to OC3 on demand! The Open Confidential Computing Conference (OC3) is the online conference for all topics related to Confidential Computing.
In this video, Moritz Eckert from Edgeless Systems maps the design space for confidential Kubernetes and shows the latest corresponding developments from Edgeless Systems.
Subscribe for more interesting talks: https://www.youtube.com/channel/UCOOInN0sCv6icUesisYIDeA
Follow Edgeless Systems:
GitHub: https://github.com/edgelesssys
Website: https://www.edgeless.systems/
Twitter: https://twitter.com/edgelesssystems
LinkedIn: https://www.linkedin.com/company/edgeless-systems
Blog: https://medium.com/edgelesssystems
Welcome to OC3 on demand! The Open Confidential Computing Conference (OC3) is the online conference for all topics related to Confidential Computing.
In this video, Moritz Eckert from Edgeless Systems maps the design space for confidential Kubernetes and shows the latest corresponding developments from Edgeless Systems.
Subscribe for more interesting talks: https://www.youtube.com/channel/UCOOInN0sCv6icUesisYIDeA
Follow Edgeless Systems:
GitHub: https://github.com/edgelesssys
Website: https://www.edgeless.systems/
Twitter: https://twitter.com/edgelesssystems
LinkedIn: https://www.linkedin.com/company/edgeless-systems
Blog: https://medium.com/edgelesssystems
- 1 participant
- 13 minutes
3 Feb 2022
Kubestr can assist here in three ways:
· Identify the various storage options present in a cluster.
· Validate if the storage options are configured correctly.
· Evaluate the storage using common benchmarking tools like FIO.
About the Guest
🎓 Michael Cade | Community Technologist KastenHQ Veeam 🎓
🐦: https://twitter.com/MichaelCade1
⚒️ About the Kasten by Veeam
Kubernetes-native Backup, Disaster Recovery, and Application Mobility for all your cloud-native applications.
🌍 : https://www.kasten.io/
🌟 : https://github.com/kastenhq/kubestr
⚒️ About the Veeam Software
Veeam is the global leader in Backup that delivers Modern DataProtection.
🐦: https://twitter.com/Veeam
🌍 : https://www.veeam.com/
👨🎓 About the Host 👨🎓
🐦: https://twitter.com/cloudnativeboy
🤝: https://www.linkedin.com/in/saim-safder/
Join Cloud Native Islamabad community.
🙌 : https://discord.gg/yypcwN6
🧑🤝🧑 About the Community 🧑🤝🧑
🐦: https://twitter.com/CloudIslamabad
🤝: https://www.linkedin.com/company/cloud-native-islamabad/
Here's we host our Cloud Native Webinar's Thanks to CNCF:
📺: https://community.cncf.io/islamabad/
🔔: https://www.youtube.com/channel/UCzeq-M5SLkFyXe71TYUkgjg
😎: https://www.instagram.com/cloudnativeislamabad/
#CloudNativeIslamabad #Kasten #Kubestr
· Identify the various storage options present in a cluster.
· Validate if the storage options are configured correctly.
· Evaluate the storage using common benchmarking tools like FIO.
About the Guest
🎓 Michael Cade | Community Technologist KastenHQ Veeam 🎓
🐦: https://twitter.com/MichaelCade1
⚒️ About the Kasten by Veeam
Kubernetes-native Backup, Disaster Recovery, and Application Mobility for all your cloud-native applications.
🌍 : https://www.kasten.io/
🌟 : https://github.com/kastenhq/kubestr
⚒️ About the Veeam Software
Veeam is the global leader in Backup that delivers Modern DataProtection.
🐦: https://twitter.com/Veeam
🌍 : https://www.veeam.com/
👨🎓 About the Host 👨🎓
🐦: https://twitter.com/cloudnativeboy
🤝: https://www.linkedin.com/in/saim-safder/
Join Cloud Native Islamabad community.
🙌 : https://discord.gg/yypcwN6
🧑🤝🧑 About the Community 🧑🤝🧑
🐦: https://twitter.com/CloudIslamabad
🤝: https://www.linkedin.com/company/cloud-native-islamabad/
Here's we host our Cloud Native Webinar's Thanks to CNCF:
📺: https://community.cncf.io/islamabad/
🔔: https://www.youtube.com/channel/UCzeq-M5SLkFyXe71TYUkgjg
😎: https://www.instagram.com/cloudnativeislamabad/
#CloudNativeIslamabad #Kasten #Kubestr
- 2 participants
- 1:01 hours
18 Jan 2022
During this Webinar, Tracy and Viktor cover GitOps best practices for uniformly dealing with infrastructure and applications.
If you have been following the Codefresh blog for a while, you might have noticed a common pattern in all the articles that talk about Kubernetes deployments. Almost all of them start with a Kubernetes cluster that is already there, and then the article explains how to deploy an application on top.
The reason for this simplification comes mainly from brevity and simplicity. We want to focus on the deployment part of the application and not its infrastructure just to make the article easier to follow. This is the obvious reason.
The hidden reason is that until recently infrastructure deployments were handled in a different manner than applications deployments. Especially in large enterprise companies, the skillset of people that deal with infrastructure and application can vary a lot as the tools of the trade are completely different.
We hope you enjoy!
If you have been following the Codefresh blog for a while, you might have noticed a common pattern in all the articles that talk about Kubernetes deployments. Almost all of them start with a Kubernetes cluster that is already there, and then the article explains how to deploy an application on top.
The reason for this simplification comes mainly from brevity and simplicity. We want to focus on the deployment part of the application and not its infrastructure just to make the article easier to follow. This is the obvious reason.
The hidden reason is that until recently infrastructure deployments were handled in a different manner than applications deployments. Especially in large enterprise companies, the skillset of people that deal with infrastructure and application can vary a lot as the tools of the trade are completely different.
We hope you enjoy!
- 4 participants
- 56 minutes
3 Dec 2021
Observability has typically been used in the context of performance-related tracing and troubleshooting. Using observability for security and compliance, however, is a much more powerful, comprehensive, and modern way to think about your DevSecOps pipeline. This is done by observing the millions of events in every thread of every process of every container of an application and detecting security & compliance risks by identifying needles in this haystack. Observability and OWASP ZAP, by themselves, are highly valuable. However, together, 1 plus 1 is greater than 2.
