Loading…
Attending this event?
Virtual Event
August 17–August 20, 2020

The schedule is subject to change. As we adjust to a virtual experience, our plan is to keep the sessions the same, which is dependent on speaker availability.

Learn More and Register to Attend This Event

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, August 17
 

08:00

Advanced Kubernetes Cert: Learn how to build your next app with Kube, Istio, & advanced services like Watson hosted by IBM (Additional Registration + Fee Required)
Do you need to select the right technologies to build your next application? Get your hands dirty with those technologies before you start your build. Learn how Kubernetes and Istio give you full control over your microservices. Kubernetes minimizes outages and disruptions through self-healing, intelligent scheduling, horizontal scaling, and load balancing. Istio gives you security, advanced routing, policy and insights into your application. Our developers will walk you through the step-by-step in this Hands-on-Lab in either the morning or afternoon, and you'll walk away with a certification badge. (2 workshops based on availability - breakfast or lunch provided)

How to Register: Pre-registration is required. Register for Advanced Kubernetes Cert here!

For questions regarding this event, please reach out to rmelanco@us.ibm.com.

Monday August 17, 2020 08:00 - 12:00
TBA

08:00

AWS Container Day 2020 Amsterdam hosted by AWS (Additional Registration + Fee Required)
Start off your KubeCon 2020 in Amsterdam with AWS! In this full-day event, we'll cover how Amazon EKS makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS through talks, demos, and a workshop. We'll have team members hanging out all day to help answer questions.
 
The day will include:
·       Discussion of the EKS feature roadmap with the EKS team
·       Deep dive on machine learning and deep learning with EKS
·       Hands-on EKS workshop to help get you up in running
·       Partner discussions on how to use community and 3rd party tools with EKS
Workshop participation will require a laptop. 

How to Register: Pre-registration is required. Please register for AWS Container Day here!

For questions regarding this event, please reach out to containers-pmm@amazon.com.

Monday August 17, 2020 08:00 - 18:00
TBA

08:30

Kubernetes 101 hosted by Nigel Poulton (Additional Registration + Fee Required)
The perfect way to take your first steps with Kubernetes and prepare yourself for the main KubeCon event.
 
Jargon will be demystified, key concepts and Kubernetes architecture will be clearly explained, and you'll deploy, break, self-heal, scale, and perform rolling updates on a simple application.
 
Hands-on labs will run on msb.com where every attendee gets their own private multi-node Kubernetes cluster that looks and feels like production. The lab environment also has a live dashboard showing everything in real-time, including traffic flows and how things connect. This massively improves the learning experience.
 
The workshop is delivered by world-renowned Kubernetes trainer Nigel Poulton (nigelpoulton.com, @nigelpoulton). Nigel is passionate about making Kubernetes less scary and making learning fun. You'll love this workshop!
 
This was the most popular workshop at DockerCon 2019 and was massively oversubscribed at KubeCon 2019 in San Diego with amazing feedback. Register early to secure your seat!
 
The workshop lasts approximately 2.5 hours and you have to choose a morning (8:30am), lunch (11:30am), or afternoon (2:30pm) session. Looking forward to seeing you!
 
How to Register: Pre-registration is required. To register for Kubernetes 101, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to ash@kubetrainer.com.

Monday August 17, 2020 08:30 - 11:00
TBA

09:00

Workflow Automation Day hosted by GitHub (Additional Registration + Fee Required)
Workflow Automation Day is a full day of workshops dedicated to improving development workflows using GitHub. Whether you are an open source maintainer, partner, or enterprise customer, we will hold tailored sessions for diving deep into using our products, such as GitHub Actions to automate your software lifecycle from idea to delivery. You will be able to build, test, and deploy your code right from GitHub in multi-tool and multi-cloud environments. There are tools already available to accomplish multitude of workflows, but you can create your own tooling for your specific needs or provide these solutions to others. GitHub Actions is free to public repositories, which means free for open source maintainers.

How to Register: Pre-registration is required. To register for Workflow Automation Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to partnerengineering@github.com.

Monday August 17, 2020 09:00 - 11:00
TBA

09:00

Anthos/GKE Workshop hosted by Google Cloud (Additional Registration + Fees Required)
Google Cloud will be hosting 2 hands-on workshops: one in the morning and afternoon. Come learn  - hands-on about technologies like GKE, Anthos, Istio, Knative and Config Sync.

Session 1: Anthos Workshop 9:00 -12:00  
 
Session 2: Knative Workshop 13:00 - 16:00


In the Anthos workshop, you will get to experience Anthos technologies hands-on, like hybrid multi-cluster management with "Hub" (e.g. on-prem and cloud clusters), Istio service mesh to connect the clusters, and GKE Config Sync.

In the Knative workshop, you'll learn how to get serverless experiences on Kubernetes using the serving and eventing stacks to build higher-level application runtimes yourself.
 
Pick one or both! Bring a laptop -- both sessions will have engaging tutorials! 

How to Register: Pre-registration is required. To register for an Anthos/GKE & Knative Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday August 17, 2020 09:00 - 12:00
TBA

09:00

High Performance Java Microservices with GraalVM Native Image Workshop hosted by Oracle (Additional Registration + Fee Required)
Lightning fast start times, low memory requirements, and small disk footprint—three qualities you want in your microservice or function.  You might think it’s not possible to achieve all three in a Java application, but with GraalVM's ahead of time compilation you can!  In this workshop we'll introduce GraalVM's native-image compilation utility which can generate a native executable that includes just the JDK and application classes and methods you need.  And since your Java is compiled to native machine code it starts extremely fast and consumes significantly less memory than a JIT compiled Java app. Come to this workshop to get hands-on experience building and deploying microservices and functions with GraalVM.

How to Register: Pre-registration is required. To register for High Performance Java Microservices with GraalVM Native Image Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to kubecon_us_grp@oracle.com.

Monday August 17, 2020 09:00 - 12:00
TBA

09:00

Building a DevOps Pipeline with Kubernetes and Apache Cassandra™ hosted by DataStax (Additional Registration + Fee Required)
Today’s applications require extreme performance, availability, and scalability in order to respond to hockey stick growth and viral trends. Apache Cassandra has answered this call for over a decade as the premier distributed database for production-at-scale workloads. From financial services transactions to entertainment streaming services, Cassandra is present in the applications and backend architectures that impact our daily lives.
 
This workshop will showcase the power of DataStax Enterprise, the distributed hybrid cloud database built on Apache Cassandra, combined with Kubernetes cloud-native resources and best practice DevOps pipelines to support today’s modern application needs. As an attendee, you will be introduced to Cassandra's architecture and logical fault domains as well as the Kubernetes components that complement this architecture. With this under your belt, you’ll then shift to simplifying your architecture by leveraging operators and custom resource definitions, so you can think about your Cassandra cluster as a logical unit instead of a collection of individual Kubernetes resources.
 
With a running Cassandra cluster, observability is now on the menu. Operators are deployed and used to provision Prometheus and Grafana clusters. Dashboards are loaded into Grafana to visualize the cluster's health and performance. To illustrate that everything is functioning as expected a load generation tool is run against the cluster via Kubernetes jobs. Gauges come alive and we are left confident in our ability to deploy, manage, and monitor Cassandra clusters at scale on Kubernetes.

How to Register: Pre-registration is required. To register for Building a DevOps Pipeline, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to erica.lien@datastax.com.

Monday August 17, 2020 09:00 - 15:00
TBA

09:00

NSMCon hosted by the NSM Community (Additional Registration + Fee Required)
Are you running workloads in multiple clusters? Across multiple clouds: on-premises, hybrid, multicloud, or public cloud? Do they need to interact with legacy workloads running in less “cloudy” environments? Network Service Mesh (NSM) ties them all together, at the granularity of individual workloads, not cluster/VPCs/data centers.
 
NSM is a community-driven CNCF Sandbox project that is rapidly gaining momentum because of its ability to simplify connectivity between workloads, independent of where they are running. It extends an IP reachability domain to workloads running in multiple clusters, legacy environments, on-premises, or in a public cloud, communicating with the protocols they are currently using.
 
NSM does this at the granularity of individual workloads. Your workloads have connectivity to just the workloads they need nothing more, nothing less. NSM brings the useful features of a Service Mesh from the lofty heights of HTTP all the way down to IP itself. Applications and Application Service Meshes, such as Istio, run unaltered on top, leaving the hybrid/multicloud IP connectivity to NSM.
 
The project emerged organically as a community project to solve these problems by applying the Service Mesh thought process all the way down to IP with the global peering mentality of the Internet itself – without breaking your existing environment.
 
Join the people building and using NSM at Network Service Mesh Con for a day of tutorials, deep dives, and use cases to learn how NSM works, what it can do for you, and, most importantly, what’s coming next.

How to Register: Pre-registration is required. To register for NSMCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to nsmcon@networkservicemesh.io.

Monday August 17, 2020 09:00 - 16:00
TBA

09:00

Cloud Native Security Day hosted by CNCF (Additional Registration + Fee Required)
Cloud Native Security Day is designed to bring together the cloud native security community together to discuss and share current challenges and solutions in cloud native security.  This event provides a single place for people involved or getting involved in cloud native security to get together in a vendor neutral space.

This event allows and encourages open collaboration and sharing of cloud native security accomplishments and roadblocks.  Cloud native security is a multi-objective and multi-constrained problem space spanning many areas. Pretty much everything falls into security, from identity management to storage solutions. Cloud Native Security Day (#cnsecurityday) is intended to drive collaboration, discussion, and knowledge sharing of cloud native security accomplishments and roadblocks. Get connected with others that are passionate about security. Learn from practitioners about pitfalls to avoid, hurdles to jump, and how to integrate security into your cloud native project, architecture, and enhance team awareness on security.

Interested in speaking? Apply for the CFP here. Submissions close February 4, 2020 and speakers will be notified February 12.

Apply for diversity scholarships here. Applications close February 2 and notifications will be sent on February 17th.

More details will be made available here

How to Register: Pre-registration is required. To register for Cloud Native Security Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday August 17, 2020 09:00 - 17:00
TBA

09:00

Cloud Native Storage Day hosted by the CNS Ecosystem (Additional Registration + Fee Required)
Join us for another very special Cloud Native Storage Day! We have brought together users of cloud native storage technologies as well as experts from top companies to bring you a fantastic day rich with thought-provoking sessions including technical demos, panel discussions, presentations, and a terrific networking opportunity for you to get to know the experts in Container Storage and Data Management. Come learn all about the virtues of multi-cloud operations of stateful services with Kubernetes, running stateful applications in containers, cloud native data management, the CSI project updates, and all things cloud native storage! The CNS ecosystem companies partnered together again to bring you this creative, community-oriented day, targeted toward Enterprises on various stages of their container-native storage journey. Lunch will be provided, and all attendees will receive our special CNS Day shirt and swag!

Visit www.cloudnativestorageday.com for more information, and to see our past agendas and video recorded sessions from the first 3 CNS Days!
 
Registration fees will be donated to the CNCF Diversity Scholarship Fund.

How to Register: Pre-registration is required. To register for Cloud Native Storage Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to lisa@portworx.com.

Monday August 17, 2020 09:00 - 17:00
TBA

09:00

Continuous Delivery Summit EU hosted by Continuous Delivery Foundation (Additional Registration + Fee Required)
Registration Fees: USD $199

The Continuous Delivery Summit is a one-day event that brings together the open source CI/CD community. Meet peers and drive the future direction of continuous delivery. The day will end with a ‘Mind Share’ cocktail hour. The reception will give attendees the opportunity to explore CI/CD strategies, talk to experts and meet new people.

How to Register: Pre-registration is required. To register for Continuous Delivery Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@linuxfoundation.org.

Monday August 17, 2020 09:00 - 17:00
TBA

09:00

KubeAcademy: Kubernetes Application and Container Workflows hosted by VMware (Additional Registration + Fee Required)
This one-day advanced course covers the cloud native approach of developing software and deploying it on Kubernetes. Patterns for source control management, building, deploying, and environment management of the Software Development Lifecycle process for Cloud Native application in Kubernetes will be presented. 
Course Objectives
·         Learn how to structure and management source control for a Cloud Native Kubernetes application
·         Build and compile applications in containers without OS dependencies
·         Deploy applications to Kubernetes in an automated manner
·         Implement integration testing into builds
·         Deploy and configure applications as they move from lower environments to production
Prerequisites
·         Linux concepts and command line proficiency
·         Fluent in GIT commands and workflows
·         github.com account
·         Ability to write and debug basic unix shell scripts
·         SDLC knowledge and experience

How to Register: Pre-registration is required. To register for KubeAcademy, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to hooverh@vmware.com.

Monday August 17, 2020 09:00 - 17:00
TBA

09:00

Serverless Practitioners Summit hosted by CNCF (Additional Registration + Fee Required)
The goal is to unite the serverless practitioner community and present end users with comprehensive strategies to understand serverless in a cloud native context. To do that, we plan to create a full-day single-track serverless conference that follows our initial successful work in the CNCF serverless working group and surrounding projects.

Interested in speaking? CFP submissions open January 13, 2020 and close February 4, apply here

Apply for diversity scholarships here. Applications close February 2 and notifications will be sent on February 17th.

How to Register: Pre-registration is required. To register for Serverless Practitioners Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday August 17, 2020 09:00 - 17:00
TBA

09:00

ServiceMeshCon hosted by CNCF (Additional Registration + Fee Required)
ServiceMeshCon is a vendor-neutral conference on service mesh technologies, featuring maintainers across different service mesh projects and also showcasing the lessons learned from running service meshes in production.

Interested in speaking? Apply for the CFP here. Submissions close February 4, 2020 and speakers will be notified February 12.

Apply for diversity scholarships here. Applications close February 2 and notifications will be sent on February 17th.

More details will be made available here

How to Register: Pre-registration is required. To register for ServiceMeshCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to events@cncf.io.

Monday August 17, 2020 09:00 - 17:00
TBA

11:30

Kubernetes 101 hosted by Nigel Poulton (Additional Registration + Fee Required)
The perfect way to take your first steps with Kubernetes and prepare yourself for the main KubeCon event.
 
Jargon will be demystified, key concepts and Kubernetes architecture will be clearly explained, and you'll deploy, break, self-heal, scale, and perform rolling updates on a simple application.
 
Hands-on labs will run on msb.com where every attendee gets their own private multi-node Kubernetes cluster that looks and feels like production. The lab environment also has a live dashboard showing everything in real-time, including traffic flows and how things connect. This massively improves the learning experience.
 
The workshop is delivered by world-renowned Kubernetes trainer Nigel Poulton (nigelpoulton.com, @nigelpoulton). Nigel is passionate about making Kubernetes less scary and making learning fun. You'll love this workshop!
 
This was the most popular workshop at DockerCon 2019 and was massively oversubscribed at KubeCon 2019 in San Diego with amazing feedback. Register early to secure your seat!
 
The workshop lasts approximately 2.5 hours and you have to choose a morning (8:30am), lunch (11:30am), or afternoon (2:30pm) session. Looking forward to seeing you!
 
How to Register: Pre-registration is required. To register for Kubernetes 101, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to ash@kubetrainer.com.

Monday August 17, 2020 11:30 - 14:00
TBA

11:30

OperatorCon hosted by Loodse (Additional Registration + Fee Required)
OperatorCon is a mini conference that focuses on the challenges faced by small and larger organizations with managing cloud native applications in production. The main topics of the mini conference are the cloud native operator pattern and how operators can help automate daily operations of your infrastructure. No matter if you are just beginning to roll out your first Kubernetes implementation or if you are already running cloud native applications at larger scale: Don't miss out on this opportunity to learn from the experience of your peers. OperatorCon will definitely provide you with valuable insights.

Pre-registration is required. To register for OperatorCon, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to info@loovent.com.

Monday August 17, 2020 11:30 - 17:00
TBA

12:00

Advanced Kubernetes Cert: Learn how to build your next app with Kube, Istio, & advanced services like Watson hosted by IBM (Additional Registration + Fee Required)
Do you need to select the right technologies to build your next application? Get your hands dirty with those technologies before you start your build. Learn how Kubernetes and Istio give you full control over your microservices. Kubernetes minimizes outages and disruptions through self-healing, intelligent scheduling, horizontal scaling, and load balancing. Istio gives you security, advanced routing, policy and insights into your application. Our developers will walk you through the step-by-step in this Hands-on-Lab in either the morning or afternoon, and you'll walk away with a certification badge. (2 workshops based on availability - breakfast or lunch provided)

How to Register: Pre-registration is required. Register for Advanced Kubernetes Cert here!

For questions regarding this event, please reach out to rmelanco@us.ibm.com.

Monday August 17, 2020 12:00 - 16:00
TBA

12:00

Cloud-Native CI/CD Summit hosted by Codefresh (Additional Registration + Fee Required)
Join us on the Warpen Van Amsterdam Saloon boat for this half-day event focused on learning from larger organizations and how they deal with the challenges of delivering microservices on Kubernetes, Serverless, and other cloud-native technologies. We will start with lunch and networking on the boat, followed by presentations and a 2-hour cruise down the Amstel Canal for happy hour!

With speakers from across Europe with diverse backgrounds and skill sets, you’re guaranteed to walk away with some actionable information to improve your continuous integration and delivery, whether you’re just starting on the road to Kubernetes or already running in production today. Developer productivity and delivering quality software on-time is the goal.

CFP Deadline: March 2, 2020 - Apply now!

How to Register: Pre-registration is required. To register for Cloud Native CI/CD Summit, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to taryn@codefresh.io.

Monday August 17, 2020 12:00 - 18:00
TBA

13:00

Workflow Automation Day hosted by GitHub (Additional Registration + Fee Required)
Workflow Automation Day is a full day of workshops dedicated to improving development workflows using GitHub. Whether you are an open source maintainer, partner, or enterprise customer, we will hold tailored sessions for diving deep into using our products, such as GitHub Actions to automate your software lifecycle from idea to delivery. You will be able to build, test, and deploy your code right from GitHub in multi-tool and multi-cloud environments. There are tools already available to accomplish multitude of workflows, but you can create your own tooling for your specific needs or provide these solutions to others. GitHub Actions is free to public repositories, which means free for open source maintainers.

How to Register: Pre-registration is required. To register for Workflow Automation Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to partnerengineering@github.com.

Monday August 17, 2020 13:00 - 15:00
TBA

13:00

Knative Workshop hosted by Google Cloud (Additional Registration + Fee Required)
Google Cloud will be hosting 2 hands-on workshops: one in the morning and afternoon. Come learn  - hands-on about technologies like GKE, Anthos, Istio, Knative and Config Sync.

Session 1: Anthos Workshop 9:00 -12:00  
 
Session 2: Knative Workshop 13:00 - 16:00


In the Anthos workshop, you will get to experience Anthos technologies hands-on, like hybrid multi-cluster management with "Hub" (e.g. on-prem and cloud clusters), Istio service mesh to connect the clusters, and GKE Config Sync.

In the Knative workshop, you'll learn how to get serverless experiences on Kubernetes using the serving and eventing stacks to build higher-level application runtimes yourself.
 
Pick one or both! Bring a laptop -- both sessions will have engaging tutorials! 

How to Register: Pre-registration is required. To register for an Anthos/GKE & Knative Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to jamierachel@google.com.

Monday August 17, 2020 13:00 - 16:00
TBA

13:00

Kubernetes and Service Mesh with Java Microservices Workshop hosted by Oracle (Additional Registration + Fee Required)
You’ve had the opportunity to do some work with Kubernetes, and maybe, work with a service mesh. But, now you want to have a more in-depth understanding of development, deployment, monitoring, and observability of your microservices running on Kubernetes. This workshop provides attendees many opportunities to cover these areas as they work through the labs using Java-based microservices. At the conclusion, attendees will have a much better understanding of what Kubernetes offers, how a service mesh is critical to microservices architecture, and how to better employ observability and tracing for their microservices.

How to Register: Pre-registration is required. To register for Kubernetes and Service Mesh with Java Microservices Workshop, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to kubecon_us_grp@oracle.com.

Monday August 17, 2020 13:00 - 16:00
TBA

14:30

Kubernetes 101 hosted by Nigel Poulton (Additional Registration + Fee Required)
The perfect way to take your first steps with Kubernetes and prepare yourself for the main KubeCon event.
 
Jargon will be demystified, key concepts and Kubernetes architecture will be clearly explained, and you'll deploy, break, self-heal, scale, and perform rolling updates on a simple application.
 
Hands-on labs will run on msb.com where every attendee gets their own private multi-node Kubernetes cluster that looks and feels like production. The lab environment also has a live dashboard showing everything in real-time, including traffic flows and how things connect. This massively improves the learning experience.
 
The workshop is delivered by world-renowned Kubernetes trainer Nigel Poulton (nigelpoulton.com, @nigelpoulton). Nigel is passionate about making Kubernetes less scary and making learning fun. You'll love this workshop!
 
This was the most popular workshop at DockerCon 2019 and was massively oversubscribed at KubeCon 2019 in San Diego with amazing feedback. Register early to secure your seat!
 
The workshop lasts approximately 2.5 hours and you have to choose a morning (8:30am), lunch (11:30am), or afternoon (2:30pm) session. Looking forward to seeing you!
 
How to Register: Pre-registration is required. To register for Kubernetes 101, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to ash@kubetrainer.com.

Monday August 17, 2020 14:30 - 17:00
TBA

15:00

Workflow Automation Day hosted by GitHub (Additional Registration + Fee Required)
Workflow Automation Day is a full day of workshops dedicated to improving development workflows using GitHub. Whether you are an open source maintainer, partner, or enterprise customer, we will hold tailored sessions for diving deep into using our products, such as GitHub Actions to automate your software lifecycle from idea to delivery. You will be able to build, test, and deploy your code right from GitHub in multi-tool and multi-cloud environments. There are tools already available to accomplish multitude of workflows, but you can create your own tooling for your specific needs or provide these solutions to others. GitHub Actions is free to public repositories, which means free for open source maintainers.

How to Register: Pre-registration is required. To register for Workflow Automation Day, add it on during your KubeCon + CloudNativeCon registration.

For questions regarding this event, please reach out to partnerengineering@github.com.

Monday August 17, 2020 15:00 - 17:00
TBA

16:00

Lightning Talks Opening Remarks: Vicki Cheung & Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chairs
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Splunk
Constance is a senior software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and maintained... Read More →


Monday August 17, 2020 16:00 - 16:02
TBA

16:02

etcd Watchers Not Working? Improving Error Handling in Your Applications - Guillermo Nunez, IBM
When building services with etcd, one of the best features of etcd is watchers. It allows developers to create applications such that when a dataset is changed, the watcher for that dataset on another system receives the notification and performs user-specified action. A simple use case is a user has a program using etcd watchers to monitor the stock market and sell (user-defined action) if their stock of interest falls below price $X.

There are error failures that are not automatically covered with an etcd cluster such as network connectivity issues, DC outage, and cloud infrastructure maintenance. The talk consists of the following:
- what watchers are
- how to build your services using heartbeat key for monitoring etcd watchers
- perform locking on watchers to prevent race conditions
- caching data locally for your service to keep running until the etcd cluster is back up.

Speakers
GN

Guillermo Nunez

Staff Software Developer, IBM
Guillermo Nunez joined IBM in March 2015 and works on the IBM Cloud - Network team. He played a critical development role in FSA 10G offering, upgraded the FW infrastructure to ensure security and compliance are met, and currently is working on the IBM VPC Load Balancer.


Monday August 17, 2020 16:02 - 16:07
TBA

16:08

What's an Application in Kubernetes? - Antoine Legrand, Red Hat
A very simple question but with many different answers when asked. Kubernetes should provide a ground set of concepts that allows interoperability of systems and a shared knowledge in the ecosystem. In any kubernetes distribution, a Pod or a Service have the same definition, this is not the case for application. As end-users are mainly managing apps, it's time for kubernetes to get a representation and a definition of it. 
The sig-apps community came to an agreement to provide this missing piece. They created a new Application resource and its controller. This talk is bringing light to this new upstream resource, the features it provides with concrete examples, and the next steps and how to get involved. 

Speakers
avatar for Antoine Legrand

Antoine Legrand

Engineering Manager, Red Hat
Antoine Legrand is an engineering manager at CoreOS/Red Hat. He co-founded Kubespray and works closely with major actors in the ecosystem to improve the user experience in managing application and Kubernetes clusters. Antoine is involved with open source and cloud-native software... Read More →


Monday August 17, 2020 16:08 - 16:13
TBA

16:14

Users First: Why (and How!) We Internationalized Our Cloud-Native Project - Carol Scott, Buoyant
While there are many resources online about internationalization (i18n) in general, there are Kubernetes-specific lessons that we learned at Buoyant in the process of internationalizing Linkerd’s web dashboard that are vital for end users and CNCF project maintainers alike who are building robust, global projects.

This lightning talk will share Linkerd’s recent i18n journey, including

- Why internationalizing user-facing features affects your project's success
- What i18n has to do with accessibility (a11y)
- What we applied -- and what we didn’t! -- from the K8s community’s i18n practices
- Kubernetes-specific pitfalls when internationalizing content

Audience members will leave with an accessible, easy roadmap to go from i18n idea to execution, with minimal organizational hiccups.

Speakers
CS

Carol Scott

Software Engineer, Buoyant
Carol Scott is a Software Engineer at Buoyant, where she contributes to the web dashboard and CLI of the open source Linkerd service mesh project. Her work on Linkerd includes guiding internationalization of the dashboard, reviewing PRs from contributors around the world, and making... Read More →


Monday August 17, 2020 16:14 - 16:19
TBA

16:20

Think Design About Pretty Kubectl Plugins - Aya Igarashi, Z Lab Corporation
What is a well-designed CLI?
How do we develop it?

Kubernetes is widely spread and people start to be interested in Day2 Operation. Along with this, the number of kubectl plugins is developed recently.

In this presentation, Aya Igarashi will talk about how to improve the design and develop a kubectl plugin based on her experience. She develops kubectl-bindrole which is a kubectl plugin that summarizes permissions for an RBAC account.
https://github.com/Ladicle/kubectl-bindrole

This session will be helpful for people who want to develop kubectl plugins, as well as for general CLI development.

Speakers
avatar for Aya Igarashi

Aya Igarashi

Software Engineer, Z Lab Corp.
Aya Igarashi is a Software Engineer at Z Lab where she is working on k8s operator and serverless platform for Yahoo! Japan. At a previous job, she and her team built bare-metal and other cloud services based on OpenStack.


Monday August 17, 2020 16:20 - 16:25
TBA

16:26

Stayin' Alive: PodDisruptionBudgets for Maintenance and Upgrades - Matthew Robson, Red Hat
As we work harder to automate our clusters, it becomes more and more difficult to guarantee the availability requirements of our applications. In large clusters, operations teams may not have the insights to ensure an applications minimum capacity requirements are maintained. Without that understanding, you may inadvertently bring down or inhibit applications through routine maintenance activities.

Enter the Pod Disruption Budget (PDB). Simply put, PDBs allows application owners to define the minimum requirement for a service to operate in a stable manner.

In this Lightning Talk, let me walk you through the benefits, usage and implementation of PDB’s. As an attendee, you will walk away with the necessary knowledge on how to use PDBs to define enforceable operating requirements of your applications.

Speakers
avatar for Matthew Robson

Matthew Robson

Principal Technical Account Manager, Red Hat
Matt is a Principal Technical Account Manager working as a Kubernetes and Container Subject Matter Expert in Red Hat's Global Customer Success group. He has spent the last 10+ years working for and helping organizations design, implement, test and tune large scale infrastructure... Read More →


Monday August 17, 2020 16:26 - 16:31
TBA

16:32

Making Envoy Contributions Feasible for Everyone - Yaroslav Skopets, Kong Inc
Have you ever considered contributing to Envoy?
What stops you?
Is it C++?
Is it completely different toolset?
Just don't feel yourself productive?
Well, we've got some news for you.
Thanks to a shiny, brand-new technology (WebAssembly), Envoy is becoming a polyglot.
And putting the human factor first, it means that now You can contribute using the toolbox that works best for You.
Paraphrasing, a demo is worth a thousand words.
Let's pick a language that everybody claims to be good at (JavaScript) and, surprisingly, use it to extend Envoy.
We'll do it live, under 5 minutes and have fun along the away (instead of cursing the-never-ending C++ compilation).

Speakers
avatar for Yaroslav  Skopets

Yaroslav Skopets

Software Engineer, Tetrate.io
Yaroslav Skopets, software engineer at Tetrate.io, developer of Kuma (Universal Service Mesh), Envoy contributor


Monday August 17, 2020 16:32 - 16:37
TBA

16:38

Reliability Engineering under Uncertainty - Silvia Pina, Independent
As reliability engineers, we want to make sure that the systems that we build and operate are reliable, robust, resilient to failure and observable. But we’re not only engineers, but also humans. As such, we have some limitations in our reasoning ability, and are prone to cognitive biases, defined as systematic error patterns in our thought processes. We tend to use heuristics to simplify problems, which in turn can be a contributing factor to introducing errors in our systems. We will examine in which ways cognitive biases can have a negative impact on our everyday work and the systems we maintain in production. How can we gain self-awareness about error-inducing biases, and turn them into advantages for us and our teams? You will leave with knowledge on using cognitive psychology to become a better professional – and a better human.

Speakers
avatar for Silvia Pina

Silvia Pina

Software Engineer, Independent


Monday August 17, 2020 16:38 - 16:43
TBA

16:44

Using SOPS, Kube Secrets and a CD Pipeline For Secure Configuration - Tom Hipwell, Bulb
Managing configuration doesn't have to be complex, this lightening talk will show a super simple pattern for having configuration live within your repo and deployed to your Kubernetes cluster as a Secret or ConfigMap using a CD pipeline.

This is done using a CLI tool from Mozilla known as SOPS, with an envelope encryption model based on a master key supplied by a cloud based KMS provider such as AWS and a CD pipeline implemented using CircleCI. This pattern keeps your configuration secure, but allows it to be controlled in version control, under code-review and released using your build pipeline.

Speakers
avatar for Tom Hipwell

Tom Hipwell

Principal Platform Engineer, Bulb
Tom is Principal Platform Engineer at Bulb, the fastest growing startup in the U.K and newly launched in Spain, France and Texas. Bulb is on a mission to make energy simpler, cheaper and greener. To do this, Tom led the design and build of Bulb\'s Billing Platform. Written in Python... Read More →


Monday August 17, 2020 16:44 - 16:49
TBA

16:50

Build & Deploy a CNF in 5 Minutes - Rastislav Szabo, PANTHEON.tech
Cloud Native Network Function (CNF) is a software implementation of a network function, traditionally performed on a physical device (e.g. IPv4/v6 router, L2 bridge/switch, VPN gateway, firewall), but built and deployed in a cloud-native way.

This talk will show a live demo on how a CNF providing cloud-native NAT (Network Address Translation) functionality can be built and deployed into a Kubernetes cluster within 5 minutes. To achieve that, several open source projects will be used: FD.io (an open source terabit software dataplane), Ligato.io (programming framework for building CNF control and management plane) and Network Service Mesh for interconnecting CNFs in a Kubernetes cluster on required network layers.

Speakers
avatar for Rastislav Szabo

Rastislav Szabo

Staff Engineer, PANTHEON.tech
Rastislav is an enthusiastic and motivated professional with more than ten years of software development experience, working on cloud-native and software-defined networking projects. He is a Staff Engineer at PANTHEON.tech, where he is designing software solutions for networking industry... Read More →


Monday August 17, 2020 16:50 - 16:55
TBA

16:56

Lightning Talks Closing Remarks: Vicki Cheung & Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chairs
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Splunk
Constance is a senior software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and maintained... Read More →


Monday August 17, 2020 16:56 - 17:00
TBA
 
Tuesday, August 18
 

09:00

Keynote: Dan Kohn, Executive Director, Cloud Native Computing Foundation
Speakers
avatar for Dan Kohn

Dan Kohn

Executive Director, Cloud Native Computing Foundation
Dan is Executive Director of the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes and Prometheus. He also helped create the Linux Foundation's Core Infrastructure Initiative as an industry-wide response to the security vulnerabilities... Read More →


Tuesday August 18, 2020 09:00 - 09:10
TBA

09:10

Keynote: CNCF Updates - Cheryl Hung, Director of Ecosystem, Cloud Native Computing Foundation
Speakers
avatar for Cheryl Hung

Cheryl Hung

Director of Ecosystem, Linux Foundation
Cheryl Hung is Director of Ecosystem at the Cloud Native Computing Foundation, where she drives adoption of cloud native infrastructure. As a non-profit under the Linux Foundation, the CNCF hosts open source projects including Kubernetes, Prometheus and Envoy.She founded the 5000... Read More →


Tuesday August 18, 2020 09:10 - 09:19
TBA

09:19

Keynote: CNCF Projects Update - Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Software Engineer, Splunk
Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Splunk
Constance is a senior software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and maintained... Read More →


Tuesday August 18, 2020 09:19 - 09:34
TBA

09:34

Sponsored Keynote: What Do You Trust? Establishing Trust and Improving Cloud Native Security - Anne Bertucio, Open Source Security, Google
Security is becoming a top topic for the cloud native community, as it should be; cloud native systems are running real workloads, and that comes with real consequences in the case of security incidents. Cloud native requires thinking about security differently. Google recently released new details about how we think about cloud native security, the BeyondProd approach, which uses an enforcement check called Binary Authorization for Borg, the Google container orchestrator which was a precursor to Kubernetes. As the community tackles cloud native security and open source security, we want to share the principles we used to decide, “Do we trust this?” to help everyone increase their security and decide what they trust in the cloud native world.

Speakers
avatar for Anne Bertucio

Anne Bertucio

Open Source Security, Google
Anne works on open source security as a part of the Open Source Program Office at Google, and has played many roles in the open source world: release team member, vulnerability response team, community manager, project launcher (including Kata Containers), committee member, and foundation... Read More →


Tuesday August 18, 2020 09:34 - 09:39
TBA

09:39

Keynote: Open Source Intrusion Detection for Containers at Shopify - Shane Lawrence, Senior Security Infrastructure Engineer, Shopify & Kris Nóva, Chief Open Source Advocate, Sysdig
Even well protected workloads may be compromised by 0-days and platform vulnerabilities. Observability is essential for detecting and stopping an attack before infrastructure and information is compromised. Shopify uses open source Falco, a CNCF incubating project, to track syscalls at the kernel level and reveal them to a Kubernetes-aware process in userspace. That uses predefined rules to decide which events to log. Additional tooling filters and aggregates logs, and generates alerts when suspicious activity is detected.

In this talk, Shane will describe how Shopify first deployed Falco in 2018 and continues to use it to monitor critical systems, including those that process payment card information. He will share tips and tricks for getting the most out of Falco, areas for improvement, and use cases for detecting compromise or data exfiltration when all else fails.

Speakers
avatar for Kris Nóva

Kris Nóva

Chief Open Source Advocate, Sysdig
Kris Nova, Chief Open Source Advocate at Sysdig, focuses on security, intrusion detection, and the Linux kernel with Kubernetes and eBPF. As an active advocate for open source, Nova is an ambassador for the CNCF and the creator of kubicorn, a successful Kubernetes infrastructure management... Read More →
avatar for Shane Lawrence

Shane Lawrence

Senior Infrastructure Security Engineer, Shopify
Shane is a Senior Security Infrastructure Engineer at Shopify, where he's working on a multi-tenant platform that allows developers to build secure, scalable apps and services. His previous work includes SIEM and Log Management at CGI MSS, and IDS Engineering at CFNOC.


Tuesday August 18, 2020 09:39 - 09:59
TBA

09:59

Sponsored Keynote: To Be Announced
Tuesday August 18, 2020 09:59 - 10:04
TBA

10:04

Keynote: The Beginner’s Guide to the CNCF TOC - Liz Rice, VP Open Source Engineering, Aqua Security
Who is the Technical Oversight Committee? What do its members do? How do projects get picked for adoption into the CNCF? Let’s shine a light on this group who determine which projects are adopted by the CNCF, set the future direction of the cloud native landscape, and are even responsible for the definition of the term “cloud native." 

This talk discusses the pros & cons of a project’s participation in the CNCF from the perspective of end users, vendors, contributors, and maintainers. It covers the lifecycle for a CNCF project, including:

- why projects want to be in the CNCF
- how the project adoption process works
- the requirements that the CNCF has on projects at different phases of maturity

Attendees will leave this talk with insights into how the technical arm of the CNCF works, why it’s important, what the TOC wants to do next, and how they can get involved.  