- 1 participant
- 39 minutes
1 Dec 2021
The dynamic, distributed nature of today’s cloud computing and microservices environments presents a new set of observability challenges that can be best addressed by an open source, community-driven approach. Sign up for free → https://trynewrelic.com/datanerddays
Gartner predicts that by 2025, 70% of new cloud-native application monitoring will use open source instrumentation rather than vendor-specific agents for improved interoperability. Also the Cloud Native Computing Foundation (CNCF), End User Technology Radar shows that the most commonly adopted observability tools are all open source.
Join our panel of open source experts to learn about the current role and importance of open source in observability and how projects like OpenTelemetry and Pixie are shaping the future of open source observability.
Check out the rest of the Data Nerd Days 2.0 playlist → https://www.youtube.com/playlist?list=PLmhYj7Jl81JHVUZvGmDthWZ0AqqkMsP_p
Subscribe to our YouTube Channel → https://www.youtube.com/c/NewRelicInc?sub_confirmation=1
Session Track: Lunch Panel; Topic: Open Source; Presenters:
Priyanka Sharma, CNCF
Bartlomiej Plotka, RedHat
Zain Asgar, Pixie & New Relic
Michelle Nguyen, Pixie
Melissa Klein, New Relic
Jack Berg, New Relic;
#DataNerdDays #Panel #OpenSource
Gartner predicts that by 2025, 70% of new cloud-native application monitoring will use open source instrumentation rather than vendor-specific agents for improved interoperability. Also the Cloud Native Computing Foundation (CNCF), End User Technology Radar shows that the most commonly adopted observability tools are all open source.
Join our panel of open source experts to learn about the current role and importance of open source in observability and how projects like OpenTelemetry and Pixie are shaping the future of open source observability.
Check out the rest of the Data Nerd Days 2.0 playlist → https://www.youtube.com/playlist?list=PLmhYj7Jl81JHVUZvGmDthWZ0AqqkMsP_p
Subscribe to our YouTube Channel → https://www.youtube.com/c/NewRelicInc?sub_confirmation=1
Session Track: Lunch Panel; Topic: Open Source; Presenters:
Priyanka Sharma, CNCF
Bartlomiej Plotka, RedHat
Zain Asgar, Pixie & New Relic
Michelle Nguyen, Pixie
Melissa Klein, New Relic
Jack Berg, New Relic;
#DataNerdDays #Panel #OpenSource
- 6 participants
- 1:02 hours
1 Nov 2021
This is a video clip from Elastisys Compliant Kubernetes office hour #1, November 23, 2021.
Cristian Klein, Architect of Elastisys Compliant Kubernetes, explains why it is so important to make sure that your application does not run as root, and what you should do in the cases where an exception is needed.
Cristian Klein, Architect of Elastisys Compliant Kubernetes, explains why it is so important to make sure that your application does not run as root, and what you should do in the cases where an exception is needed.
- 2 participants
- 5 minutes
6 Oct 2021
The ability to deploy code and version code has been a de facto requirement and a reason we have CI/CD pipelines for our application development, but with Kubernetes in particular we are seeing a closer tie between code and data. In particular, code being deployed can affect and change your data, for that reason, we need to consider protecting that data as part of our Continous Development pipelines, In this session, we will focus on how we can incorporate backup actions into your pipeline to ensure that any code changes will start by creating a restore point be it a snapshot or an export to another external repository. We will then as part of a demo incorporate a failure scenario into the environment pipeline to simulate how a configmap can manipulate data to cause data loss. Then we need a way to bring the data back!
- 1 participant
- 29 minutes
5 Oct 2021
Using the Kubernetes Security Guidance best practices published by NSA and CISA in August of 2021, Lars guides us through the field of Kubernetes and security. The whole range of security tools at our disposal is covered, and we will learn how to secure the Kubernetes control plane, ensure that containers and Pods are deployed in a security-minded way, and what to do to prevent attacks. Is it sufficient to just run Kubescape, to follow the guidelines, or what else do we need to do to get a secure Kubernetes-based container platform in 2021?
Lars has worked with cloud technology since 2008, both within industry and academia. He holds a PhD in computer science and is a senior cloud architect at Elastisys. He is one of the architects of Compliant Kubernetes, a CNCF certified Kubernetes distribution, designed and developed especially to meet the high security demands of regulated industries.
The blog posts with additional information are here:
https://elastisys.com/nsa-and-cisa-kubernetes-security-guidance-summarized-and-explained/
https://containerjournal.com/features/hardening-kubernetes-beyond-nsa-cisa-guidance/
Check out Compliant Kubernetes, the Kubernetes distribution for regulated industries that Lars talked about, at https://compliantkubernetes.io/
Connect with Lars on LinkedIn at: https://www.linkedin.com/in/llarsson/
Follow Elastisys on LinkedIn at: https://www.linkedin.com/company/elastisys
Connect/follow me:
https://www.linkedin.com/in/joebignell/
Lars has worked with cloud technology since 2008, both within industry and academia. He holds a PhD in computer science and is a senior cloud architect at Elastisys. He is one of the architects of Compliant Kubernetes, a CNCF certified Kubernetes distribution, designed and developed especially to meet the high security demands of regulated industries.
The blog posts with additional information are here:
https://elastisys.com/nsa-and-cisa-kubernetes-security-guidance-summarized-and-explained/
https://containerjournal.com/features/hardening-kubernetes-beyond-nsa-cisa-guidance/
Check out Compliant Kubernetes, the Kubernetes distribution for regulated industries that Lars talked about, at https://compliantkubernetes.io/
Connect with Lars on LinkedIn at: https://www.linkedin.com/in/llarsson/
Follow Elastisys on LinkedIn at: https://www.linkedin.com/company/elastisys
Connect/follow me:
https://www.linkedin.com/in/joebignell/
- 4 participants
- 55 minutes
28 Sep 2021
A short overview to show you how simple it is to create an application-level backup to AWS S3, in this video we will show you how simple it is to deploy Kanister as an open-source way to protect your application data and also restore the data if there was a failure scenario.
You can find the readme I followed along with here - https://github.com/MichaelCade/demos/blob/main/kanister/readme.md
more information can be found at https://kanister.io/
docs - https://docs.kanister.io/overview.html
GitHub - https://github.com/kanisterio/kanister
Extending Kasten K10 with Kanister - https://docs.kasten.io/latest/kanister/kanister.html
You can find the readme I followed along with here - https://github.com/MichaelCade/demos/blob/main/kanister/readme.md
more information can be found at https://kanister.io/
docs - https://docs.kanister.io/overview.html
GitHub - https://github.com/kanisterio/kanister
Extending Kasten K10 with Kanister - https://docs.kasten.io/latest/kanister/kanister.html
- 1 participant
- 18 minutes
30 Jul 2021
In this video, @ViktorGamov, a principal developer advocate with Kong, explains how to deploy and configure a gRPC service in Kubernetes and how to configure external access to this service using Kong Ingress Controller. Try Kong Ingress Controller: https://bit.ly/3guN9D6
Follow along in the blog post: https://bit.ly/3lc36SD
▬▬▬▬▬▬ TIMECODES ▬▬▬▬▬▬
0:00 - Cold Opening
0:40 - Intro
01:11 - gRPC Powered Quote Service
01:30 - Protobuf Definition of Service
03:22 - Enable gRPC Protocol in Kubernetes Service and Ingress
04:15 - Quick Note on cert-manager and Enabling TLS in Kubernetes Ingress
05:42 - Quick Note in DNS
07:15 - Call gRPC Service Using Insomnia
08:35 - It's a Wrap!
▬▬▬▬▬▬ LINKS ▬▬▬▬▬▬
❏ https://github.com/gAmUssA/quotes-service
❏ https://grpc.io
❏ https://support.insomnia.rest/article/188-grpc
❏ https://docs.konghq.com/kubernetes-ingress-controller/1.3.x/guides/cert-manager/
❏ https://docs.konghq.com/kubernetes-ingress-controller/1.3.x/references/annotations/
❏ https://cert-manager.io/docs/installation/kubernetes/
❏ https://docs.konghq.com/kubernetes-ingress-controller/
❏ https://kubernetes.io/docs/concepts/services-networking/ingress/
❏ https://insomnia.rest
❏ https://bit.ly/k4k8s
▬▬▬▬▬▬ CONTACTS ▬▬▬▬▬▬
❏ 🐦 https://gamov.dev/twitter
❏ 📧 https://gamov.dev/telegram
❏ 🔴 https://gamov.dev/youtube
▬▬▬▬▬▬ RELATED BLOG POSTS ▬▬▬▬▬▬
❏ Using Kong Kubernetes Ingress Controller as an API Gateway: https://bit.ly/3um2JGa
❏ Configuring a Kubernetes Application on Kong Konnect: https://bit.ly/3yiVxx2
❏ Implementing Traffic Policies in Kubernetes: https://bit.ly/3dBwJIL
❏ Moving an Application from VM to Kubernetes: https://bit.ly/3cJhNYD
#gRPC #Kubernetes #K8s #gRPCS #KubernetesIngress #KongGateway #OSS #OpenSource #API #APIgateway
Follow along in the blog post: https://bit.ly/3lc36SD
▬▬▬▬▬▬ TIMECODES ▬▬▬▬▬▬
0:00 - Cold Opening
0:40 - Intro
01:11 - gRPC Powered Quote Service
01:30 - Protobuf Definition of Service
03:22 - Enable gRPC Protocol in Kubernetes Service and Ingress
04:15 - Quick Note on cert-manager and Enabling TLS in Kubernetes Ingress
05:42 - Quick Note in DNS
07:15 - Call gRPC Service Using Insomnia
08:35 - It's a Wrap!
▬▬▬▬▬▬ LINKS ▬▬▬▬▬▬
❏ https://github.com/gAmUssA/quotes-service
❏ https://grpc.io
❏ https://support.insomnia.rest/article/188-grpc
❏ https://docs.konghq.com/kubernetes-ingress-controller/1.3.x/guides/cert-manager/
❏ https://docs.konghq.com/kubernetes-ingress-controller/1.3.x/references/annotations/
❏ https://cert-manager.io/docs/installation/kubernetes/
❏ https://docs.konghq.com/kubernetes-ingress-controller/
❏ https://kubernetes.io/docs/concepts/services-networking/ingress/
❏ https://insomnia.rest
❏ https://bit.ly/k4k8s
▬▬▬▬▬▬ CONTACTS ▬▬▬▬▬▬
❏ 🐦 https://gamov.dev/twitter
❏ 📧 https://gamov.dev/telegram
❏ 🔴 https://gamov.dev/youtube
▬▬▬▬▬▬ RELATED BLOG POSTS ▬▬▬▬▬▬
❏ Using Kong Kubernetes Ingress Controller as an API Gateway: https://bit.ly/3um2JGa
❏ Configuring a Kubernetes Application on Kong Konnect: https://bit.ly/3yiVxx2
❏ Implementing Traffic Policies in Kubernetes: https://bit.ly/3dBwJIL
❏ Moving an Application from VM to Kubernetes: https://bit.ly/3cJhNYD
#gRPC #Kubernetes #K8s #gRPCS #KubernetesIngress #KongGateway #OSS #OpenSource #API #APIgateway
- 1 participant
- 9 minutes
16 Jul 2021
DevDays Europe
Onsite and online on 26-28 April in 2022
Learn more about the conference: https://bit.ly/2ZmHx96
Join our next DevDays Europe conference on 26-28 April in 2022 where you will learn about the latest tech advances from international experts flown in specifically for the event and about recent changes in your local development community from the peers. This time, the conference will be held in a hybrid setting allowing you to attend workshops and listen to expert talks on-site or online.
Onsite and online on 26-28 April in 2022
Learn more about the conference: https://bit.ly/2ZmHx96
Join our next DevDays Europe conference on 26-28 April in 2022 where you will learn about the latest tech advances from international experts flown in specifically for the event and about recent changes in your local development community from the peers. This time, the conference will be held in a hybrid setting allowing you to attend workshops and listen to expert talks on-site or online.