Speakers
avatar for Liz Rice

Liz Rice

Vice President, Open Source Engineering, Aqua Security
Liz Rice is VP Open Source Engineering at cloud native security specialists Aqua Security. She also chairs the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon in 2018. She has a wealth of software engineering experience working on network protocols... Read More →


Tuesday August 18, 2020 10:04 - 10:19
TBA

10:19

Keynote: Closing Remarks - KubeCon + CloudNativeCon Europe 2020 Co-Chairs: Constance Caramanolis, Software Engineer, Splunk & Vicki Cheung, Engineering Manager, Lyft
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Splunk
Constance is a senior software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and maintained... Read More →


Tuesday August 18, 2020 10:19 - 10:20
TBA

10:20

Sponsor Showcase
Tuesday August 18, 2020 10:20 - 20:05
TBA

11:05

KubeCon + CloudNativeCon 101: A Beginner’s Guide to The Conference - Karen Chu & Michelle Noorali, Microsoft
First time attending KubeCon + CloudNativeCon? Not sure how to approach it? Getting decision paralysis from all there is to learn from? We gotchu.

Come join us at the start of the conference to learn the best ways to get the most out of your time here. Collectively, both Karen and Michelle have been to almost every KubeCon + CloudNativeCon event since its inception and have identified tricks/tips to help guide you through your first conference, including:

-Attending sessions
-Hallway tracks
-CNCF projects
-Meeting project maintainers
-Mentoring sessions
-Approaching the sponsor hall
-How to think about CFPs for the future

Speakers
avatar for Michelle Noorali

Michelle Noorali

Senior Software Engineer, Microsoft
Michelle Noorali is a Sr. Software Engineer at Microsoft and was Co-Chair for KubeCon+CloudNativeCon 2017. She is a member of the CNCF Technical Oversight Committee and serves as a developer representative on the CNCF Governing Board. Michelle is also a core maintainer of several... Read More →
avatar for Karen Chu

Karen Chu

Community Manager, Microsoft
Karen Chu is a Community Manager on the Microsoft Azure Container Compute Upstream team with a focus on open source tools such as Helm, CNAB, Brigade, Virtual Kubelet, and more. She is a CNCF Ambassador, meet-up organizer, and conference organizer. She has also worked on and keynoted... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Towards a Standardized Application Definition Model for Kubernetes - Phil Prasek, Upbound & Sudhanva Huruli, Microsoft
With multiple Kubernetes application models emerging to capture the complex set of cloud resources and their connectivity, how do these approaches stack up and is there a path towards a standardized Kubernetes application model that becomes the unit of scheduling across clusters, regions, and clouds?

In this talk we’ll explore two emerging application models: the KubernetesApplication in Crossplane (a multi-cloud control plane) and the Open Application Model (OAM) from Microsoft and Alibaba. We’ll provide an overview of strengths and opportunities of each approach and directions towards converging around a standardized application model as part of the newly formed CNCF SIG: sig-app-delivery.

Speakers
SH

Sudhanva Huruli

Program Manager, Microsoft
Sudhanva is a Program Manager at Microsoft working on the Azure Container Compute team. He is a maintainer on the Rudr repository and frequent contributor to the Open App Model. His focus is building tools that makes it easy for developers and operators to build and manage cloud native... Read More →
avatar for Phil Prasek

Phil Prasek

Principal Product Manager, Upbound
Phil is a Principal Product Manager at Upbound where he is working on advancing cloud-native computing by building a more open cloud. Phil previously led the definition of the Chef Enterprise Automation Stack (EAS), was a founder at QuattroLabs where he built a bare-metal cloud service... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Autoscaling at Scale: How We Manage Capacity @ Zalando - Arjun Naik, Zalando SE
As of October 2019 Zalando has ~140 Kubernetes clusters varying in size from 5 to 400 nodes. This talk goes over how different applications both stateful and stateless are autoscaled using the HPA(Horizontal Pod Autoscaler) and VPA(Vertical Pod Autoscaler) and also the cluster using the Cluster Autoscaler. More specifically the talk explains the limitations and workarounds to each of these scaling strategies and also the techniques used to monitor so that applications always have sufficient capacity. It also discusses common pitfalls while scaling with these controllers and finally concludes with proposed enhancements to these controllers which would make autoscaling more reliable and efficient.

Speakers
AN

Arjun Naik

Software Engineer, Zalando SE
Arjun has a Master's degree in Distributed Systems from TU Dresden. Since 2015 he has been working at Zalando first as a Site Reliability Engineer and then as a Software Engineer in the Cloud Infrastructure team.


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Build an Automatic Canary Release Pipeline in a Kubernetes-native Way - Michael Maximilien, IBM
Tekton and Knative are two Kubernetes-native open source projects to extend Kubernetes capabilities. They have defined a series of powerful and flexible Kubernetes objects, in order to build CI/CD pipeline, to create event driven flows, and to manage serverless applications. This presentation will introduce and demonstrate how Tekton and Knative collaborate seamlessly to build an automatic canary release pipeline in a Kubernetes-native way.

In this session, you will learn how to monitor CI/CD events with Knative Eventing, how to extract information from events payloads and feed these information into a CI/CD pipeline with Tekton Trigger, how to define a k8s-style pipeline to build and deploy serverless applications with Tekton Pipeline, how to manage traffics with Knative Serving, and more importantly, how these components work together to build the automatic canary release pipeline.

Speakers
avatar for Michael Maximilien

Michael Maximilien

CTO, IBM Cloud
CTO for IBM driving platform-as-a-service and Serverless OSS projects across the company. Leader for all of IBM Serverless developers. Active member of the Knative community, one of four committers in Knative client project.


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Be a Good Corporate Citizen in Kubernetes - Dawn Foster, VMware
As an employee, it can be difficult to strike the right balance between the needs of the company and the needs of the open source Kubernetes project. This can create friction and put significant pressure on employees who participate in Kubernetes on behalf of their company when the needs of the individual, the company, and the community are not aligned. This talk will focus on ways to create this alignment between individuals, companies, and the community required to be successful participants in Kubernetes.

The talk contains three major sections:
* How collaboration happens within the Kubernetes project.
* How to build a strategy for participation that will benefit your company, your employees, and the Kubernetes community.
* Tips for being a good corporate citizen as you contribute to Kubernetes.

Speakers
avatar for Dawn Foster

Dawn Foster

Director of Open Source Community Strategy, VMware
Dawn is the Director of Open Source Community Strategy at VMware within the Open Source Program Office. She has 20+ years of experience at companies like Intel and Puppet with expertise in community building, strategy, open source software, metrics, and more. She is passionate about... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

34 Truths We Learned About Kubernetes and Edge - Saiyam Pathak, Walmart Labs & Karthik Gaekwad, Oracle
Running Kubernetes on the Edge has gained a lot of popularity this year, but it is still complicated to develop, deploy, and maintain at scale.

In this talk, the speakers will demo how to run Kubernetes on Raspberry Pi clusters at scale from their experiences at Walmart Labs and Oracle Cloud. They will demo machine learning use cases on Raspberry Pi's using the K3s distribution.

Further, they will go into details of why K3s might be a good fit for k8s running on edge scenarios, how it is different from the regular kubernetes distribution, and how it works under the hood.


Talk outline:
Introduction to kubernetes and Edge computing
Problems faced with Edge devices involving kubernetes
K3s solutions for the Edge
Demo: Running kubernetes on Raspberry Pi's using k3s
Challenges using k3s on edge devices
Speaker Recommendations for kubernetes on edge

Speakers
avatar for Karthik Gaekwad

Karthik Gaekwad

Principal Member of Techincal Staff, Oracle
Karthik Gaekwad is a veteran engineer who enjoys building software products using cloud and container technologies. He has worked in both large enterprises and startups with his career spanning National Instruments, Mentor Graphics, Signal Sciences, and StackEngine (acquired by Oracle... Read More →
avatar for Saiyam Pathak

Saiyam Pathak

Software Engineer, WalmartLabs
Saiyam is a Software Engineer working on a multi-cloud kubernetes project at Walmart Labs with a focus on creating and managing the Machine Learning ecosystem. Previously at HP and Oracle, Saiyam has worked on many facets of k8s including scaling, multi-cloud, managed k8s services... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Improving GPU Utilization with Kubeflow and Volcano at Tencent - Lei Xue, Tencent & Da Ma, Huawei
Tencent built a platform, named JiZhi, to run several kinds of machine learning workload, including AutoML, Game AI, CV, NLP and so on; most of those workloads are using GPUs in the platform. Considering the cost of GPU, its utilization is one of the key factors to the platform.

Currently, this platform is built based on Kubernetes; but there are several missing features, e.g. job lifecycle management, gang-scheduling, fair share. To bridge those gaps, we introduce KubeFlow into the platform for workload management, and introduce Volcano for advanced scheduling. We also did several enhancements to both Kubeflow & Volcano to improve the utilization of GPU over 10%.

In this presentation, we will talk:
1.) how we built a AI/ML platform with KubeFlow & Volcano
2.) what we have done on improving the utilization of GPU
3.) our next plan of this platform

Speakers
avatar for Da Ma

Da Ma

Software Architect, Huawei
Team leader, system architect, designer, software developer with 10+ years of experience across a variety of industries and technology bases, including cloud computing, machine learning, bigdata and financial services. Founding Volcano & kube-batch, Kubernetes SIG-Scheduling co-Leader... Read More →
avatar for Lei Xue

Lei Xue

Senior Software Engineer, Tencent
Lei Xue currently works as a senior software engineer at Tencent. Previously, Lei was a member of KataContainers/Hyper team and the AI platform Tech lead of Momenta. He is also the creator of KubeFlow caffe2-operator and contributor for many kubernetes projects.


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Building Docker Images with Cloud Native Buildpacks - Ben Hale, VMware & Terence Lee, Salesforce
In today’s cloud-native world, Docker Images are the lingua franca for platform portability. Unfortunately creating great, secure, and efficient images can be difficult and time consuming. In this talk, you'll learn about Cloud Native Buildpacks, a high-level abstraction for building application images. Buildpacks are a standardized tool for creating images in a secure, reproducible, and efficient manner. As an application developer, you don't need to know the best practices for command ordering to optimize layer reusability. As an operator, you will minimize the security hazards developers my introduce. Come learn how buildpacks meet developers at their source code, automate the delivery of both OS-level and application-level dependency upgrades, and help you efficiently handle day-two operations.

Speakers
avatar for Ben Hale

Ben Hale

Staff Engineer 2, VMware
Ben Hale leads Pivotal’s Java Cloud Foundry efforts including being a founding member of the Cloud Native Buildpacks CNCF Sandbox project and leading the Cloud Foundry Java Buildpack. In addition to this work, he’s very involved in the Reactive Programming scene founding the Reactive... Read More →
TL

Terence Lee

Principal Languages Engineer, Salesforce
Terence co-created buildpacks in 2011 at Heroku. Since then, he's owned the Ruby experience which has lead to work as the maintainer of Bundler, joining the Ruby core team, and the Ruby security team. Now, he works across all 6 supported languages on the platform.


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

CloudEvents - v1.0 and Beyond - Discovery/Subscriptions - Doug Davis, IBM & Clemens Vasters, Microsoft
With the release of CloudEvents v1.0 the project has now expanded its scope to consider other potential pain points for the community. To that end, the group is focusing on Event Discovery and Subscriptions APIs in the hopes of reducing the friction of discovering which events are available from Event Producers as well as how someone can subscribe to those receive those events. In this session we'll quickly summarize, and review, the status of CloudEvents and then jump into the goals, design and status of the new Discovery and Subscription APIs specification being developed.

Speakers
avatar for Doug Davis

Doug Davis

OM Knative, IBM
Doug works in IBM's Hybrid Cloud division. He's been working on Cloud related technologies for many years and has worked on many of the most popular OSS projects, including OpenStack, CloudFoundry, Docker and Kubernetes. He's currently the OM for Knative, co-chairing the CNCF's Serverless... Read More →
avatar for Clemens Vasters

Clemens Vasters

Principal Architect, Microsoft
Clemens Vasters is Lead Architect in Microsoft’s Azure Messaging team that builds and operates a fleet of hyper-scale messaging services, including Event Grid, Service Bus, and Event Hubs. Clemens represents Microsoft in messaging standardization in OASIS (AMQP) and CNCF (CloudEvents... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Intro to Rook: Storage for Kubernetes - Jared Watts, Upbound & Alexander Trost, Cloudical
In this talk, the Rook project will be introduced to attendees of all levels and experience. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook turns storage software into self-managing, self-scaling, and self-healing storage services. It does this by automating deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. The benefits and use cases of Rook will be explored along with an overview of each of the Rook storage providers: Ceph, EdgeFS, YugabyteDB, Cassandra, NFS, and CockroachDB. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.

Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by building the "open cloud". He is also a founder and maintainer for the open source Rook (https://rook.io) and Crossplane (https://crossplane.io) projects. Prior to Upbound, Jared... Read More →
avatar for Alexander Trost

Alexander Trost

DevOps Engineer, Cloudical
Currently Alexander is working for Cloudical Deutschland GmbH as a DevOps Engineer mostly focused on containerization and the Rook project. He is a Rook maintainer and works on several smaller Golang projects, such as the Dell Hardware Exporter for Prometheus (galexrt/dellhw_exporter... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Intro: Brigade - Ralph Squillace & Matt Butcher, Microsoft
Brigade is a lightweight, Kubernetes-native framework which allows the creation of event-driven workflows. Using JavaScript, Brigade chains together containers and controls their execution in an in-cluster scripting environment that enables easy error handling and data sharing. In this session, you will learn how to get started with Brigade, how to use the existing GitHub, CloudEvents and generic event support and integrate them in your workflow, and how different companies are using Brigade to automate their internal workflows (from code quality assessment and security scanning, to automatically generating preview environments for each pull request), and ultimately allow teams to build massively distributed workflows using a few lines of JavaScript. Finally, we will explore future plans and share the progress for the next major version of Brigade, 2.0.

Speakers
avatar for Ralph Squillace

Ralph Squillace

Principal Program Manager, Microsoft
Ralph Squillace is a Principal Program Manager for Microsoft, helping the team supporting Helm, Draft, Brigade, CNAB, and the Visual Studio Code Kubernetes extension in the Cloud Compute Team. He's worked in distributed computing for far too many years, and it shows. He's presented... Read More →
MB

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Developer at Microsoft, where he leads the team of open source developers that manage Helm, CNAB, Brigade, Porter, and several other projects. Matt has a Ph.D. in philosophy, and is the author of eight technical books. He’s also the co-author... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Intro: Harbor - Enterprise Cloud Native Artifact Registry - Alex Xu & Steven Ren, VMware
As container technology becomes widely adopted in the industry, how to manage containerized applications poses new challenges to platform engineers. One of the challenges is to securely and efficiently manage containerized application packages with either container image or Helm Chart format. Project Harbor is an open-source trusted cloud native registry project that stores, manages, signs, and scans content, thus resolving common image or Helm Chart management challenges. In this presentation, we will focus on the management of container images and Helm Charts through Harbor. We will review and provide solutions to the challenges faced by organizations, including RBAC (Role-Based Access Control), content replication, pluggable vulnerability scanning, large scale content distribution, content trust (notary), webhook, tag retention, online GC and DevOps integrations, etc.. Real-world use cases will be discussed in the session. Of course, fantastic demos will be shown to let you easily understand the related use cases.

Speakers
SR

Steven Ren

Senior Manager, VMware
AX

Alex Xu

Product Manager, VMware


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Kubernetes Storage SIG Intro - Saad Ali, Google
Join Kubernetes SIG Storage to learn about the areas of our focus, what we are working on currently, and how you can get involved. Veteran SIG Storage members will be on hand to help answer questions.

Speakers
avatar for Saad Ali

Saad Ali

Staff Software Engineer, Google
Saad Ali is a Staff Software Engineer at Google and member of the CNCF Technical Oversight Committee. He works on the open-source Kubernetes project, and has led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, and... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Securing Container Delivery with TUF - Lukas Puehringer, NYU
One of the most pressing security problems in cloud native is the secure delivery of container images. Common solutions addressing this problem live under the assumption that a signing key, used to protect an artifact or its distribution, is kept safe. But time has shown again and again that this assumption is faulty, and that a single key loss or compromise can cause enormous damage. That is why The Update Framework (TUF) was designed not only to prevent and detect attacks, but also with risk mitigation (reducing the damage from a successful attack) as a core principle. Being the first security-focused project to graduate in the CNCF, TUF is widely used both in and outside of the cloud ecosystem. In this talk we will describe the basic architecture of TUF including how TUF protects against a variety of real-world attacks on any software distribution infrastructure. We will show how even if an organization makes a security error (a server is hacked, a private key is checked into github, etc.), TUF can bring a repository back into a secure state.

Speakers
avatar for Lukas Puehringer

Lukas Puehringer

Research Associate, NYU
Lukas Puehringer is a research scholar and developer at NYU's Center for Cyber Security (CCS), where he leads the development of in-toto and has been co-maintaining several of Prof. Justin Cappos' software projects, such as The Update Framework (TUF) . Lukas has given talks about... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

SIG-CLI - Open Doors - Maciej Szulik, Red Hat
This session is intended for all interested in what SIG-CLI is and what it does. Whether you're fresh to Kubernetes or an old-timer you are more than welcome. This session will be fully interactive, and its contents will entirely rely on the expectations of the attendees. Topics will include, but are not limitted to: - Kubectl code tour which will provide basic knowledge for working on kubectl itself, as well as how to write kubectl plugins. - The main initiatives SIG-CLI is undertaking (splitting kubectl out of main Kubernetes repository, plugins - its development and management, resource configuration with kustomize, dynamic commands, etc.) - Gathering feedback and discussing problems people struggle the most with kubectl.