- 1 participant
- 45 minutes
8 Jul 2021
Setting up a Kubernetes service has become relatively easy, whether on-premise or in public cloud services. However, giving secure access to developers can be a painful process involving cluster certificates, access management systems, complex identity management, networking setup, and firewalls.
Cluster admins want a much simpler, more automated solution that makes it easy to provide cluster access while continuing to leverage their existing RBAC to developers and their teams -- quickly, consistently, automatically, and securely, for multiple clusters, running behind different identity provider platforms and network setups.
Join us to learn how you can easily share Kubernetes clusters securely through Lens, the world’s most popular Kubernetes IDE. Lens, an open source free technology, works with any CNCF certified k8s distro. Lens empowers developers and operators to easily monitor real-time events, debug and deploy applications within their Kubernetes clusters effortlessly.
IIn this demo-focused Webinar, Team Lens will showcase how to share a Kubernetes cluster securely through Lens Spaces - a cloud-based enhancement brought to Lens.
In this demo rich webinar, we will discuss how to:
- Securely share a Kubernetes cluster via Lens Spaces
- Access Cloud Native resource through your Catalog
- Build workflows via the Hotbar
Cluster admins want a much simpler, more automated solution that makes it easy to provide cluster access while continuing to leverage their existing RBAC to developers and their teams -- quickly, consistently, automatically, and securely, for multiple clusters, running behind different identity provider platforms and network setups.
Join us to learn how you can easily share Kubernetes clusters securely through Lens, the world’s most popular Kubernetes IDE. Lens, an open source free technology, works with any CNCF certified k8s distro. Lens empowers developers and operators to easily monitor real-time events, debug and deploy applications within their Kubernetes clusters effortlessly.
IIn this demo-focused Webinar, Team Lens will showcase how to share a Kubernetes cluster securely through Lens Spaces - a cloud-based enhancement brought to Lens.
In this demo rich webinar, we will discuss how to:
- Securely share a Kubernetes cluster via Lens Spaces
- Access Cloud Native resource through your Catalog
- Build workflows via the Hotbar
- 1 participant
- 23 minutes
1 Jul 2021
Watch the GitLab 14 Community Meetup and the community's favorite features...summarized in 5 minutes.
Learn more here: https://about.gitlab.com/gitlab-14/
Longer version: https://www.youtube.com/watch?v=mSspEk8efHE
Learn more here: https://about.gitlab.com/gitlab-14/
Longer version: https://www.youtube.com/watch?v=mSspEk8efHE
- 5 participants
- 5 minutes
16 Jun 2021
Viktor Gamov, a principal developer advocate at Kong, explains how to quickly enable external access to your applications that run in Kubernetes using the Kong Ingress Controller. Install Kong Ingress Controller: https://bit.ly/3guN9D6
▬▬▬▬▬▬ TIMECODES ▬▬▬▬▬▬
0:00 - Cold Open
0:36 - Introducing Problem: Provide External Access to Microservices
1:26 - Kubernetes Manifests: Deployment and Service
2:32 - Deploy to Kubernetes
6:01 - Get External IP of Kubernetes cluster
6:23 - Test Service Connectivity Using Insomnia
▬▬▬▬▬▬ LINKS ▬▬▬▬▬▬
❏ Kubernetes Documentation: https://kubernetes.io/docs/concepts/services-networking/ingress/
❏ Kong Documentation: https://docs.konghq.com/kubernetes-ingress-controller/
❏ GitHub Quotes Service: https://github.com/gAmUssA/quotes-service
❏ Insomnia: https://insomnia.rest
❏ Image Source Code: https://bit.ly/k4k8s
❏ Using Kong Kubernetes Ingress Controller as an API Gateway: https://bit.ly/3um2JGa
▬▬▬▬▬▬ CONTACT VIKTOR ▬▬▬▬▬▬
🐦 https://gamov.dev/twitter
📧 https://gamov.dev/telegram
🔴 https://gamov.dev/youtube
▬▬▬▬▬▬ ADDITIONAL RESOURCES ▬▬▬▬▬▬
• Moving an Application from VM to Kubernetes: https://bit.ly/3cJhNYD
• Creating Your First Custom Lua Plugin for Kong Gateway: https://bit.ly/3d298Rs
• Getting Started With Kuma Service Mesh: https://bit.ly/3sLAn7R
#Kubernetes #K8s #KongGateway #GetInsomnia #OSS #OpenSource #APIgateway #APITesting
▬▬▬▬▬▬ TIMECODES ▬▬▬▬▬▬
0:00 - Cold Open
0:36 - Introducing Problem: Provide External Access to Microservices
1:26 - Kubernetes Manifests: Deployment and Service
2:32 - Deploy to Kubernetes
6:01 - Get External IP of Kubernetes cluster
6:23 - Test Service Connectivity Using Insomnia
▬▬▬▬▬▬ LINKS ▬▬▬▬▬▬
❏ Kubernetes Documentation: https://kubernetes.io/docs/concepts/services-networking/ingress/
❏ Kong Documentation: https://docs.konghq.com/kubernetes-ingress-controller/
❏ GitHub Quotes Service: https://github.com/gAmUssA/quotes-service
❏ Insomnia: https://insomnia.rest
❏ Image Source Code: https://bit.ly/k4k8s
❏ Using Kong Kubernetes Ingress Controller as an API Gateway: https://bit.ly/3um2JGa
▬▬▬▬▬▬ CONTACT VIKTOR ▬▬▬▬▬▬
🐦 https://gamov.dev/twitter
📧 https://gamov.dev/telegram
🔴 https://gamov.dev/youtube
▬▬▬▬▬▬ ADDITIONAL RESOURCES ▬▬▬▬▬▬
• Moving an Application from VM to Kubernetes: https://bit.ly/3cJhNYD
• Creating Your First Custom Lua Plugin for Kong Gateway: https://bit.ly/3d298Rs
• Getting Started With Kuma Service Mesh: https://bit.ly/3sLAn7R
#Kubernetes #K8s #KongGateway #GetInsomnia #OSS #OpenSource #APIgateway #APITesting
- 1 participant
- 8 minutes
14 May 2021
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon North America 2021 in Los Angeles, CA from October 12-15. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
Sponsored Session: Securing S3 Backups Against Ransomware - Tom Manville & Michael Cade, Kasten by Veeam
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
When backing up cloud-native data, there is no better place than object storage. From databases to data protection applications, the cloud-native landscape is littered with projects that backup data to object storage. With all this mission-critical data being stored in object storage it’s no wonder that it’s become a high-value target for cyber criminals. This, in combination with the rising popularity of cryptocurrency, means that ransomware protection is now a requirement for IT departments of any size.
The S3 protocol has become the de-facto standard API for interacting with Object Storage. It is implemented by nearly all object storage providers and consumed by modern cloud native applications. Thankfully it provides all the primitives needed to develop a robust strategy to protect against ransomware attacks.
In this session, we’ll walk through how backups saved in an S3-compatible can be made ransomware resistant. We’ll show which APIs are used and how to configure the buckets. If you’re considering backing up data in object storage and your data is too valuable to lose, then this talk is for you!
Sponsored Session: Securing S3 Backups Against Ransomware - Tom Manville & Michael Cade, Kasten by Veeam
Sharing of Personal Information with Sponsors In order to facilitate networking and business relationships at the event, you may choose to visit a third partyʼs virtual booth or to access sponsored content. You are never required to visit third party booths or to access sponsored content. When visiting a booth (e.g. by clicking on a third partyʼs logo in the Solutions Showcase or exhibitor directory, and any actions within the booth thereafter including viewing resources), when accessing sponsored sessions in the Sponsor Theater, or by participating in sponsored activities, the third party will receive some of your registration data. This data includes your first name, last name, title, company, address, email, standard demographics questions (i.e. job function, industry), and details about the sponsored content or resources you interacted with. If you choose to interact with a virtual booth or access sponsored content, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.
When backing up cloud-native data, there is no better place than object storage. From databases to data protection applications, the cloud-native landscape is littered with projects that backup data to object storage. With all this mission-critical data being stored in object storage it’s no wonder that it’s become a high-value target for cyber criminals. This, in combination with the rising popularity of cryptocurrency, means that ransomware protection is now a requirement for IT departments of any size.
The S3 protocol has become the de-facto standard API for interacting with Object Storage. It is implemented by nearly all object storage providers and consumed by modern cloud native applications. Thankfully it provides all the primitives needed to develop a robust strategy to protect against ransomware attacks.
In this session, we’ll walk through how backups saved in an S3-compatible can be made ransomware resistant. We’ll show which APIs are used and how to configure the buckets. If you’re considering backing up data in object storage and your data is too valuable to lose, then this talk is for you!
- 2 participants
- 18 minutes
28 Apr 2021
With Flux v1 in maintenance mode The Flux Community is keen to ensure you're ready for the transition to Flux v2. Get ahead of the game and migrate to Flux 2 today! In this session, Leigh Capili, DX Engineer at Weaveworks, will live-demo the Flux guide on how to Migrate from Flux v1, including bootstrapping a cluster with Flux 1 and how to move it over to Flux v2.
Resources:
Flux v2 Documentation: https://toolkit.fluxcd.io/
Flux v2 Guide Migrate from Flux v1: https://toolkit.fluxcd.io/guides/flux-v1-migration/
Flux v2 roadmap: https://toolkit.fluxcd.io/roadmap/
Note to our Flux community that Flux v2 is in development and Flux v1 is in maintenance mode. These talks and upcoming guides will give you the most up-to-date info and steps to migrate once we reach feature parity and start the migration process. We are dedicated to the smoothest experience possible for our Flux community, so please join us if you'd like early access and to give us feedback for the migration process.
We are really excited by the improvements and want to take this opportunity to show you what Flux 2 is all about, walk you through the guides and get your feedback!
Speaker: Leigh Capili, Weaveworks, Kubernetes Contributor and Developer Experience Engineer
Leigh is a Kubernetes Contributor and Developer Experience Engineer at Weaveworks. He authored kubeadm's etcd mTLS implementation and is currently working on cluster-addons and multi-tenancy in Flux. He also maintains ignite, a docker-like experience for using Firecracker MicroVM’s. Leigh really likes helping people.
Resources:
Flux v2 Documentation: https://toolkit.fluxcd.io/
Flux v2 Guide Migrate from Flux v1: https://toolkit.fluxcd.io/guides/flux-v1-migration/
Flux v2 roadmap: https://toolkit.fluxcd.io/roadmap/
Note to our Flux community that Flux v2 is in development and Flux v1 is in maintenance mode. These talks and upcoming guides will give you the most up-to-date info and steps to migrate once we reach feature parity and start the migration process. We are dedicated to the smoothest experience possible for our Flux community, so please join us if you'd like early access and to give us feedback for the migration process.
We are really excited by the improvements and want to take this opportunity to show you what Flux 2 is all about, walk you through the guides and get your feedback!
Speaker: Leigh Capili, Weaveworks, Kubernetes Contributor and Developer Experience Engineer
Leigh is a Kubernetes Contributor and Developer Experience Engineer at Weaveworks. He authored kubeadm's etcd mTLS implementation and is currently working on cluster-addons and multi-tenancy in Flux. He also maintains ignite, a docker-like experience for using Firecracker MicroVM’s. Leigh really likes helping people.
- 2 participants
- 1:04 hours
23 Apr 2021
Our regular livestream covering all things related to eBPF and Cilium, and the first in our US-friendly timeslot. This week Glib Smaga will be joining Liz Rice to give us an intro to Hubble.
Show notes: Show notes: https://github.com/isovalent/eCHO/tree/main/episodes/002
Find more info at https://github.com/isovalent/eCHO
Show notes: Show notes: https://github.com/isovalent/eCHO/tree/main/episodes/002
Find more info at https://github.com/isovalent/eCHO
- 2 participants
- 52 minutes
16 Apr 2021
A new regular livestream covering all things related to eBPF and Cilium. For this first episode our main topic is an introduction to Cilium, presented by Isovalent's Thomas Graf & Liz Rice.