Speakers
avatar for Maciej Szulik

Maciej Szulik

Software Engineer, Red Hat
Maciej is a passionate developer with over 10 years of experience in many languages. Currently he's working on OpenShift and Kubernetes for Red Hat. Whereas at night he is hacking on side projects and CPython's IMAP library. In his spare time he organizes


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Network Isolation and Security Policies for Kubernetes Bare-metal Nodes - Girish Moodalbail, NVIDIA & Liel Shoshan, Mellanox
Running Kubernetes at scale in a multi-tenant Cloud requires strong network isolation and flexible stateful security policy enforcement for the bare-metal nodes used for both the tenant K8s clusters as well as in the Cloud control plane. Such isolation and security needs to be implemented in a way that consumes as little host resources as possible, while being immune to potentially malicious host root user. Additionally, the preferred implementation needs to be compatible with a high-performance (offloaded) K8s CNI. This presentation provides an overview of such an implementation for Software Defined (SDN) K8s node networking, based on Open Virtual Network (OVN) and Open vSwitch (OVS)) and offloaded to “bump-in-the-wire” Smart NICs .

Speakers
GM

Girish Moodalbail

Principal Software Engineer, NVIDIA
Girish Moodalbail is a Principal Software Engineer at Nvidia Inc. Girish is responsible for building Kubernetes based GPU compute for gaming with low-latency, high-throughput, reliable, scalable, and secure networking build using OVS, OVN, and Smart NICs. Girish has over 15 years... Read More →
LS

Liel Shoshan

Senior Architect, Mellanox
Liel Shoshan is a senior SW architect at Mellanox Technologies. Ms. Shoshan is responsible for software and system architecture of cloud related networking solutions in the areas of Kubernetes and Open Vswitch (OVS), with emphasis on Single Root I/O Virtualization (SR-IOV), SDN, DPDK... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

ClusterAPI: A Guide to Get Started - Katie Gamanji, Condé Nast
In the past years, Kubernetes has been the nucleus of container orchestration frameworks. With the growing number of microservices, managing clusters at scale has become an imperative requirement. Additionally, from a technological landscape standpoint, the cloud platform teams are highly focused on delivering scalable, reliable and highly available platforms.
At Condé Nast, this constitutes in having a stable and coherent approach to deploy, manage and upgrade multiple Kubernetes clusters that are distributed globally. Also, it is imperative to keep the life-cycle management of the clusters consistent across all regions. Henceforth, this talk aims to present an overview of how Condé Nast prototypes tools, such as ClusterAPI, to ensure a sustainable cluster provisioning mechanism.

Speakers
avatar for Katie Gamanji

Katie Gamanji

Cloud Platform Engineer, American Express
Currently a Cloud Platform Engineer at American Express. Former cloud platforms engineer at Condé Nast, that contributed to the creation of a centralized, globally distributed platform, with Kubernetes as its centerpiece. In the past worked on maintaining and automating site delivery... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Startup Containers in Lightning Speed with Lazy Image Distribution - Kohei Tokunaga, NTT
Pulling image is one of the time-consuming steps in the container startup process. The most critical factor is the current OCI Image Spec with which a container cannot be started until its all image layers are downloaded. However, most of the contents in image layers are not being used for real-world workloads.

In this talk, Kohei will show state-of-the-art alternative image formats which lead to faster container startup by allowing container runtimes to start a container without waiting for all its contents to be locally available. He will also introduce CNCF containerd's fast image distribution approach "Remote Snapshotter" which leverages these formats (https://github.com/containerd/containerd/issues/3731). Finally, he will share the status of his current work on the remote snapshotter implementation and how to take advantage of the new functionality.

Speakers
avatar for Kohei Tokunaga

Kohei Tokunaga

Software Engineer, NTT
Kohei Tokunaga is a software engineer at NTT Corporation, a Japan-based telecommunication company. He is working on research of containers, especially performance improvement of runtimes including CNCF containerd. He has talked about container runtime topics mainly in Japanese events... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

The Kubernetes Bug Bounty Program - What Researchers and Users Need to Know - Taahir Ahmed, Google & Reed Loden, HackerOne
In January, Kubernetes launched a bug bounty program (BBP), creating a centralized way for security researchers to report vulnerabilities they find in products in exchange for monetary rewards. Just as many organizations support open source by hiring developers, paying bug bounties directly supports security researchers. The Kubernetes BBP is particularly interesting as it’s still rare for a large scale, open-source infrastructure project to have a public BBP.

In this talk, we’ll cover what a BBP is and what it means for Kubernetes. We’ll cover vendor selection for the bug bounty, defining the scope and rewards, learnings from the private beta, and what you need to know as a researcher and user today. We’ll also reiterate how the Product Security Committee responds to new vulnerabilities, so you know what’s being done to keep clusters safe.

Speakers
avatar for Reed Loden

Reed Loden

Director of Security, HackerOne
Reed Loden is the Director of Security at HackerOne, the #1 hacker-powered security platform. He is an information security expert, hacker, and developer. Reed brings over 14 years of security experience to his role at HackerOne where he is charged with protecting the company’s... Read More →
TA

Taahir Ahmed

Software Engineer, GKE Security, Google
Taahir Ahmed is a Software Engineer with the GKE Security team in Google Cloud. He is an active contributor to Kubernetes, as well as other open-source projects. Prior to his work on GKE, he worked on software and security certification at Amazon.


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

It’s a Polyglot World of Stateless Functions and Stateful Actors - Yaron Schneider & Aman Bhardwaj, Microsoft
Serverless applications are becoming dominate, but all too often they fall short by only supporting stateless functions, when most applications are polyglot in nature and combine both stateless and stateful services. What’s more when you write code, it's not portable across different clouds and hosting platforms. In this session we will dive into the Distributed Application Runtime, Dapr, an open source, vendor neutral project that has gained community attention as it enables developers to combine highly portable, stateless functions and stateful actors using any language or developer framework of their choice. With built in state management, distributed tracing based on Open Telemetry and pub/sub based on Cloud Events you can take advantage of Dapr to build highly available serverless applications that run on any cloud.

Speakers
AB

Aman Bhardwaj

Principal Engineering Manager, Microsoft
Aman is a principal engineering manager working with Azure Container Compute team building programming models for distributed microservices applications and is an OSS advocate. He has built several actor developer frameworks in different language that have enabled developers to build... Read More →
YS

Yaron Schneider

Principal Software Engineer, Microsoft
Yaron is a principal software engineer working on OSS technologies in the Azure incubations team. He is a core maintainer on the Distributed Application Runtime, Dapr https://github.com/dapr and the KEDA https://github.com/kedacore/keda projects. Yaron likes to write lots of code... Read More →


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Envoy, Take the Wheel: Real-time Adaptive Circuit Breaking - Tony Allen, Lyft
Modern service mesh deployments are equipped with hundreds of tunables, such as timeouts and circuit breakers. Finding ideal initial values requires deep technical expertise. Workloads change over time, requiring regular effort to re-tune stale parameters. As a consequence, configuration errors have become a source of operational toil and one of the major causes of system failures across the industry. The service mesh should aim to expose a minimal configuration surface by dynamically adjusting parameters based on observations.

Tony Allen will provide a deep-dive into how Envoy’s Adaptive Concurrency Control feature dynamically tunes circuit breaker thresholds using real-time sampling of request latencies, removing the need for periodic adjustment. He will also discuss lessons learned deploying the feature to Lyft’s production service mesh.

Speakers
TA

Tony Allen

Software Engineer, Lyft


Tuesday August 18, 2020 11:05 - 11:40
TBA

11:05

Tutorial: Getting Started With Cloud Native Security - Liz Rice, Aqua Security & Michael Hausenblas, Amazon
This tutorial will get you off the ground with Kubernetes security basics, using live demos and examples to work through yourself.

We’ll start with possible attack vectors, to help you map out the threat model that applies to your cluster, so you can figure out where you need to focus your efforts for security.

We’ll show you how to compromise a deployment with a pod running with a known vulnerability. Once you’ve had the attacker’s eye-view, we’ll walk you through the most important techniques and open source tools to prevent compromise.

· Using secure Kubernetes settings
· Including vulnerability scanning in your workflow
· Configuring pods to run securely (eg avoiding unnecessary privileges)
· Using GitOps to restrict user access to your cluster and provide an audit trail

You’ll leave this tutorial armed with practical actions for securing your deployment.

Speakers
avatar for Liz Rice

Liz Rice

Vice President, Open Source Engineering, Aqua Security
Liz Rice is VP Open Source Engineering at cloud native security specialists Aqua Security. She also chairs the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon in 2018. She has a wealth of software engineering experience working on network protocols... Read More →
avatar for Michael Hausenblas

Michael Hausenblas

Developer Advocate, Amazon Web Services
Michael is a Developer Advocate at AWS, part of the container service team, focusing on container security. Michael shares his experience around cloud native infrastructure and apps through demos, blog posts, books, and public speaking engagements as well as contributes to open source... Read More →


Tuesday August 18, 2020 11:05 - 12:35
TBA

12:00

Welcome to CloudLand! An Illustrated Intro to the Cloud Native Landscape - Kaslin Fields, Google
Like a kid in a theme park, the number of shiny exciting new technologies teams encounter as they move into and re-architect for the cloud can be overwhelming. Thus we welcome you, to CloudLand! Adopting the cloud comes with a lot of questions to explore and tools to learn. Why should I care about "Cloud Native?" What technologies count as “Cloud Native?" What Cloud Native technologies does my team/business need and why? Through colorful illustrations and a memorable theme park analogy, you will learn:
How to identify "Cloud Native" technology and why it matters,
The key characteristics of categories of technologies from the CNCF Landscape,
And get an introduction to many of the individual CNCF projects that fill in the Cloud Native Landscape.

Speakers
avatar for Kaslin Fields

Kaslin Fields

Developer Advocate, Google
Kaslin is a Container Enthusiast, Cloud Native Computing Foundation (CNCF) Ambassador, and comic artist/writer. She takes her experience working with individuals and businesses undergoing transformations to the cloud, and explains those technical concepts via hand-drawn comics (available... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Deliver Your Cloud Native Application with Design Pattern as Code - Jun Makishi & Rintaro Sekino, NTT Communications
As Cloud Native landscape is evolving, and many practices become outdated quickly, it is hard to follow best practices for integrating Cloud Native tools.
NTT Communications has introduced a new idea to manage such integration: Design Pattern as Code. We break a Cloud Native architecture into a small portion of design pattern per context to make it reusable and composable. As this approach enables sharing a well designed and maintained integration pattern across organizations, our software delivery becomes safe and scalable.
We will throw a live demo to build an application from some practical design patterns to turn it to Cloud Native application and delivery it to production safely.
We leverage Tekton, Cuelang, and many other Open Source tools, and we will give all participants our insight to use those tools to achieve such scalable application delivery

Speakers
avatar for Jun Makishi

Jun Makishi

Senior Architect, NTT Communications
Jun Makishi is a senior architect at NTT Communications. Leading multiple NTT's SDN projects for 6 years, he has archived to create a software defined networking platform for enterprise cloud. Leveraging this experience, he has joined a DevOps platform project as a platform archi... Read More →
avatar for Rintaro Sekino

Rintaro Sekino

Site Reliability Engineer, NTT Communications
Rintaro Sekino is a SRE at NTT Communications. Making CI/CD pipelines to improve a product release cycle, he has joined a DevOps platform project as a DevOps lead.Previously, he was working on SDN controller development for enterprise cloud. Also has 4 years experiences of carrier... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Deploying K8s to an Airgapped Data Center - Connie Wang, GE
GE has a lot of industrial customers, to say the least. With increasing data restrictions and concerns about data sovereignty, on prem (private cloud) solutions have been gaining traction. In this session, Connie will address the biggest pain points of translating an industrial application platform available in public cloud into an air-gapped environment, without compromising any features. The adventure begins with a Kubernetes cluster, software defined storage provider, stateful workloads (Postgres, Cassandra, Kafka), and ultimately the application. With each component that’s deployed, there are unique challenges that arise from being on prem and others that originate from not having internet. In this talk, Connie will discuss those challenges and solutions that GE implemented on this years-long journey into the private cloud.

Speakers
CW

Connie Wang

Sr Software Engineer, GE
Connie has been a software engineer at GE for 4 years, and is currently working as an engineer on the platform team, which is responsible for managing Kubernetes clusters for the rest of the business. She is focused on building tools to help developers and services make the transition... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Hit the Easy Button! Cloud Native Deployment for the Masses - Steve Judkins, Independent
To use electricity, you need to know about plugs, switches, and not putting your finger in the socket. Managed Kubernetes is reaching a similar level of utility like maturity where developers won’t need much upfront knowledge about it’s internals in order to use it in development and production. This talk will show examples of modern GitOps pipelines where Kubernetes’ declarative management is used for managing the apps running in clusters and the cloud providers. Bryan Liles’ threw down the gauntlet in his thought provoking KubeCon NA 2019 keynote “In search of the Kubernetes’ ‘Rails’ moment. This talk is for developers who may be new to Kubernetes and cloud native development. In this talk we’ll show how new developers can stay on the rails when deploying complex cloud native applications with minimal knowledge of Kubernetes.

Speakers
avatar for Steve Judkins

Steve Judkins

Independent
Steve was previously at Upbound, where he worked on advancing cloud-native computing by \"freeing the cloud\". Prior to Upbound, Steve was a principal architect and program manager for end-user facing cloud services at Comcast Technology Solutions, a search startup co-founder and... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Effective Kubernetes Onboarding - Kathleen Juell, DigitalOcean
Kubernetes has a steep learning curve, but many teams need to learn Kubernetes – quickly. This talk will cover strategies for onboarding developers to Kubernetes, taken from DigitalOcean's Developer Education team – the producers of DO's Community tutorials – and the Community Platform team, which develops the Community application. It will include 1. Core concepts and insights from DO's new Kubernetes for Full-Stack Developers curriculum; 2. An on-the-ground perspective taken from the Community Platform team's migration from a traditional VM environment to Kubernetes.

Key concepts the talk will cover:
1. How to onboard teams successfully by establishing knowledge baselines and effectively organizing, structuring, and delivering Kubernetes concepts.
2. How to situate Kubernetes in a larger arc of application development and integrate it into an existing development workflow.

Speakers
avatar for Kathleen Juell

Kathleen Juell

Rails Developer, Community, DigitalOcean
Kathleen Juell is a Rails Developer on the Web Platforms team at DigitalOcean. She co-designed and contributed to the new Kubernetes for Full-Stack Developers curriculum, and worked on migrating DigitalOcean\\\'s Community Platform to Kubernetes. The talk will be a blend of perspectives... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

A Hard Multi-tenancy Solution: Use Case, Challenges and Work - Xiaoning Ding & Qian Chen, Futurewei
Multi-tenancy enables multiple organizations or teams to share the same cluster. There are different proposed multi-tenancy models in Kubernetes for different use cases, from soft-tenancy models where tenants trust each other to hard-tenancy models with no trust among tenants.

In this session, Xiaoning and Qian will share their use case of multi-tenant Kubernetes, where they share clusters with public cloud users. There is no trust among these users and a strong isolation among tenants is a must. They will talk about the use case, challenges, work, and also experience and lessons they learned from building such a hard multi-tenant cluster. And they will conclude the talk with a demo.

Speakers
QC

Qian Chen

Sr.Staff Software Engineer, Futurewei
Qian Chen is a staff cloud development engineer in Futurewei Technologies. Right now she is working on the multi-tenancy project in Kubernetes. She has been working as a software developer in Microsoft and Amazon. She has a Ph.D degree from National University of Singapore.
XD

Xiaoning Ding

Sr.Principal Architect, Futurewei
Xiaoning Ding is a senior principal architect and a senior director in Futurewei Technologies. He is leading the research and development projects about cloud infrastructure, including large-scale computing clusters, container technology and cloud networking. Xiaoning previously worked... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Towards a Container-Native GPU Sharing Solution with Cgroup - Kenny Ho, AMD
With the introduction of KubeFlow and KFServing, deployments of machine learning workloads on Kubernetes are growing. While GPU is an effective tool to accelerate machine learning workloads, it can potentially be costly. There are many requests for the ability to share GPUs to improve cost efficiency. This talk will give an overview of the Linux kernel control-group (cgroup) subsystem in the context of Kubernetes and the container ecosystem. It will also discuss a proposal to add a cgroup controller to support GPU devices as cgroup resources.

Speakers
KH

Kenny Ho

Senior Staff, Software Engineering, AMD
A software engineer at AMD, Kenny is the author of AMD GPU Device Plugin for Kubernetes. He is also an occasional contributor to Gerrit Code Review.


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Anatomy of a Kubernetes Release: Success Through Team and Tools - Sascha Grunert, SUSE & Daniel Mangum, Upbound
As Kubernetes is one of the biggest open-source projects worldwide, the creation of a new release can be an overwhelming topic. The major burden is not only to release a new version every three months, but also to provide stability and security fixes over the whole support period of a release. In this talk, we will cover the details behind the lifecycle of a Kubernetes release. The presentation will contain everything from assembling the Release Team before the actual cycle begins up to maintaining the release branches, which provide continuous patch releases to the community. The talk will outline the technical process of branch management by covering all of the necessary stages during the release cycle. We will also demonstrate our Release Engineering tooling and dive into the design decisions we’ve made as a group that shape the overall process.

Speakers
avatar for Daniel Mangum

Daniel Mangum

Software Engineer, Upbound
Daniel is a software engineer at Upbound where he works on the open source Crossplane project. He also serves on the Kubernetes release team, and is an active contributor to the Kubernetes project and multiple other open source efforts. He hosts a biweekly live stream show, The Binding... Read More →
avatar for Sascha Grunert

Sascha Grunert

Senior Software Engineer, SUSE
Sascha is a Senior Software Engineer at SUSE, where he works on many different container related open-source projects like Kubernetes and CRI-O. He joined the open-source community in November 2018, having gained container experience before joining SUSE. Sascha's passions include... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Birds of a Feather: CNCF CI Working Group - Lucina Stricko & W. Watson, Vulk Coop
In this session, the CNCF CI Working Group will provide an update to the community on several efforts to improve CI within the CNCF ecosystem. We’ll review conformance tests for Cloud Native Network Functions (CNFs), CI for the CNF Testbed, collaboration with CD Foundation’s Interoperability SIG, and share some future plans for the CNCF CI Status Dashboard, cncf.ci. Then we'll turn this into a BoF session where we'd like to hear from the community about some of the pain points people are seeing with respect to CI.