0:23 Welcome
6:45 What is Cilium
12:48 Installing Cilium with the Cilium CLI
20:00 Cilium network connectivity test
23:47 Installing Hubble with the Cilium CLI
Show notes: https://github.com/isovalent/eCHO/tree/main/episodes/001
Find more info at https://github.com/isovalent/eCHO
0:23 Welcome
6:45 What is Cilium
12:48 Installing Cilium with the Cilium CLI
20:00 Cilium network connectivity test
23:47 Installing Hubble with the Cilium CLI
Show notes: https://github.com/isovalent/eCHO/tree/main/episodes/001
Find more info at https://github.com/isovalent/eCHO
- 2 participants
- 39 minutes
31 Mar 2021
Join us for Making History: The Womxn of Replicated. To commemorate Women’s History Month, we invite you to join us in celebrating the amazing women and non-binary people at Replicated in this live panel discussion. Our guests will discuss what brought them into the tech industry, what challenges they faced, and what common threads they share. Join us in this celebratory event!
- 7 participants
- 50 minutes
5 Mar 2021
What is cloud native security? What are the biggest security headaches when moving from legacy stacks to cloud native? Secure by default VS productive by default? Watch Anders Eknert and Steve Giguere answer questions about all things Cloud Native Security and share some of the worst security breaches they have experienced.
This session is a recording of the Cloud Native Northern Sweden meetup that took place on March 3. Moderator: Cristian Klein, Senior Cloud Architect at Elastisys.
This session is a recording of the Cloud Native Northern Sweden meetup that took place on March 3. Moderator: Cristian Klein, Senior Cloud Architect at Elastisys.
- 3 participants
- 44 minutes
3 Mar 2021
Kuma is an open source service mesh built on top of Envoy that supports every environment, including Kubernetes and virtual machines. In this Kuma service mesh tutorial, Marco Palladino shows how easy it is to get started. This overview includes:
• Installation (0:17)
• Review status in the GUI (2:27)
• Deployment options (2:42)
• Setting up data plane proxies (4:27)
• Connecting an application (5:29)
• Enabling zero-trust security (8:25)
• Editing traffic permissions (10:54)
• Enabling observability with Prometheus and Grafana (11:56)
• Setting up traffic metrics (13:35)
• Including other development teams (16:49)
View the full tutorial on Kong's blog: https://bit.ly/3sLAn7R
• Installation (0:17)
• Review status in the GUI (2:27)
• Deployment options (2:42)
• Setting up data plane proxies (4:27)
• Connecting an application (5:29)
• Enabling zero-trust security (8:25)
• Editing traffic permissions (10:54)
• Enabling observability with Prometheus and Grafana (11:56)
• Setting up traffic metrics (13:35)
• Including other development teams (16:49)
View the full tutorial on Kong's blog: https://bit.ly/3sLAn7R
- 1 participant
- 19 minutes
3 Mar 2021
Implementing Network Policy is a critical part of building a secure Kubernetes-based platform, but the learning curve from very basic examples to more complex real-world policies is steep. Not only can it be painful to get the YAML syntax and formatting just right, but there are many subtleties in the behavior of the network policy specification (e.g. default allow/deny, namespacing, wildcarding, rules combination, etc.). Even an experienced Kubernetes YAML-wrangler can still easily tie their brain in knots working through an advanced network policy use case. In this livestream, Thomas Graf will go over everything from the basics of Kubernetes Network Policy to more advanced concepts. He will walk us step by step from setting up simple policies to tackling trickier questions such as spotting and avoiding conflicting rules, looking at common mistakes, and examining some advanced real world policy examples similar to those implemented by major Kubernetes users.
- 2 participants
- 59 minutes
24 Feb 2021
The latest release of Fluent Bit brings some incredible performance updates, and long awaited features such as multi-workers / new crypto libraries / GeoIP and more. Additionally, we'll talk through some of Fluent Bit's SQL stream processing features that give users an easy way to route, filter, and transform data as needed.
- 2 participants
- 55 minutes
19 Feb 2021
We take a deep dive into the challenge of how serverless computing can be easily used for a broad range of scenarios, like high-performance computing, Monte Carlo simulations, Big Data pre-processing and molecular biology. We’ll focus on the user experience how to connect existing code and frameworks to serverless without the painful process of starting from scratch and or learning new skills. To achieve this, we present the open source Lithops (http://lithops.cloud) framework, that introduces serverless with minimal effort, and its new fusion with serverless computing brings automated scalability and the use of existing frameworks into the picture. Lithops, a novel toolkit that enables the transparent execution of unmodified, regular Python code against disaggregated cloud resources. Lithops supports hybrid execution environments of using Kubernetes, Apache OpenWhisk, and any of the major serverless computing offerings in today’s market .
Lithops minimizes the learning curve for knowledgeable Python developers, keeps interfaces simple and consistent, and provides access transparency to disaggregated storage and memory resources in the cloud. Further, its multi-cloud-agnostic architecture ensures portability and overcomes vendor lock-in. Altogether, this represents a significant step forward in the programmability of the cloud.
We present real use cases and examples with Lithops, including Monte Carlo simulations, data pre-processing and the use case of European Molecular Biology Laboratory (EMBL), and how Lithops framework allowed to process datasets that were previously out of reach, and without additional efforts for infrastructure maintenance, configuration, and deployment.
Presented by Gil Vernik @IBM
Lithops minimizes the learning curve for knowledgeable Python developers, keeps interfaces simple and consistent, and provides access transparency to disaggregated storage and memory resources in the cloud. Further, its multi-cloud-agnostic architecture ensures portability and overcomes vendor lock-in. Altogether, this represents a significant step forward in the programmability of the cloud.
We present real use cases and examples with Lithops, including Monte Carlo simulations, data pre-processing and the use case of European Molecular Biology Laboratory (EMBL), and how Lithops framework allowed to process datasets that were previously out of reach, and without additional efforts for infrastructure maintenance, configuration, and deployment.
Presented by Gil Vernik @IBM
- 2 participants
- 46 minutes
5 Feb 2021
The SolarWinds cyber-attack is probably the most sophisticated and damaging nation-state cyber campaign we have seen in recent years. A key factor in the attack was the ability of the attackers to have their code digitally signed and approved by compromising the SolarWinds software supply chain.