Speakers
avatar for W. Watson

W. Watson

Principal Developer, Vulk Cooperative
Wavell Watson has been professionally developing software for 23 years.He has spent the numerous years studying game theory and other business expertise in pursuit of the perfect organizational structure for software co-operatives. He also founded the Austin Software Cooperatives... Read More →
avatar for Lucina Stricko

Lucina Stricko

Executive Director of Product Excellence, Vulk Coop
Lucina Stricko is a co-owner at Vulk Co-operative (vulk.coop), Product Owner of the CNCF CI Status Dashboard (cncf.ci) and contributor to the CNF Testbed. Lucina uses her Product Owner skills and empathy to combine features, priorities, and project plans to best serve the end user... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Introduction to CNI, the Container Network Interface Project - Piotr Skamruk, Travelping & Bryan Boreham, Weaveworks
CNI, the Container Network Interface, is a small but critical piece of infrastructure linking runtimes such as Kubernetes and CloudFoundry to dozens of different container network implementations. This session is aimed at users and developers who have little previous knowledge of container networking. Attendees will hear: - A broad overview of what CNI is - What the CNCF-hosted CNI project has delivered - How CNI relates to Kubernetes - How they can get more involved in the project

Speakers
avatar for Bryan Boreham

Bryan Boreham

Director of Engineering, Weaveworks
Bryan is Director of Engineering at Weaveworks, delivering deployment, observability and monitoring for containers and microservices. After first getting into programming as a kid, creating a video game called "Splat", Bryan's career has ranged from charting pie sales at a bakery... Read More →
avatar for Piotr Skamruk

Piotr Skamruk

Software Engineer, Travelping
Piotr is a long-time GNU/Linux and Forth language enthusiast, sys administrator and sys developer. He has worked on kernel sources, backend apps and even on frontends in a wide variety of languages. At Intel he did the kvm flavor for CoreOS RKT, enabling it to run containers on VMs... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Introduction to Data Protection WG in Kubernetes - Xing Yang, VMware & Xiangqian Yu, Google
Data Protection WG in Kubernetes was formed following discussions at KubeCon in San Diego. This is a Working Group dedicated to promoting data protection support in Kubernetes, identifying missing functionality and working together across multiple SIGs to design features to enable data protection in Kubernetes. In this session, the co-chairs of this WG will explain the motivation behind the formation of this WG, the charter of this WG, who are involved, what is the current state of data protection in Kubernetes and where it is heading in the future. They will also talk about how interested parties (including backup and storage vendors, application developers, and end users, etc.) can join this WG and contribute to this effort. Details of the WG can be found here: https://github.com/kubernetes/community/tree/master/wg-data-protection.

Speakers
avatar for Xing Yang

Xing Yang

Tech Lead, VMware
Xing Yang is a Tech Lead in the Cloud Native Storage team at VMware. She is a co-chair of the Kubernetes Storage SIG, a co-lead of the Data Protection WG, and a maintainer in Kubernetes CSI. She is also a Tech Lead in the CNCF Storage SIG. Before joining VMware, Xing was the Lead... Read More →
XY

Xiangqian Yu

Software Engineer, Google


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Jaeger Intro - Pavol Loffay, Red Hat & Ben Sigelman, LightStep
This session is an introduction to Jaeger and distributed tracing. We will do a demo of the current Jaeger features, talk about the roadmap, and finish with a Q&A. After this session the attendees should better understand how Jaeger fits in the observability space for cloud native applications. For more information on the project everybody is welcome to attend the Jaeger Deep Dive Session.

Speakers
avatar for Ben Sigelman

Ben Sigelman

Co-founder and CEO, LightStep
Ben Sigelman is a co-founder and the CEO at LightStep, a co-creator of Dapper (Google’s distributed tracing system), and co-creator of the OpenTracing and OpenTelemetry projects (both part of the CNCF). Ben's work and interests gravitate towards observability, especially where microservices... Read More →
avatar for Pavol Loffay

Pavol Loffay

Senior software engineer, Red Hat


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Kubernetes VMware User Group Intro: Best Practices for Running on VMware - Steven Wong & Myles Gray, VMware
This will be an inaugural presentation by organizers and members of the recently formed Kubernetes VMware User Group. This group addresses running all forms of Kubernetes on VMware infrastructure. Come to this session if you want to meet other users, along with those who develop, test and support running K8s on vSphere and desktop hypervisors. This group is also here to support those building/using cluster installation tooling for VMware hypervisors. Agenda: - Intro to the vSphere cloud provider and related storage plugins - Recent features/changes: What are they? How to use them? - Running Kubernetes on "desktop" hypervisors - How to get involved in the User Group

Speakers
avatar for Steven Wong

Steven Wong

Open Source Software Engineer, VMware
Steve Wong has been active in the Kubernetes and Apache Mesos communities since 2015. He is a co-organizer of the IoT and Edge Working Group and a co-chair of the VMware User Group on the Kubernetes project. He is a past speaker at KubeCon, MesosCon, Open Source Summit, SCALE, and... Read More →
avatar for Myles Gray

Myles Gray

Senior Technical Marketing Architect, Storage Products, VMware


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Scaling Prometheus: How We Got Some Thanos Into Cortex - Thor Hansen, DigitalOcean & Marco Pracucci, Grafana Labs
Cortex is a long term storage for Prometheus, designed for scalability, multi-tenancy and high-availability. It can reliably ingest and query millions of time series per second with sub-second latency. The current storage design uses a NoSQL store to index series and an object store for compressed time series data - two dependencies, and one with significant cost implications. In this talk we will show the new experimental Cortex blocks storage, based on Thanos and Prometheus TSDB, aiming to reduce the Cortex operational cost without compromising scalability and performances. We’ll cover the trade-off between the standard chunks storage and the new blocks storage, and share lessons learned running Cortex at scale. Cortex is a CNCF sandbox project.

Speakers
avatar for Marco Pracucci

Marco Pracucci

Software Engineer, Grafana Labs
I love challenges, building products, distributed systems and all things observability. Cortex maintainer. Grafana Loki and Thanos contributor.
avatar for Thor Hansen

Thor Hansen

Software Engineer, Hashicorp
I\'m a software engineer at Hashicorp. I love all things open source, distributed systems, corgis, and metrics and observability. Cortex contributor.


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Vitess Intro: How to Migrate a MySQL Database to Vitess - Sugu Sougoumarane. & Morgan Tocker, PlanetScale
Vitess is a database clustering system for horizontal scaling MySQL. This session will cover a high level overview of all the Vitess features, the architecture, and what database workloads are a good fit. We will then walk through a demo of live-migrating an existing MySQL installation into Vitess. Because Vitess also speaks the MySQL protocol, it is easy to retrofit scaling into your existing database systems.

Speakers
avatar for Sugu Sougoumarane

Sugu Sougoumarane

CTO, PlanetScale
Sugu is CTO at PlanetScale. He is also the lead developer and community leader of the Vitess open source project which he co-created at Youtube in 2010. Vitess has helped multiple companies scale MySQL massively. Prior to Vitess, he worked on various scaling and infrastructure projects... Read More →
MT

Morgan Tocker

Community Development Manager, Planetscale, Inc.


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Building the Cloud Native Telco with Network Service Mesh - Ivana Atanasova & Radoslav Dimitrov, VMware
Nowadays, the rapid technology development, significant increase of the number of connected devices and overall generated traffic, are challenging the networking solutions to evolve fast. Those solutions would hardly meet the higher demands for scalability and resiliency without adopting a cloud-native approach. Therefore, network service providers, like ISPs and Telco operators, are at the point of looking for a way to adopt the new cloud-native paradigm for their sophisticated network demands. Network Service Mesh is a CNCF project that offers a potential solution. In this talk we are going to introduce the approach Network Service Mesh is using to solve complicated L2/L3 challenges in Kubernetes and provide an example of building real cloud-native network topology using the tools provided by the NSM project. We are also going to show a demo of that topology implementation with NSM.

Speakers
avatar for Ivana Atanasova

Ivana Atanasova

Open Source Engineer, VMware
Ivana Atanasova is part of the VMware's Open Source Program Office. She's been contributing to OpenFaaS as a project member and later became contributor to Network Service Mesh. She's been speaking to various events including Open Source Summit and KubeCon
avatar for Radoslav Dimitrov

Radoslav Dimitrov

Open Source Engineer, VMware
Radoslav Dimitrov is working as a full-time Open Source Software Engineer at VMware. Currently, he’s contributing to the Network Service Mesh project, but before that, he was working on other open-source projects like OpenStack, OPNFV, QEMU and OpenFaaS. He has spoken at previous... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Multi-cluster Management: Lessons Learnt and Best Practices - Mohammed Naser, VEXXHOST Inc.
With Kubernetes Clusters deployed all over the world, we are here to share our experiences and lessons learnt through years of experience in multi-cluster management. The idea is to keep everything in check through mindful architectural decisions. While maintaining Kubernetes clusters, these decisions range from deployment to security to access and much more. In deployment, essential factors are the installation tools, management of the bare metal hardware, air-gapped deployments and even ensuring that the clusters are up to date. For security, effective management of role-based access control can also affect cluster management. We intend to share the strategies behind this decision-making process and the factors within to make multi-cluster management more efficient for all. The presentation comes from our trials and demonstrates our learning curve that everyone can take back from.

Speakers
avatar for Mohammed Naser

Mohammed Naser

CEO, VEXXHOST Inc.
Mohammed Naser, CEO of VEXXHOST, has had the chance to work with customers ranging from growing small businesses to solutions for large Fortune 500 companies, based on OpenStack. He has been a contributor to the OpenStack project since 2011 and has contributed code to almost every... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Kubernetes On Cgroup v2 - Giuseppe Scrivano, Red Hat
This talk will go over the current status of cgroups v2 in the Kubernetes and container ecosystem.

Efforts are underway to enable cgroups v2 in containers runtimes and up the stack in Kubernetes so users can benefit from new kernel features such as PSI and have better OOM handling through using projects such as oomd.

Particular focus will be placed on the changes required in the OCI (Open Container Initiative) specifications and how the containers runtime must be adapted to use the new version.

Speakers
GS

Giuseppe Scrivano

Principal Software Engineer, Red Hat
Giuseppe is a Principal Software Engineer at Red Hat where he works in the containers runtime team on projects such as Podman and CRI-O. In the last year, his main focus was on rootless containers and cgroup v2 support.


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Hey, Did You Hear About This New CVE? - A Vulnerability Response Playbook - Andrew Lytvynov, Independent & Alexandr Tcherniakhovski, Google
Kubernetes provides a lot of great ways to harden the security of your infrastructure. But despite how much you have it locked down, things will inevitably go wrong. Hope is not a strategy, so you need a contingency plan.
In this prescriptive talk, you will learn how to prepare for complex vulnerabilities (like the Intel speculative execution or Go HTTP/2 DoS vulnerabilities), mitigate them and clean up afterwards. We’ll share our experiences with the GKE fleet, dealing with newly announced vulnerabilities, and lessons learned balancing both security and reliability of workloads.
You will learn how to develop a response playbook for vulnerabilities. You will also learn about the tools that Kubernetes provides to help make your vulnerability response less hectic, such as audit logs, network policies and RBAC.

This talk will not cover live attacks (attackers in your infrastructure).

Speakers
avatar for Alexandr Tcherniakhovski

Alexandr Tcherniakhovski

Engineer, Google
Alex is a Security Engineer at Google, working on Kubernetes Engine Security team. Alex focuses on the encryption at rest features of Kubernetes. Alex also an owner of encryption of rest feature in Kubernetes. Before Google, Alex worked at Microsoft in various security roles. Outside... Read More →
avatar for Andrew Lytvynov

Andrew Lytvynov

Software Engineer, Independent


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Cloud Event Horizon - Ian Coffey, Salesforce
Serverless and event driven tech continues to emerge as a fascinating and quickly growing area of focus for kubernetes developers.

In this session, we will work together to construct and operate two distributed systems with the goal of demonstrating how CloudEvents fit into a modern serverless platform, alongside other popular and powerful projects. Together, we will go deep inside the implementation details of the projects and see what these running systems look like under the hood.

In our first scenario, we will craft a event-driven "shopping-cart" workflow that implements the CloudEvents, Vitess and Nats projects to put a spotlight on how these projects might be used in a serverless environment.

In the second scenario, we will build a flexible CI/CD system using CloudEvents along with Tekton Pipelines and Triggers to craft some truly inspiring automation!

Speakers
avatar for Ian Coffey

Ian Coffey

LMTS, Salesforce
Ian Coffey has been in the platform and infrastructure business for 16 years and currently writes code for Heroku at Salesforce. Away from work, Ian’s free time is usually spent adventuring with his wife and two little girls. He has an affinity for small VW/Audis, vintage Ampegs... Read More →


Tuesday August 18, 2020 12:00 - 12:35
TBA

12:00

Mutual TLS Adoption Made Simple, Safe and Secure - Lizan Zhou, Tetrate & Jianfei Hu, Google
Rolling out mutual TLS to service meshes is challenging. In the real world, service mesh adoptions are incremental. Services deployment are heterogenous, consisting of workloads with or without sidecar, able or unable to speak mutual TLS, on both client and server side. Coordinating the mutual TLS rolling out with service mesh adoption is hard.

In this talk, Jianfei and Lizan will explain the lessons learned from the last several years experience. Specifically, we walk through Envoy innovations to address the problem on both client and server side: TLS sniffing on the server side and per endpoint mutual TLS labeling mechanism on the client side. In the end, we show how these techniques combined together to offer a frictionless user journey to adopt mutual TLS safely.

Speakers
avatar for Lizan Zhou

Lizan Zhou

Software Engineer, Tetrate
Lizan Zhou is a Founding Engineer at Tetrate leading traffic management. He is a senior maintainer of Envoy and one of the core contributors of Istio. Previously he was working at Google Cloud, during his time at Google he worked on security and networking on Istio and Cloud Endpoints... Read More →
JH

Jianfei Hu

Software Engineer, Google
Jianfei Hu is a Google software engineer, working on Istio. Since beginning, he\'s been working on improving mutual TLS adoption experience. Before that, he works on Google App Engine and Serverless products.


Tuesday August 18, 2020 12:00 - 12:35
TBA

14:35

Panel: Ask Me Anything About Service Mesh - Lin Sun & Daniel Berg IBM; Christian Posta, Solo.io; Oliver Gould, Buoyant; & Sven Mawson, Google
As part of the cloud native journey, users are leveraging service mesh to solve the rising challenges of microservices in a consistent manner such as how to observe microservices, how to handle network failures, how to control traffic and how to secure microservices etc. without redeploying their services. Join us for a live interactive session where our panel of service mesh experts will address your most challenging inquiries around service mesh!

Speakers
avatar for Daniel Berg

Daniel Berg

Distinguished Engineer, IBM
Daniel is an IBM Distinguished Engineer responsible for the container and service mesh technical strategy within IBM Cloud. He has direct responsibility for the technical architecture and delivery of the IBM Cloud Kubernetes Service providing managed Kubernetes clusters worldwide... Read More →
avatar for Oliver Gould

Oliver Gould

CTO, Buoyant
Oliver Gould is a core maintainer of Linkerd, and is the co-founder and CTO of Buoyant, where he leads open source development efforts. Prior to Buoyant, he was a staff infrastructure engineer at Twitter, where he was the tech lead of Observability, Traffic, and Configuration & Coordination... Read More →
avatar for Lin Sun

Lin Sun

Senior Technical Staff Member, IBM
Lin has been working on container and cloud-native since 2014 from Docker to Kubernetes to Service Mesh. She is currently an Istio maintainer, a member of the Istio steering committee and technical oversight committee. She is passionate about new technologies and loves to play with... Read More →
avatar for Sven Mawson

Sven Mawson

Senior Staff Software Engineer, Google
Sven is one of the founders of Istio, the open source Service Mesh, and he is a Senior Staff Software Engineer at Google. He joined Google in 2006, and has spent the past 10+ years working on several generations of Google's API and Service Management platforms, beginning with the... Read More →
avatar for Christian Posta

Christian Posta

Field CTO, Solo.io
Christian Posta (@christianposta) is Global Field CTO at Solo.io, former Chief Architect at Red Hat, and well known in the community for being an author (Istio in Action, Manning, Istio Service Mesh, O'Reilly 2018, Microservices for Java Developers, O’Reilly 2016), frequent blogger... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Panel: App Management on K8s: The Good, the Bad and the Ugly - Matt Butcher & MacKenzie Olson, Microsoft; & Jian He, Alibaba
For developers and application operators, writing microservices on k8s can be a rollercoaster. While accomplishing simple tasks can be easy, the amount of YAML/complexity with k8s resources can get out of hand quickly. The panel consists of people who have worked on and launched multiple open source projects which focus on making k8s easy for app building including Helm, OAM, Dapr, OpenKruise, CNAB and SMI. From their experience with these projects and working with end users, learn about some of the good, bad and ugly of managing applications on k8s today and tomorrow. Panel topics:
* How to set up developers for success on a k8s based platform
* What does it mean to write a good cloud native application? This is a subjective topic and will be open for discussion
* Challenges faced managing applications using the tools
* Horror stories+lessons learned from building complex apps on k8s

Speakers
JH

Jian He

Staff Engineer, Alibaba
Jian He is a Staff Engineer at Alibaba where he works on container infrastructure to support Alibaba ecosystem. Prior to that, he worked at Hortonworks where he mainly works on Hadoop and is a Hadoop committer and PMC member. Jian He graduated from Brown University in Computer Sc... Read More →
MB

Matt Butcher

Principal Software Engineer, Microsoft
Matt Butcher is a Principal Software Developer at Microsoft, where he leads the team of open source developers that manage Helm, CNAB, Brigade, Porter, and several other projects. Matt has a Ph.D. in philosophy, and is the author of eight technical books. He’s also the co-author... Read More →
MO

MacKenzie Olson

PM, Microsoft Azure


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Live Migration of Production Workloads from Apache Mesos PaaS to Kubernetes - Maria Camacho & Gufran Lutful, Nokia
In 2018 we started the migration of production workloads on our cloud-native big data analytics platform (PaaS) from Apache Mesos and Marathon to K8s.

Nokia has multiple production PaaS instances in its datacenters across the globe with various production workloads, including a distributed analytics engine, production databases, data streams and ML applications. These workloads are critical to telecom data scientists requiring high performance, availability and reliability without disrupting continuous delivery of big data services.

We want to share the story and lessons learnt when migrating production workloads to K8s while maintaining performance and reliability, and at the same time delivering new services to our demanding users.