While breaching the SolarWinds supply chain was a complicated task, most of the cloud workloads used today come from much weaker supply chain sources such as DockerHub and GitHub Repositories. With recent research showing more than 50% of DockerHub images containing malware, it is almost inevitable that similar backdoors to the one seen at SolarWinds either already exist or will soon compromise additional cloud environments.
While it initially seemed to be an attack focused solely on on-prem networks, it is now quite clear that it’s a new form of hybrid cyber-attack involving both on-premises and cloud-native assets. This type of attack exploits existing vulnerabilities and utilizes advanced techniques to keep under the radar of existing detection tools.
In this webinar, we will analyze the SolarWinds attack to better understand the vulnerabilities of cloud-native environments, such as Kubernetes. We will then enumerate effective measures to eliminate or mitigate the risks inherent in cloud environments.
While breaching the SolarWinds supply chain was a complicated task, most of the cloud workloads used today come from much weaker supply chain sources such as DockerHub and GitHub Repositories. With recent research showing more than 50% of DockerHub images containing malware, it is almost inevitable that similar backdoors to the one seen at SolarWinds either already exist or will soon compromise additional cloud environments.
While it initially seemed to be an attack focused solely on on-prem networks, it is now quite clear that it’s a new form of hybrid cyber-attack involving both on-premises and cloud-native assets. This type of attack exploits existing vulnerabilities and utilizes advanced techniques to keep under the radar of existing detection tools.
In this webinar, we will analyze the SolarWinds attack to better understand the vulnerabilities of cloud-native environments, such as Kubernetes. We will then enumerate effective measures to eliminate or mitigate the risks inherent in cloud environments.
- 4 participants
- 50 minutes
3 Feb 2021
Policy as Code enables continuous compliance and protects against common misconfigurations. Kyverno, a CNCF sandbox project, enables Kubernetes native policy as code, in a simple and scalable manner. This livestream will explore how enterprises can manage security and best practices compliance for their Kubernetes clusters and workloads using Kyverno.
- 3 participants
- 59 minutes
27 Jan 2021
Up until now managing Kubernetes infrastructure outside of cloud providers has been difficult, and while there have been attempts to ease management of Kubernetes clusters within the data center previously we feel those attempts have been focused mostly on trying to shoehorn the management of clusters into legacy practices. With Cluster API and Tinkerbell we are attempting to bring real cloud-native management of infrastructure into the data center
- 3 participants
- 1:01 hours
6 Jan 2021
In the last month of 2020, we saw some serious security issues plaguing Kubernetes. As K8s is being used more and more in production we will see more such vulnerabilities in 2021. However, Om Moolchandani, Co-Founder and CTO of Accurics, believes that this is the natural progression of any technologies. As Kubernetes matures it will go through its own challenging phase, but that doesn’t mean that users should worry about compromised systems. There are many technologies already in place to protect users. This interview covers many such topics.
Speakers:
Swapnil Bhartiya, TFiR
Om Moolchandani, Accurics
Speakers:
Swapnil Bhartiya, TFiR
Om Moolchandani, Accurics
- 2 participants
- 24 minutes
31 Dec 2020
In questo ultimo tech talk di chiusura dell'anno 2020, Paolo ci parlerà di come costruire una macchina completa e funzionante da retrogaming con Kubernetes e Javascript.
Un viaggio affascinante nella storia dell'informatica e sulle potenzialità delle APIs di Kubernetes quando usate per la costruzione di applicazioni custom.
---
Potete trovare su Github il codice sorgente di AdditronK8:
https://github.com/paolomainardi/additronk8s-retrogames-kubernetes-controller
Qui le slide dell'intervento su Slideshare:
https://www.slideshare.net/sparkfabrik/retro-gaming-machine-made-with-javascript-and-kubernetes-240654394
---
Buona visione e facci sapere cosa ne pensi lasciando un commento!
-----
I Tech Talk sono un formato con cui presentiamo nuove tecnologie applicate a progetti a cui stiamo lavorando e che riteniamo siano importanti da condividere. Nati come talk interni, abbiamo poi deciso di condividerli con la speranza che possano essere interessanti e possibilmente utili ad altri. Crediamo nel senso della community.
Un viaggio affascinante nella storia dell'informatica e sulle potenzialità delle APIs di Kubernetes quando usate per la costruzione di applicazioni custom.
---
Potete trovare su Github il codice sorgente di AdditronK8:
https://github.com/paolomainardi/additronk8s-retrogames-kubernetes-controller
Qui le slide dell'intervento su Slideshare:
https://www.slideshare.net/sparkfabrik/retro-gaming-machine-made-with-javascript-and-kubernetes-240654394
---
Buona visione e facci sapere cosa ne pensi lasciando un commento!
-----
I Tech Talk sono un formato con cui presentiamo nuove tecnologie applicate a progetti a cui stiamo lavorando e che riteniamo siano importanti da condividere. Nati come talk interni, abbiamo poi deciso di condividerli con la speranza che possano essere interessanti e possibilmente utili ad altri. Crediamo nel senso della community.
- 3 participants
- 54 minutes
30 Oct 2020
Join Redpanda's CEO Alex Gallego as he does a deep-dive talk with a team of storage experts at LinkedIn that built Kafka and Samza.
0:00 Intro
1:14 Timeline of streaming data
2:55 Performance of CPU by the numbers
5:06 RPC + Microservices
6:40 Weakness of storage engines
11:10 Low level architecture
15:14 Seastar + futures
19:10 Thread per core architecture
24:15 DMA + Sparse Filesystem Support
26:06 High level architecture
30:25 Produce request
35:00 Q&A
-----------------------------------------
To learn more about the fast, simple, reliable Redpanda streaming data engine please visit https://redpanda.com:
◦ The Kafka API is great; now let's make it fast! - https://rpnda.co/fast-safe
◦ How we built Redpanda’s tiered storage capabilities - https://rpnda.co/tiered-storage
◦ Kafka-compatible fast distributed transactions - https://rpnda.co/fast-transactions
◦ Building our data transformation engine with Wasm - https://rpnda.co/wasm-transforms
Join our Slack community! https://rpnda.co/slack
Contribute to our GitHub repository: https://rpnda.co/github
Redpanda is the modern streaming data platform for developers. API-compatible with Apache Kafka®, Redpanda enables a simple, fast, reliable, and unified engine of record for both real-time and historical enterprise data. 10x faster. Safe by default. No Zookeeper®, no JVM, and no code changes required. Built with C++ and Go, using technologies like Seastar.
Follow us on social media:
Twitter - https://rpnda.co/twitter
LinkedIn - https://rpnda.co/linkedin
0:00 Intro
1:14 Timeline of streaming data
2:55 Performance of CPU by the numbers
5:06 RPC + Microservices
6:40 Weakness of storage engines
11:10 Low level architecture
15:14 Seastar + futures
19:10 Thread per core architecture
24:15 DMA + Sparse Filesystem Support
26:06 High level architecture
30:25 Produce request
35:00 Q&A
-----------------------------------------
To learn more about the fast, simple, reliable Redpanda streaming data engine please visit https://redpanda.com:
◦ The Kafka API is great; now let's make it fast! - https://rpnda.co/fast-safe
◦ How we built Redpanda’s tiered storage capabilities - https://rpnda.co/tiered-storage
◦ Kafka-compatible fast distributed transactions - https://rpnda.co/fast-transactions
◦ Building our data transformation engine with Wasm - https://rpnda.co/wasm-transforms
Join our Slack community! https://rpnda.co/slack
Contribute to our GitHub repository: https://rpnda.co/github
Redpanda is the modern streaming data platform for developers. API-compatible with Apache Kafka®, Redpanda enables a simple, fast, reliable, and unified engine of record for both real-time and historical enterprise data. 10x faster. Safe by default. No Zookeeper®, no JVM, and no code changes required. Built with C++ and Go, using technologies like Seastar.
Follow us on social media:
Twitter - https://rpnda.co/twitter
LinkedIn - https://rpnda.co/linkedin
- 10 participants
- 1:05 hours
22 Oct 2020
The United States Air Force Chief Software Officer Nicolas Chaillan joins Tetrate's Zack Butcher - early Istio engineer and project steering committee member, to talk about the US Department of Defence's use of Open Source and Istio.
In this 'Ask Me Anything' session, Mr. Chaillan discusses the DoD's adoption and use of open source technology on everything from fighter jets to nuclear subs. He explains how everything they do is open source, and founded on the principles of DevSecOps. He details how the DoD saved 100 years in one year by moving 37 programs to DevSecOps, and around $12.5 million in the budget, per year, per program.
On Istio he adds how vital the move to the Open Usage Commons was for their continued adoption of Istio, and how Istio is the key to successful Zero Trust Architecture.
0:00 - 6:22 - Intro
6:22 - 12:02 - What is DevSecOps? Why was it necessary to adopt Istio?
12:02 - 18:58 - Organizational challenges in a multi-diverse environment
18:58 - 22:32 - How far have you come along on your journey? How many clusters do you run?
22:32 - 25:00 - What are some of the benefits that you have been able to get from Istio so far?
25:00 - 28:00 - Why Istio over other options?
28:00 - 30:00 - How do you upgrade Istio?
30:00 - 33:00 - Docker and Docker Security.
33:00 - 33:50 - Are you going with Hybrid deployments? And if you are going with hybrid deployments, how are you doing networking and keeping it secure?
33:50 - 36:04 - What's your metric and logging strategy?
36:04 - 38:10 - What's your approach to multi-tenancy
38:10 - 40:57 - How has adopting more open source impacted overall cybersecurity at DOD?
40:57 - 43:47 - Why adopt a full service mesh and not just an ingress controller?
43:47 - 45:36 - What were the challenges of adopting Istio? And were there any specific set of tweaks or optimizations, you had to do to be able to use it?
45:36 - 50:46 - What are your experience with Kubernetes at the edge? what are observed issues?
50:46 - 52:45 - What do you think you have been successful in bringing radical changes to DOD?
52:45 - 55:00 - How do you incorporate network compliances that are not part of the service mesh?
55:00 - 58:58 - For DOD contractors, how can they get involved with the joint program platform One?
In this 'Ask Me Anything' session, Mr. Chaillan discusses the DoD's adoption and use of open source technology on everything from fighter jets to nuclear subs. He explains how everything they do is open source, and founded on the principles of DevSecOps. He details how the DoD saved 100 years in one year by moving 37 programs to DevSecOps, and around $12.5 million in the budget, per year, per program.
On Istio he adds how vital the move to the Open Usage Commons was for their continued adoption of Istio, and how Istio is the key to successful Zero Trust Architecture.
0:00 - 6:22 - Intro
6:22 - 12:02 - What is DevSecOps? Why was it necessary to adopt Istio?
12:02 - 18:58 - Organizational challenges in a multi-diverse environment
18:58 - 22:32 - How far have you come along on your journey? How many clusters do you run?
22:32 - 25:00 - What are some of the benefits that you have been able to get from Istio so far?
25:00 - 28:00 - Why Istio over other options?
28:00 - 30:00 - How do you upgrade Istio?
30:00 - 33:00 - Docker and Docker Security.
33:00 - 33:50 - Are you going with Hybrid deployments? And if you are going with hybrid deployments, how are you doing networking and keeping it secure?
33:50 - 36:04 - What's your metric and logging strategy?
36:04 - 38:10 - What's your approach to multi-tenancy
38:10 - 40:57 - How has adopting more open source impacted overall cybersecurity at DOD?
40:57 - 43:47 - Why adopt a full service mesh and not just an ingress controller?
43:47 - 45:36 - What were the challenges of adopting Istio? And were there any specific set of tweaks or optimizations, you had to do to be able to use it?
45:36 - 50:46 - What are your experience with Kubernetes at the edge? what are observed issues?
50:46 - 52:45 - What do you think you have been successful in bringing radical changes to DOD?
52:45 - 55:00 - How do you incorporate network compliances that are not part of the service mesh?
55:00 - 58:58 - For DOD contractors, how can they get involved with the joint program platform One?
- 3 participants
- 59 minutes