You will hear how we seamlessly shared cloud resources, network traffic, internal DNS and telemetry systems between two orchestrators in production.

Speakers
avatar for Maria Camacho

Maria Camacho

Software Architect, Nokia
Software Architect, Nokia Software Architect with focus on cloud-native DevOps and automation, analytics platforms, performance, Container runtime, Kubernetes deployment and operations. Currently a member in the Nokia Software team building and automating digital operations software... Read More →
avatar for Gufran Lutful

Gufran Lutful

Software Engineer, Nokia
Software Engineer, Nokia Gufran is a DevOps oriented Software Engineer at Nokia and an Entrepreneur. Over the years, he has worked in different roles such as Software Test Engineer, PaaS Developer, Site Reliability Engineer etc. Gufran is an active learner. He holds CKA, AWS, CCNA... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Escaping the Jungle - Migration to Cloud Native CI/CD - Anton Weiss, Otomato Software
In the last 2 years Otomato has been helping a number of software companies to migrate their complex systems to Cloud Native infrastructure. This included rebuilding the CI/CD processes and tooling based on Cloud Native concepts and tooling. In this talk Anton will present the challenges organisations face when switching to modern approaches in software delivery. We will cover the topics of:
- Providing unified kubernetes-based CI/CD infrastructure
- Scalable CI/CD Pipelines and Environments
- Component and Contract testing vs. End-to-End testing
- Managing Deployments with Helm
- Evaluating Service Meshes
- Making the switch to GitOps

Speakers
avatar for Anton Weiss

Anton Weiss

Principal Consultant, Otomato Software
Anton has been dealing with optimising software delivery for the last 19 years. Worked at BMC, AT&T and a number of startups. Led integration and operation teams. In the last 4 years has been helping companies to migrate to CI/CD and cloud native technologies as the co-founder and... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Kubernetes? But I'm a Product Manager… - Matthew McNeeney, Pivotal & Miguel Luna, VMware
Good product teams care deeply about their users and the experience they provide to them, yet many Product Managers shy away from conversations about Kubernetes, believing that it’s something for their engineering counterparts to think about. But this is a critical mistake; many of the benefits Kubernetes brings can be harnessed to deliver better products, faster.

The Kubernetes.io tagline is ‘Production-Grade Container Orchestration’, so it’s easy to see why Product Managers tend to leave it aside as an engineering concern. But much of the innovative work happening in the ecosystem can be used to ship software faster and deliver great user experiences. This talk will cover how Product Managers building different types of software can utilise features in Kubernetes to build extensible, scalable and cloud-agnostic products that drive better customer outcomes.

Speakers
avatar for Matt McNeeney

Matt McNeeney

Product Lead, VMware
Matt is a Product Lead at VMware where he helps build products that enable developers to easily discover and consume the tools they need to get their applications into production. Matt is also a co-chair for the Open Service Broker API, an open-source collaboration by Pivotal, Google... Read More →
avatar for Miguel Luna

Miguel Luna

Staff Product Manager, VMware
Miguel is a Staff Product Manager at VMware where he is responsible for enabling enterprise developers to go faster by increasing the number of tools available to them. Miguel has an engineering background and was previously leading the handset and devices product program at the telecommunications... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Lessons Learned From Building Azure Databricks Operator - Azadeh Khojandi, Microsoft
Are you planning to extend Kubernetes API? In this talk, Azadeh will share challenges and lessons learned during designing, developing and releasing opensource Azure Databricks Operator.

She will explain how she and her teammates reduced the onboarding process, evolved the operator through multiple iterations, avoid documentation and followed engineering fundamentals.




Speakers
AK

Azadeh Khojandi

Senior Software engineer, Microsoft
Azadeh has spoken at numerous events such as DDD Sydney, Google Dev Day, StartCon, NDC Sydney and London about Chatbots, AI and Machine learning and Kubernetes operators. She has led open-source Kubernetes Databricks operator project: https://github.com/microsoft/azure-databricks-operator... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Is Sharing GPU to Multiple Containers Feasible? - Samed Güner, SAP
Provisioning GPUs for ML workloads in data center can be very costly and more costly if they are not fully utilized. Thus, maximizing the GPU utilization is a must for ML workloads.

This session will show how a single GPU can be used to run multiple ML workloads, especially ML inference, in parallel and will deep dive into the understanding of how GPUs are provisioned and attached using K8s device plugins. It will show how the nvidia device plugin can be extended to schedule multiple ML workloads to a single GPU and collect desired GPU information with Prometheus.

This session will highlight and deep dive into native GPU sharing using K8s device plugin without additional technologies such as vGPUs from VMware.

Speakers
avatar for Samed Güner

Samed Güner

Software Engineer, SAP
Samed Güner is currently working as a software engineer at SAP Machine Learning building the next-gen data science platform SAP Data Intelligence on K8s. He mainly works on infrastructure and K8s with a strong focus on leveraging DevOps principles. He previously worked on projects... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

CNCF Research User Group - Eduardo Arango, Red Hat & Bob Killen, University of Michigan
Interested in improving the Research experience with Kubernetes, or simply running research workloads on it? The CNCF Research User Group’s purpose is to serve as a focal point for the discussion and advancement of Research Computing using “Cloud Native” technologies. Since the group’s inception 6 months ago, key areas have been identified as gaps within the ecosystem. This session would serve as an opportunity to share with a broader audience some of the key challenges the Research-user-group has identified, and showcase project updates on key tools that the research community is developing to address these challenges. For more information visit: https://github.com/cncf/research-user-group

Speakers
avatar for Bob Killen

Bob Killen

Research Cloud Administrator, University of Michigan
Bob is a Research Cloud Administrator with the Advanced Research Computing Technology Services (ARC-TS) group at the University of Michigan. He has been with the University for more than 15 years, serving in various capacities within the Health System and ARC-TS. As a CNCF Ambassador... Read More →
avatar for Eduardo Arango

Eduardo Arango

Software Engineer, Red Hat


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Intro to Falco: Intrusion Detection for Containers - Shane Lawrence, Shopify
How do you protect Kubernetes clusters from malicious behavior? Role-based access control won't stop a user who's authorized to create pods from deploying hundreds of coin miners, and Intrusion Detection Systems at a network edge won't catch requests from a compromised container to the API server. Falco joined CNCF Incubator as an open-source runtime monitoring tool that combines kernel-level visibility with cluster-level awareness, making it possible to implement security policy and assert if these policies have been violated. In this session, Shane will demonstrate detection use cases, and discuss how Shopify has been using Falco since 2018 to monitor containers in a cloud environment that processes $100 million+ per day. Attendees will learn how to deploy Falco at scale, implement and change the ruleset, avoid common pitfalls with eBPF probes and kernel modules, and manage alert volume.

Speakers
avatar for Shane Lawrence

Shane Lawrence

Senior Infrastructure Security Engineer, Shopify
Shane is a Senior Security Infrastructure Engineer at Shopify, where he's working on a multi-tenant platform that allows developers to build secure, scalable apps and services. His previous work includes SIEM and Log Management at CGI MSS, and IDS Engineering at CFNOC.


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Intro to gRPC - Abhishek Kumar, Google
gRPC is a modern, open source remote procedure call (RPC) framework that can run anywhere. Distributed systems and client-server applications are built using gRPC because it provides simple abstractions for application-layer communication, coupled with a broad and powerful feature set. A wide range of languages and platforms are supported by gRPC. Join us for this session to hear about the gRPC project, how you can use it in your applications, and how to get involved as a contributor or maintainer!

Speakers
AK

Abhishek Kumar

Software Engineer, Google


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Intro: Linkerd - William Morgan, Buoyant & Tarun Pothulapati, Student/Intern
In this session, William Morgan will provide an introduction to Linkerd, the CNCF's service mesh project. Linkerd features blazing fast performance, an ultralight footprint, a Kubernetes-native design, and open governance. You'll learn what it does, why it's useful, differences with other service meshes, and finish with a brief Q&A.

Speakers
avatar for William Morgan

William Morgan

CEO, Buoyant
William Morgan is the cofounder and CEO of Buoyant, creators of Linkerd. Prior to Buoyant, he was an infrastructure engineer at Twitter, where he helped move Twitter from monolith to microservices. He was a software engineer at Powerset, Microsoft, and Adap.tv, and a research scientist at MITRE... Read More →
avatar for Tarun Pothulapati

Tarun Pothulapati

Student/Intern, Community Bridge Program - Linkerd and Jaeger, CNCF
Tarun Pothulapati is a Google Summer Of Code 2019 Intern at Linkerd and a final year undergrad student from India. He spends his time contributing to Linkerd and Service Mesh Interface (SMI). He is a huge admirer of Kubernetes and Cloud Native projects in general and enjoys building... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Introduction to Autoscaling - Marcin Wielgus & Beata Skiba, Google
Come and see how to reduce the cost of your cluster and make your workloads more robust by dynamically adjusting them to the current traffic. During this talk members of SIG-Autoscaling will explain why you should be autoscaling both applications and clusters, and what tools Kubernetes provides to do that. You will learn the mechanics of Cluster, Horizontal Pod and Vertical Pod Autoscalers, their new features as well as the best practices for applying them in production.

Speakers
avatar for Marcin Wielgus

Marcin Wielgus

Staff Software Engineer, Google
Marcin Wielgus is a Staff Software Engineer at Google. Marcin joined the internet search giant in 2010 and since then he has been working on various projects, ranging from Android applications to recommendation engines. He started contributing to Kuberentes before the 1.0 release... Read More →
avatar for Beata Lach

Beata Lach

Software Engineer, Google
Beata is a Software Engineer at Google and has been working on Kubernetes autoscaling for the last 3 years, contributing to Cluster Autoscaling and Horizontal Pod Autoscaling, currently leading the effort of Vertical Pod Autoscaling.


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Introduction to containerd - Phil Estes, IBM & Derek McGowan, Docker
Join containerd maintainers and learn how containerd is an improvement to one of the most fundamental parts of the container ecosystem. They will discuss the latest updates to the containerd project as well as how it is being used by Kubernetes and other container systems. Come dive into what containerd is, how it is different from other runtimes, and how it is built. The agenda includes an introduction to the containerd project, the architecture of containerd, and upcoming features in containerd 1.4.

Speakers
avatar for Derek McGowan

Derek McGowan

Software Engineer, Docker
containerd maintainer
avatar for Phil Estes

Phil Estes

Distinguished Engineer & CTO, Container Architecture Strategy, IBM
Phil is a Distinguished Engineer in the office of the CTO for IBM Cloud, guiding IBM's strategy around containers and Linux. Phil is a founding maintainer of the CNCF containerd runtime project, and participates in the Open Container Initiative (OCI) as a member of the Technical Oversight... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Kubernetes IoT Edge Working Group: Applications at the Edge - Cindy Xing, Microsoft & Steve Wong, VMware
This session will address unique considerations of edge applications. Edge workloads on Kubernetes can vary from: - Simple IoT solutions over Raspberry-pi - Video processing, image recognition, or machine learning apps on embedded device or server - Complicated industrial IoT or Teleco solutions requiring high availability, security, and reliability We will survey how edge impacts best practices of app development and operational management - and how Kubernetes and other related open source tools can be utilized for edge workloads. Agenda - Characteristics and requirements of different Edge Applications - Language / runtime considerations - Operational considerations with Kubernetes - App development, build, packaging and CI / CD considerations - Available tooling - How to get involved in the IoT Edge Working Group

Speakers
avatar for Steven Wong

Steven Wong

Open Source Software Engineer, VMware
Steve Wong has been active in the Kubernetes and Apache Mesos communities since 2015. He is a co-organizer of the IoT and Edge Working Group and a co-chair of the VMware User Group on the Kubernetes project. He is a past speaker at KubeCon, MesosCon, Open Source Summit, SCALE, and... Read More →
CX

Cindy Xing

Principal Software Engineering Manager, Microsoft


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Network Service Mesh to Address Cloud Native 5G Telco Networking Challenges - Roshini Ratnam & Anders Franzen, Ericsson
Some of the key networking challenges of cloud native telco applications are VPN/traffic separation, no NAT protocols, path diversity, accelerated user plane traffic, legacy protocol etc. Kubernetes networking cannot address them. Currently they are addressed using approaches like Multus, Danm, CNI-Genie. All this still only works on a node level but will require a substantial amount of complex case specific, on-site DevOps to bottom-up build a functional multi-network cluster, with all challenges that come with that, like LCM.
This seminar will cover how Network Service Mesh (NSM) can address networking challenges of cloud native telco applications in 5G with the details of proof of concept and how NSM decouple infrastructure from applications. The speakers will also give details of the ongoing work with CNF test bed network separation use case.

Speakers
avatar for Anders Franzen

Anders Franzen

Technology Specialist, Ericsson
Anders Franzen is an engineer in Ericsson AB with 30+ years of professional experience in HA-systems, networking and operating systems for telco. Living in Stockholm, Sweden. He is currently working with the transition into the cloud native paradigm.
avatar for Roshini Ratnam

Roshini Ratnam

Networking and Connectivity Architect, Ericsson
Roshini Ratnam, is an Architect in Cloud Native Connectivity at Ericsson. Roshini has above 10 years of experience in various Telecom and Networking projects with different organizations including Ericsson, Nokia Networks and Cisco Systems. In her current role she mainly focuses on... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Tracing is For Everyone: Tracing User Events with GraphQL and OpenTelemetry - Nina Stawski, Splunk
There's been a lot of talk about the importance of observability and tracing for microservice-based applications. The use cases involved are focused on backend engineers and DevOps. But what about us front-end engineers? Often, we get blamed first when something breaks and the lack of consistent observability tools makes it difficult to debug issues.

With the emergence of OpenTelemetry for JavaScript, more front-end developers are looking to instrument their code and connect their traces with the backend. A growing number of teams are adopting GraphQL as their interface between UI and backend as well. This talk will illustrate the process of setting up your app for tracing with OpenTelemetry, show what’s common in GraphQL instrumentation compared to other libraries and describe the potential pitfalls of the approach. Building on that, we will discuss how tracing affects user experience.

Speakers
avatar for Nina Stawski

Nina Stawski

Senior Software Engineer, Splunk
Nina currently works as a Senior UI/UX Engineer, building the enterprise-grade distributed tracing and observability platform as a part of the front-end team at Omnition. Previously she was the Expert Developer / Team Lead at SAP Conversational AI, and the Head of UI/UX and Front... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Running K3s, Lightweight Kubernetes, in Production for the Edge and Beyond - Darren Shepherd, Rancher
Within the short year since announcing k3s, the CNCF certified lightweight Kubernetes distribution, users have quickly put k3s into production in edge, on-premises, cloud, and pipeline use cases. In this presentation Darren Shepherd, the creator of k3s, will cover different strategies of running k3s and how they map to different use cases. Use cases range from thousands of clusters on the edge, to fast ephemeral clusters to power your pipeline, to running AI workloads, and much more.

Speakers
DS

Darren Shepherd

Chief Architect, Rancher
Darren Shepherd is a co-founder and the chief architect at Rancher Labs where he has led the development and creation of numerous open source software projects such as k3s, RancherOS, Longhorn, and Rio. His goal is to provide the container industry with reliable tools that ease deployment... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Panel: Security Is Not A Unicorn - Jay Beale, InGuardians; Marlow Weston, Intel; Trupti Shiralkar, Illumio; Aeva Black & Sarah Young, Microsoft
Do you have to trade performance for security?

Panelists will gather to discuss whether current kubernetes security best practices are at odds with the architectural requirements of heavy computational workloads such as those in machine learning or High-Performance Computing (HPC). The panelists will discuss where the bottlenecks are, what security risks are known, and what industry tools are used to address these issues. The panelists will also draw comparisons to more traditional HPC-style workloads and see what lessons can be drawn from that stalwart legacy.

The panel will be moderated by Jay Beale, CTO of InGuardians, who co-leads the Kubernetes project’s third party security audit working group.

Speakers
avatar for Trupti Shiralkar

Trupti Shiralkar

Principal Application Security Engineer, Illumio
Trupti Shiralkar is a Principal Application Security Engineer at the world’s most customer-centric security company Illumio. She has a strong passion for security and privacy and believes in influencing security by creating a mutual win for all involved parties. She enjoys diving... Read More →
avatar for Sarah Young

Sarah Young

Azure Security Architect, Microsoft
Sarah is an Azure Security Architect working for Microsoft. Allegedly she lives in Melbourne but is more likely to be found in airport lounges across Asia. Sarah loves cloud, Kubernetes and container security and spends most of her time telling people how to do it better and generally... Read More →
avatar for Aeva Black

Aeva Black

Open Source Program Manager, Azure Confidential Computing
Aeva is a technology architect, team leader, mentor, and industry veteran with a successful career spanning 20 years, several startups, and multipleFortune 500 Companies, including IBM, HPE, and Microsoft. Aeva’s areas of expertise include open source strategy, database development... Read More →
avatar for Jay Beale

Jay Beale

CTO, InGuardians
Jay Beale works on Kubernetes and cloud native security, both as a professional threat actor & as co-lead of the third party security audit WG. He’s the architect of the Peirates attack tool for Kubernetes & the @Bustakube CTF cluster. He created Bastille Linux and the CIS Linux... Read More →
avatar for Marlow Weston

Marlow Weston

Lead HPC Tools Engineer, Intel
Marlow is currently a lead software engineer at Intel working on high performance computing tools. Previously, she has worked in a variety of areas including security, embedded systems, kernel drivers, tracing libraries, and web scrapers. She began adult life by pursuing a degree... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Stateful Serverless and the Elephant in the Room - Stephan Ewen, Ververica
Kubernetes and FaaS have solved most of the challenges of dealing with stateless applications. But when it comes to handling state, it quickly becomes “someone else's problem”. Because of that, we have struggled with the same issues of data consistency and complex failure semantics for the past decade. For stateful applications, we are still far from the smooth development and operations experience associated with serverless.
Stateful Functions is a new pattern to solve this problem. It uses containerized, event-driven functions with a stream processor (Apache Flink), not a database, to manage the state and handle the messaging between functions. This talk walks through the ideas behind Stateful Functions and shows how this simple framework solves the problem of consistency and failure semantics within and across functions, at the same time staying true to the serverless experience.

Speakers
avatar for Stephan Ewen

Stephan Ewen

CTO, Ververica
Stephan Ewen is a committer and Project Management Committee member of the Apache Flink project. He is one of the original creators of Apache Flink and a co-founder and CTO of Ververica (formerly data Artisans), a Berlin-based company that is bringing real-time data applications to... Read More →


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Multi-cluster Made Reasonable: Envoy Service Mesh Control Plane - Ashley Kasim & Paul Fisher, Lyft
Lyft runs business critical microservices sharded across multiple independent Kubernetes clusters in an Envoy service mesh, enabling services to autoscale and serve rides in the face of Kubernetes cluster and backplane failures. Existing Envoy control plane solutions are complex and can be difficult to span multiple clusters. Yann and Paul's talk covers the design and implementation of Dyplomat — Lyft’s simple cloud-agnostic open source Envoy control plane. Built on top of Envoy's Go Control Plane, Dyplomat bridges together multiple Kubernetes clusters and legacy infrastructure. The talk demonstrates how to scale a production service mesh to hundreds of microservices running across multiple clusters spanning thousands of nodes.

Speakers
avatar for Paul Fisher

Paul Fisher

Software Engineer, Lyft
Paul Fisher works on all things infrastructure related at Lyft, from monitoring software to the service provisioning stack. He’s currently leading the Lyft migration to Kubernetes. Paul tends toward work that lies at the intersection of systems programming and scale. He's previously... Read More →
avatar for Ashley Kasim

Ashley Kasim

Software Engineer, Lyft
Ashley Kasim is an engineer on the Compute Infrastructure team at Lyft, currently working on building out a highly scalable and resilient Kubernetes infrastructure that enables Lyft to run at scale.


Tuesday August 18, 2020 14:35 - 15:10
TBA

14:35

Tutorial: Introduction to Monitoring with Grafana - Marcus Olsson, Grafana Labs
As software becomes more and more complex, the need to understand how it performs in production becomes an important part of software development. In this tutorial, we'll cover the basics of monitoring, what to monitor, and how to visualize it. We'll also look at how to combine metrics with logs to troubleshoot production issues.

You'll learn how to use Grafana, an open source platform for monitoring and observability, to set up a monitoring solution:

- Basics of time series and dashboard design
- Adding and configuring data sources
- Creating beautiful and functional dashboards
- Exploring logs with Loki

After this workshop:

- You'll better understand how to monitor your software
- You'll be able to use Grafana to create dashboards
- You'll be able to use metrics and logs together to debug running software

Speakers
MO

Marcus Olsson

Developer Advocate, Grafana Labs
Marcus Olsson is a Developer Advocate at Grafana Labs, the company behind Grafana. Before that he was consulting teams on cloud native practices and infrastructure. He's also known to draw gophers and organize Go meetups.


Tuesday August 18, 2020 14:35 - 16:05
TBA

15:30

From Minikube to Production, Never Miss a Step in Getting Your K8s Ready - Horacio Gonzalez & Kevin Georges, OVH
So you have installed your Kubernetes cluster, and you have deployed some apps on it, but the idea of putting it into production makes you uneasy... Well, this talk is for you!

The path form a working Kubernetes cluster to a production-ready one can be rough and complicated, with lots of things to think of, and many pitfalls to avoid. In this talk Kevin & Horacio will share with you the common pitfalls and their best known antidotes, in order to make sure that you deliver a secure and highly available Kubernetes to your end-users.

After sharing with you a cost-effective HA setup for a typical Kubernetes production environnement, Kevin and Horacio will cover the basic security best practices, adapted to any enterprise context.

They will also discuss some of the most recognized CNCF projects tools to enhance Kubernetes observability, reliability, security and management.

Speakers
KG

Kevin Georges

Engineering Manager, OVH
Working at OVH since 3 year. He managed the kubernetes as a service offer on top of openstack. Kevin has spoken at conferences like the Open Infrastructure Summit in Shanghai in 2019, and in many meetups and regional conferences
HG

Horacio Gonzalez

K8S Engineering Manager, OVH
Working at OVH since 3 year. He managed the kubernetes as a service offer on top of openstack.


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Session: To Be Announced
Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Operating Enterprise Grade Kubernetes Clusters at Salesforce on Bare Metal - Anubhav Dhoot & Mayank Kumar, Salesforce
Many enterprises today don’t have the luxury of public cloud managed offerings, or VM’s in their private data centers. In the absence of these, it’s challenging to operate enterprise grade Kubernetes clusters and manage it seamlessly.

We will talk about specific challenges in bringing up a highly available kubernetes cluster on bare metal, securing it, upgrading it, monitoring it 24/7, and doing all of that using Puppet, while maintaining SLA for our customers.

We will cover a lot of lessons learnt in managing a fleet of 2600+ hosts across 20 + data centers over the last 4 years, including battle stories like dangers of etcd initial-cluster-state config, hairpin networking issues, and setting up service accounts with key rotation.

While we are well on the path to using managed K8s offerings in Public Cloud, this will be a cautionary tale for teams managing their own k8s clusters.

Speakers
MK

Mayank Kumar

Principle Engineer, Salesforce
Mayank is a Principle Engineer at Salesforce who is passionate about building large scale and self healing distributed systems and policy based container management solutions, with a wide range of experience at Microsoft and Cisco. He is an active contributor to open source projects... Read More →
avatar for Anubhav Dhoot

Anubhav Dhoot

Senior Director Of Engineering, Salesforce
Anubhav is a Senior Director of engineering and is responsible for the Kubernetes based micro service platform team used by Salesforce engineering teams. He has experience building large scale systems at Microsoft as well as in open source as a committer in Hadoop for Yarn cluster... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

How We Migrated Our Monolith to K8s and Became a High Performing Team - Mauricio Salatino, Camunda/LearnK8s & Tracy Miranda, CloudBees
Migrating your existing architecture from a monolith to microservices is a challenging task. Not only the technology landscape is different and overwhelming, but you also need a solid plan to bring the rest of the team along in the journey.

This talk shares our real-life journey and the lessons learned from migrating a monoliths open-source project to microservices while adding in CI/CD best practices. We looked at specific best practices from the Accelerate book and show how those became reality within our team.
The focus of this is:
- Best practices for refactoring monoliths into microservices
- Understanding how you can leverage tools such as Kubernetes, Helm, Jenkins X, and Zeebe to develop cloud-native applications
- Pitfalls you should avoid and how you can learn from our mistakes

Speakers
avatar for Tracy Miranda

Tracy Miranda

Director of Open Source Community, CloudBees
Tracy Miranda is director of open source community at CloudBees, where she works closely with the Jenkins & Jenkins X communities. A developer and open source veteran, Tracy is on the governing board for the CD.Foundation, after helping launch the foundation as the new home for Jenkins... Read More →
avatar for Mauricio Salatino

Mauricio Salatino

Principal Software Engineer, Camunda/LearnK8s
Mauricio is a Principal Software Engineer at Camunda and a LearnK8s Instructor. Mauricio has been working with Kubernetes for the last 4 years, training teams and developing cloud native applications. In his journey, he has participated in several open source projects including Zeebe... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

RTFM - Revisiting the Fundamentals of Mentoring: A Journey to Kubernetes - Guinevere Saenger, GitHub & Ihor Dvoretskyi, Cloud Native Computing Foundation
What do Kubernetes and fine arts have in common? How about university research? All these are extremely difficult fields of expertise with a large global community and a steep learning curve. Unlike Kubernetes, however, many other fields have long-standing traditions of individual mentorship and teaching.

The future of Kubernetes rests on the shoulders of its community. To keep our technology maintainable, we need to effectively and efficiently transfer knowledge to future maintainers.

Luckily, as we will see, being a mentor does not have to be overly complicated or time-consuming. Using specific examples of contributor success stories, this talk will show you how to raise the next generation of Kubernetes experts, and have fun while doing it.

Speakers
avatar for Guinevere Saenger

Guinevere Saenger

Software Engineer, GitHub
In 2016, Guinevere Saenger transitioned from being a full-time professional pianist to a career in tech. Today, Guinevere is a Software Engineer at GitHub and writes deployment automation tooling on GitHub’s Moda platform. She has been very active in the Kubernetes open source... Read More →
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate, Cloud Native Computing Foundation
Bio: Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation (CNCF), closely working with the open source communities within the Cloud Native ecosystem (including Kubernetes, Helm, and others). At CNCF, Ihor helps in driving multiple developer relations programs... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Go? Bash! Meet the Shell-operator - Andrey Klimentyev & Dmitry Stolyarov, Flant
While using Kubernetes, the need to automate our work is everpresent. Usually, the task boils to a simple pattern: subscribe to Kubernetes resource changes and acting upon them. In the simplest case, a ConfigMap creation will suffice. In the complex one, interaction with a Custom Resource might be required.

Most of the operations engineers know a scripting language (e.g., bash) and are familiar with the jq tool, which employs an indigenous paradigm of traversing JSON structures inspired by the functional programming paradigm.

A general-purpose programming language, without a doubt, provides tons of benefits, but do they not create a steep learning curve on the path to automating and extending Kubernetes?

This talk focuses on writing simple operators with the shell-operator, using a scripting language (bash) and jq, and justifies such an approach.

Speakers
avatar for Andrey Klimentyev

Andrey Klimentyev

Solutions Engineer, Flant
Andrey Klimentyev works as a Solutions Engineer at Flant. While the company itself focuses on implementing and maintaining Kubernetes based infrastructure, Andrey maintains an internal Kubernetes distribution by investigating DevOps teams’ and managements’ requirements and implementing... Read More →
avatar for Dmitry Stolyarov

Dmitry Stolyarov

CTO, Flant
Dmitry Stolyarov is a CTO at Flant. While the company itself focuses on implementing and maintaining Kubernetes based infrastructure, Dmitry supervises R&D processes to ensure the best practices are carefully cultivated and generally applied. Being widely recognized as one of the... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Production Multi-node Jobs with Gang Scheduling, K8s, GPUs and RDMA - Madhukar Korupolu & Sanjay Chatterjee, NVIDIA
With the growing scale of DL and ML applications, distributed execution of jobs across multiple nodes becomes increasingly critical -- to solve bigger problems faster -- as illustrated by the recent MLperf results. However running such workloads in a production K8s cluster shared by multiple jobs/users has several challenges.

In this talk, we’ll give an overview of this area -- including distributed Tensorflow, Pytorch, Horovod, MPI -- and the use of GPU nodes with NCCL and RDMA for accelerated performance. We’ll describe our end-to-end flow for multi-node jobs in K8s including gang scheduling, quotas, fairness and backfilling implemented in our custom scheduler for GPUs. Our cluster includes high-speed networking through RoCE and SR-IOV / Multus CNI. We’ll share our design choices, learnings and operational experience including failure handling, performance and telemetry.

Speakers
avatar for Madhukar Korupolu

Madhukar Korupolu

Distinguished Engineer, NVIDIA
Madhukar is an architect at NVIDIA working on GPU clusters for AI and HPC workloads. Areas of interest and experience include AI / ML infra, GPU acceleration, Cloud computing, Distributed Systems, Borg, Kubernetes, HPC, CDNs etc with previous stints at Google, IBM and Akamai. He holds... Read More →
avatar for Sanjay Chatterjee

Sanjay Chatterjee

Senior Engineer, NVIDIA
Sanjay Chatterjee is a senior engineer at NVIDIA. He works on runtime system infrastructure and core Kubernetes components to support highly scalable HPC and DL/AI workloads. Previously he worked on DoE/DARPA funded research and advanced technology projects for exascale systems. His... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Cloud Native Policy Deep Dive - Zhipeng Huang, Huawei & Erica von Buelow, Red Hat
In this session we will discuss many open source initiatives that the Policy WG have been discussing, including policy formal verification, Policy Violation CRD, Runtime Policy Interface and so forth

Speakers
avatar for Zhipeng Huang

Zhipeng Huang

Open Source Manager, Huawei
Zhipeng Huang currently serve as open source operation manager for Huawei. Zhipeng have been involved with various major open source communities and is now the PTL of OpenStack Cyborg project, co-chair of OpenStack Public Cloud WG, and co-lead of the Kubernetes Policy WG.Zhipeng Huang... Read More →
EV

Erica von Buelow

Software Lead, Red Hat


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

CNF Testbed: Creating a Cloud Native User Plane for an Evolved Packet Core - Taylor Carpenter, Vulk Coop & Denver Williams, Vulk Coop & Sufficient Consulting
The Cloud Native Network Function (CNF) Testbed is a CNCF initiative to provide a neutral space for exploring and evaluating open source networking technologies and their interoperability. The initiative fosters cross-community collaboration and includes contributors from FD.io CSIT, Network Service Mesh and others in the open source community. This session will give an introduction of the CNF Testbed and review the Cloud Native Evolved Packet Core User Plane example. There will be time for Q/A and attendees should leave this session with an understanding of how to deploy the CNF Testbed and contribute examples to the CNF Testbed initiative.

Speakers
DW

Denver Williams

Project Co-Lead, cncf.ci, Vulk Coop & CNCF
avatar for Taylor Carpenter

Taylor Carpenter

Principal Pied Piper, Vulk Coop
Partner at Vulk Cooperative - http://vulk.coop | Lead on CNCF CNF Testbed, Telecom User Group and CNF Conformance initiatives. OpenSource advocate, using Linux since 1994 with the 1.0 release and gnu tools on other unix systems before that. OpsDev geek. Elixir and Ruby programmer... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Easy, Secure and Fast - Using NATS for Data Streams and Services - Colin Sullivan & R.I. Pienaar, Synadia
Distributed systems architecture has been disrupted via decomposition as cloud technology has matured - we’ve seen a migration from monolithic applications to microservices coordinating across large scale deployments. This has created a need for flexible deployments, secure and transparent data sharing, multiple communication patterns, location transparency, and the decoupling of data producers and consumers. NATS is a cloud-native messaging project that addresses these needs. While cloud-native, NATS and can also run on-premise, edge and even endpoints. In this discussion, we'll introduce you to NATS: how NATS came to be, its DNA and cover some of the problems that it solves. We’ll describe common messaging patterns, when to use them, and design principles to create NATS enabled cloud-native applications. For more information be sure to follow this up with the NATS deep dive!

Speakers
avatar for Colin Sullivan

Colin Sullivan

Product Manager, Synadia
Colin is the product manager of NATS. He has extensive experience developing messaging products and designing distributed systems. Prior to Synadia, Colin worked at a number of companies including Apcera and TIBCO software.


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Flux Deep Dive: A GitOps Approach to Progressive Delivery - Stefan Prodan & Hidde Beydals, Weaveworks
“Progressive Delivery” refers to a set of techniques for reducing deployment risk by decoupling the deployment from the release process. In this session, Stefan and Hidde will talk about implementing these techniques on Kubernetes. We will discuss in depth how canary releases can be orchestrated through Git operations, declaratively, using Kubernetes custom resources and Flux git-to-cluster synchronization. We will demo a GitOps pipeline that automates the release process of a web application. The demo will feature: - Flux for cluster state management - Flux Helm Operator for app deployments - Flagger for app testing and incremental rollout

Speakers
avatar for Stefan Prodan

Stefan Prodan

DX Engineer, Weaveworks
Stefan is a Developer Experience engineer at Weaveworks and an open source contributor to cloud-native projects like Flagger, FluxCD, Helm Operator, OpenFaaS and others. He worked as a software architect and a DevOps consultant, helping companies embrace DevOps and the SRE movement... Read More →
avatar for Hidde Beydals

Hidde Beydals

Software Engineer, Weaveworks
Hidde is a Software Engineer at Weaveworks where he spends most of his time contributing to CNCF Flux. He joined Weaveworks naturally after being a contributor - and later maintainer - to the projects.Previously, he worked as a software engineer for the publisher of two Dutch rental... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Intro to the Kubernetes Code of Conduct Committee - Aeva Black, Microsoft
Did you know that Kubernetes community has an elected Code of Conduct Committee? This session will explain what the committee does, how it is formed, and some of the things the group is working on. Additionally, the presenters will share some insights on why such a committee is so important for maintaining a healthy, inclusive open source project.

Speakers
avatar for Aeva Black

Aeva Black

Open Source Program Manager, Azure Confidential Computing
Aeva is a technology architect, team leader, mentor, and industry veteran with a successful career spanning 20 years, several startups, and multipleFortune 500 Companies, including IBM, HPE, and Microsoft. Aeva’s areas of expertise include open source strategy, database development... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Kubernetes SIG Architecture Intro and Update - John Belamaric, Google
SIG Architecture maintains and evolves the design principles of Kubernetes, and provides a consistent body of expertise necessary to ensure architectural consistency over time. The SIG takes care of evolution of conformance definitions, API definitions/conventions, deprecation policy, design principles, and other cross-cutting concerns.

In this talk, we will provide an introduction to SIG architecture, including its role and the various subprojects that support its activities. Additionally, we will provide a community update on the status of those efforts.

Speakers
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John Belamaric is an experienced software engineer and architect with over 20 years of software design and development experience. He works on the Google Cloud team, focused on Kubernetes and GKE. He is a co-chair of SIG Architecture and an active participant in SIG Network.He is... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Prometheus Introduction - Julius Volz, Prometheus
Prometheus is an open-source monitoring system and time series database. It features a multi-dimensional data model with a powerful query language and integrates many aspects of systems and service monitoring: from the instrumentation of services over the collection and storage of metrics data, all the way to dashboarding and alerting. Native support for various service discovery mechanisms also make it particularly suitable for dynamic cloud-based environments like Kubernetes. In the introduction, Prometheus co-founder Julius Volz explains the architecture of Prometheus and highlights its key features.

Speakers
avatar for Julius Volz

Julius Volz

Co-Founder, Prometheus


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Service Discovery in Cloud-Native Environment: Introduction to CoreDNS - Miek Gieben & Yong Tang, Independent
oreDNS is a fast and flexible DNS server that also provides service discovery in cloud native deployments. While best known for its ability to serve as the cluster DNS of Kubernetes, CoreDNS is also capable of service discovery in complex hybrid or multi-cloud environments. The flexibility and extensibility of CoreDNS comes from its unique plugin-based architecture. With already available plugins such as route53/azuredns/clouddns, and easy-to-extend plugin architecture, services from Kubernetes clusters and different cloud services could be exposed in similar fashion across the cluster boundary.

Speakers
avatar for Miek Gieben

Miek Gieben

n/a, n/a
I'm lead developer of CoreDNS. Come talk to about service discovery, DNS and the future of these technologies in a cloud native world.
avatar for Yong Tang

Yong Tang

Director of Engineering, MobileIron
Yong Tang is the director of engineering at MobileIron. He is a core maintainer of CoreDNS and contributes to many container, cloud-native, and machine learning projects for the open source community. In addition to CoreDNS, he is a maintainer of Docker/Moby. He is also a maintainer... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Dual Stack: The Next Station to IPv6 - Antonio Ojea Garcia, SUSE & Anish Ramasekar, Microsoft
Kubernetes introduced IPv6 support in early 2018, however, there was no big adoption and development stalled. Fortunately, after the implementation of dual-stack, there has been a new interest in IPv6.
We will explore different tools and techniques to successfully migrate to IPv6 clusters and discuss their trade-offs.

Speakers
avatar for Antonio Ojea Garcia

Antonio Ojea Garcia

Engineer Manager, SUSE
Antonio Ojea is an Engineering Manager at SUSE, where he works on Kubernetes and other Open Source projects focused on cloud technologies.He is also involved in the upstream Kubernetes project, contributing in KIND and SIG-Network, especially in everything related to IPv6.
avatar for Anish Ramasekar

Anish Ramasekar

Software Engineer, Microsoft
Anish Ramasekar is a software engineer at Microsoft. He is on the Azure Cloud Native Compute team building features for Kubernetes upstream and for Azure Kubernetes Service.


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

From Alert Notification to Comparison of Good and Bad Requests in One Click - Shreyas Srivatsan & Mantas Klasavicius, Chronosphere
Metrics are a great tool for notifying when something goes wrong. Distributed tracing provides the ability to drill down deeper into an issue when triaging an alert with a non-obvious root cause. It’s already difficult to jump from metrics raising an alert to a representative problematic trace, but even once there, users often want to compare a problematic trace with a non-problematic one to help root cause the issue. This talk demonstrates how to jump straight from an alert notification to displaying a problematic trace along with a comparison to a non-problematic trace.

This is accomplished with a combination of open source tools such as Prometheus, Jaeger, Grafana and M3. The audience will learn how recent advances in the community can enable them to reduce their time-to-mitigation by providing the relevant context of a bad request vs a good request directly from a graph.

Speakers
avatar for Shreyas Srivatsan

Shreyas Srivatsan

Technical Lead, Chronosphere
Shreyas is a technical lead at Chronosphere, previously a technical lead at Uber on the monitoring alerting infrastructure team. Shreyas is greatly interested in monitoring of all kinds and has contributed to Prometheus upstreaming exemplar support for the OpenMetrics parser. Prior... Read More →
avatar for Mantas Klasavicius

Mantas Klasavicius

Head Of Engineering, Europe, Chronosphere
Mantas have been passionate about metrics for >10 years now. He was a founding member of the observability team at Uber where he worked on M3. 3 years ago he started managing and growing teams at Uber in Seattle and Vilnius. Currently he is building the Chronosphere Engineering office... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Zero Database Downtime with etcd-operator - Tyler Lisowski & Kodie Glosser, IBM
Zero downtime upgrades, multi availability zone redundancy, automatic instance recovery, periodic backups, and restores in the case of disaster scenarios are all possible when you automate etcd operations with the Etcd-operator. This talk will walk through a live example of a multi availability zone etcd cluster managed by Etcd-operator and how Etcd-operator automates database administration tasks. We will visually step through how these operations are executed by Etcd-operator and how attendees can integrate it into their existing architectures to eliminate downtime and drastically reduce the time they spend on database administration tasks.

Speakers
avatar for Kodie Glosser

Kodie Glosser

Software Developer, IBM
Kodie Glosser is a Software Engineering Developer at IBM. Kodie first started at IBM as a Site Reliability Engineer, monitoring and managing over 3000 OpenStack customer instances globally for 1.5 years. When IBM Cloud Kubernetes Service (IKS) launched in 2017, Kodie transitioned... Read More →
avatar for Tyler Lisowski

Tyler Lisowski

Software Engineering Lead, IBM
Tyler Lisowski is a Software Engineering Lead at IBM. Tyler works on the cluster deployment and management systems IBM Cloud leverages to run over 18000 Kubernetes clusters in over 30 datacenters globally for 3+ years. He has been a part of the IKS team since the creation of the service... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Seccomp Security Profiles and You: A Practical Guide - Duffie Cooley, VMware
Have you wondered what a seccomp security profile is, and how it relates to Linux Capabilities?

Folks often dismiss seccomp profiles and Capabilities as a way of hardening applications as it is too difficult to determine what syscalls are in use by a given application.

In this session we will explore a couple of tools designed to make this more approachable.

Dockersl.im is an opensource project that can take a Dockerfile and an image and produce a smaller image containing only the necessary bits, a seccomp security profile derived from the system calls the application made while under test.

Inspektor Gadget is an opensource project by the folks at kinvolk that enables to make use of BPF to inspect a number of things about pods that are deployed. Providing better visibility into what pods are accessing from a syscall and filesystem perspective.

Come learn about these super powers!

Speakers
avatar for Duffie Cooley

Duffie Cooley

Duffie Cooley, VMware
Duffie is a Staff Cloud Native Architect at VMware focused on helping enterprises find success with technologies like Kubernetes. Duffie has been working with all things virtualization and networking for 20 years and remembers most of it. He likes to present on topics ranging from... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Weaving a Mesh for Multiple Clusters, Multiple Tenants, and VMs at bol.com - Remco Overdijk, bol.com & James Brook, Google
Bol.com, the largest online retailer in the Netherlands, has many teams running services on Kubernetes in cloud and on-prem. Over time, they have grown out of a single cluster. They will explain how adopting Envoy and service mesh gives them resilient and uniform connectivity across clusters and datacenters, while optimizing costs.

The goal was to go all in on mesh with a cautious and incremental approach. Injecting Envoy into hundreds of mission-critical pods needs care. You'll learn about the journey, architecture, challenges and the lessons learned along the way.

Protecting consumer data is all-important for the retail industry. The talk will explain zero trust networking, isolation of teams within the mesh and configuration of egress controls to restrict access to the outside world.

Policy guardrails are provided by OPA Gatekeeper and observability by Prometheus.

Speakers
avatar for James Brook

James Brook

Solutions Architect, Google
James Brook is a Solution Architect at Google. He works with Google's biggest customers to help them use cloud technology in new ways and solve complex problems. Before Google, James worked as an architect, engineer and manager in various industries, at a startup and even on submarines... Read More →
RO

Remco Overdijk

System Engineer, bol.com
As a System Engineer in Bol.com’s Compute Infrastructure Operations team, Remco Overdijk works on improving reliability and features across the company’s diverse compute platforms, ranging from Kubernetes in the Cloud to Bare Metal in multiple datacenters. With a development background... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

15:30

Is There a Place For Distributed Storage For AI/ML on Kubernetes? - Diane Feddema & Kyle Bader, Red Hat
Containerized machine learning workloads running on Kubernetes receive benefits such as portability, declarative configuration, less administrative toil, all with marginal performance impact. The best published results for performance sensitive machine learning workloads, e.g. MLPerf v0.6, were obtained by reading the datasets from local SSDs. While the MLPerf datasets fit comfortably on a single SSD, it’s a luxury not afforded to folks training models against petabyte scale datasets. We’ll share our experience running MLPerf training jobs in Kubernetes, against datasets stored by Kubernetes stateful storage services orchestrated by Rook. Highlights include the performance and scalability tradeoffs associated with local and open source distributed storage, and how machine learning formats like RecordIO and TFRecord provide performance utility and model validation flexibility.

Speakers
KB

Kyle Bader

Principal Solutions Architect, Red Hat
Working out of the Storage Business Unit at Red Hat as a Principal Solution Architect, Kyle helps ensure Red Hat’s stateful storage services can meet the demands of today's most demanding applications. He enjoys pushing all dimensions of storage scalability, and injecting a healthy... Read More →
avatar for Diane Feddema

Diane Feddema

Principal Software Engineer, Red Hat
Diane Feddema is a principal software engineer at Red Hat Inc Canada, in the AI Center of Excellence. Diane is currently focused on developing and applying machine learning techniques for performance analysis using hardware accelerators, automating these analyses and displaying data... Read More →


Tuesday August 18, 2020 15:30 - 16:05
TBA

16:35

Help! My Cluster Is On The Internet: Container Security Fundamentals - Samuel Davidson, Google
You know security is important, but what does that actually mean in containers and Kubernetes, and more importantly, what are you supposed to do about it? If you’re new to Kubernetes, or at least Kubernetes security, this session will cover the fundamental concepts in container security -- including supply chain security and runtime security -- and give you context for the security tooling and open source projects like Falco and Open Policy Agent you will encounter in the cloud native ecosystem. We’ll use a real world example (“Oh no! This cluster is open to the internet!”) and cover a cheat sheet that you help you prevent bad things from happening.

You should expect to leave this session with a mental model of how to think about container security, a list of security-related decisions you need to make on “day 0," and resources for how to keep security front and center in your team.

Speakers
avatar for Samuel Davidson

Samuel Davidson

Security Engineer, Google
Kubernetes Security for Google Cloud


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Kubernetes Patterns - Roland Huß, Red Hat
The way developers design, build, and run software has changed significantly with the evolution of microservices, containers and Kubernetes. This talk dives into common, reusable patterns and principles for designing and implementing cloud-native applications on Kubernetes.

This talk focus on the most established patterns. It will revisit basic patterns like "Predictable Demands" or "Service Discovery" but also dive into prominent patterns "Sidecar", "Elastic Scale" or "Operator". Live demos back this presentation.

This presentation is ideal for developers and architects who want to learn more about a pattern-based approach to implementing common Kubernetes usage scenarios.

Speakers
RH

Roland Huß

Principal Software Engineer, Red Hat
Dr. Roland Huß is a Principal Software Engineer at Red Hat and a member of the Red Hat serverless team. He has been developing in Java and lately in Go for over 20 years now. However, he has never forgotten his roots as a system administrator. Roland is an active open source contributor... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

How ABN AMRO Switched Cloud Providers Without Anyone Noticing - Mike Ryan, backtothelab.io & Laura Rehorst, ABN AMRO
People often talk about being cloud agnostic, but what actually happens when an enterprise with >3000 developers decides to switch cloud providers?

In this session Laura Rehorst (Product Owner, Stratus, ABN AMRO) and Mike Ryan (DevOps Consultant) will share the story of how ABN AMRO leveraged the power of Kubernetes to facilitate the transition between cloud providers, and explore the strategic benefits of adopting a cloud native posture at all levels of the organisation.

Laura and Mike will also delve into the practical side to demonstrate how tools such as Helm, OPA, and custom operators allowed the platform team to abstract away the differences between cloud providers, and the “compliant by default” approach that keeps their security and compliance teams smiling.

Speakers
avatar for Laura Rehorst

Laura Rehorst

Product Owner, ABN AMRO
Laura is the two-times Dutch Boxing Champion and Product Owner for the Stratus Platform team, with responsibility for the delivery and operation of the cloud-native platform within ABN AMRO
MR

Mike Ryan

DevOps Consultant, backtothelab.io
Mike is a DevOps Consultant specialising in automation and cloud native strategy. He is the author of AWS System Administration, and is currently designing and implementing ABN AMRO's Kubernetes platform.


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Going Beyond CI/CD with Prow - Leonardo Di Donato, Sysdig
One of the most untold secrets is how hard and important is to automate the whole set of workflows around the code, not only the testing phase. We were able to use the native Kubernetes CI/CD system - Prow - to solve CI/CD for Falco. Furthermore we discovered that Prow does much more than CI/CD! Join us to find out what! You will walk away with a deep technical knowledge of Prow and how we were able to implement internally so you can too.

We’ll see how to correctly setup and deploy Prow on a Kubernetes instance. How to link it to a bot account. How to hook Prow to GitHub organizations and repositories, how to establish an automated governance process for the Open Source by configuring multiple Prow plugins.

Finally the audience will learn how to create its own custom plugins in order to lint commit messages and code.

Speakers
avatar for Leonardo Di Donato

Leonardo Di Donato

Open Source Software Engineer, Sysdig
Leo is an Open Source Software Engineer at Sysdig. He is in charge of the Open Source methodologies and projects of Sysdig. He mainly takes care of Falco, a Container Native Runtime security project sandboxed by the CNCF. He is also involved in the Linux Foundation's eBPF project... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Building the Next Generation of Release Notes for Kubernetes and Beyond - Sascha Grunert, SUSE
Speakers
avatar for Sascha Grunert

Sascha Grunert

Senior Software Engineer, SUSE
Sascha is a Senior Software Engineer at SUSE, where he works on many different container related open-source projects like Kubernetes and CRI-O. He joined the open-source community in November 2018, having gained container experience before joining SUSE. Sascha's passions include... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Kubernetes as a General Purpose Control Plane: Scaling on Kubernetes - Hasan Turken, Upbound
Kubernetes style APIs are becoming popular as it works great as a general purpose control plane. One can build operators on top of it to declaratively manage resources living outside of the cluster.

But how to scale when we want to run multiple isolated instances of such an operator? Do we really need a full fledged Kubernetes Cluster for each or can we run only a subset of control plane components by considering we are managing external resources?

In this talk, we will discuss the minimal control plane components when we want to use Kubernetes as a general purpose control plane. Building on top of that, we will propose a lightweight solution to run multiple isolated control plane instances as tenants on a single Kubernetes Cluster. At the end, a live demo will be shown that provides a practical example of the solution proposed.

Speakers
avatar for Hasan Turken

Hasan Turken

Software Engineer, Upbound
Hasan Turken is a software engineer with no conference speaking experience. As a certified Kubernetes administrator (CKA by CNCF), he actively participated containerisation and Kubernetes transformation of a distributed enterprise application and guided team for cloud native application... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

BoF: Introduction to Contour, A High Performance Multitenant Ingress Controller for Kubernetes - Michael Michael & Nick Young, VMware
This session will show how to leverage Contour and Envoy for Kubernetes workloads. Contour is a high performance ingress and load balancer solution for Kubernetes, offering a richer feature set than some common alternatives. At its core, Contour is providing the control plane for the Envoy edge and service proxy.
 
We will also present an introduction into how Contour plans to leverage service APIs (also known as Ingress v2).

More information at https://projectcontour.io/

Speakers
avatar for Michael Michael

Michael Michael

Director of Product Management, VMware
Michael Michael (or M2 as he's known) is VMware's Director of Product Management. He is currently working on cloud native technologies, delivering agility and simplicity to developers and accelerating the modernization of enterprise applications. Michael co-chairs SIG-Windows, one... Read More →
avatar for Nick Young

Nick Young

Staff Engineer, VMware
Nick has been working to prevent the entropic downfall of systems for 20 years, across Windows and Linux, datacenters and clouds, networking, storage and compute. Currently he's a Staff Engineer on VMWare's Contour product, where in addition to his primary task of Simpsons quotes... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

CRI-O: Development Process & How to Contribute - Urvashi Mohnani & Peter Hunt, Red Hat
Container runtimes provide a good opportunity to start contributing to Kubernetes from a low-level perspective. The container runtime CRI-O is especially known for its welcoming community for new contributors. In this talk Urvashi Mohnani and Peter Hunt will dive into the basic workflow behind container runtime development. They will start by showing how to contribute to CRI-O, will talk about future development plans, and ways the community can help. The presentation will also cover in detail how the Continuous Integration and Deployment infrastructure works and how it ensures that changes to the container runtime integrate well with Kubernetes.

Speakers
avatar for Urvashi Mohnani

Urvashi Mohnani

Software Engineer, Red Hat
Urvashi Mohnani is a Software Engineer at Red Hat on the Runtimes team. She has spent the past year developing emerging Open Source container technologies such as CRI-O, Buildah, and Podman.
PH

Peter Hunt

Software Engineer, Red Hat
Peter Hunt is a Software Engineer working on Openshift at Red Hat. Passionate about free software, Peter focuses on maintaining the container engines CRI-O and Podman. Outside of the virtual world, Peter likes collecting floral-printed pants, gardening and dancing.


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

in-toto: Securing the Entire Software Supply Chain - Santiago Torres, NYU
As attackers intensify their focus on the software development, distribution and deployment pipeline, supply chain security becomes more and more crucial to the overall security of software projects. in-toto, which has recently become a member of the CNCF, has tooling and a protocol that allows you to verifiably define all the steps of the supply chain, along with its authorized personnel, giving you and your customers the guarantee that everything happened according to your intentions and nothing else. This talk will walk you through the basics of software supply chain security, and show how a versatile tool like in-toto can add substantial security guarantees to any supply chain in- and outside of the cloud native ecosystem.

Speakers
avatar for Santiago Torres

Santiago Torres

PhD Student, New York University


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Intro: Contributor Experience SIG - Jorge Castro, VMware & Bob Killen, University of Michigan
In this 30 minute session, we will explore the projects we have been working on with Contributor Experience and the future work we have on deck. We will provide an update to the following projects and have information on how to get involved.

Speakers
avatar for Bob Killen

Bob Killen

Research Cloud Administrator, University of Michigan
Bob is a Research Cloud Administrator with the Advanced Research Computing Technology Services (ARC-TS) group at the University of Michigan. He has been with the University for more than 15 years, serving in various capacities within the Health System and ARC-TS. As a CNCF Ambassador... Read More →
avatar for Jorge Castro

Jorge Castro

Community Manager, VMware
Jorge is a Community Manager at VMware where he helps to support and advance the open Kubernetes ecosystem. He works in SIG Contributor Experience on the Kubernetes Office Hours, running the YouTube channel, forums admin, and a bunch of miscellaneous programs. He resides in Ann Arbor... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Notary v2 Introduction and Status Report - Justin Cormack, Docker & Omar Paul, Amazon
The Notary v2 project is a rework of the infrastructure for container signing, supporting additional OCI Artifacts, such as Helm, Singularity and CNAB. It addresses the design and usability issues that have been found with Notary v1, and signing in a multi-registry world. The major focus being signatures as first class elements of registries rather than running a sidecar database. It addresses the signing usability issues enabling broad provider and customer adoption. This session will give an overview of the Notary v2 community project at present, and the roadmap. This session is for anyone interested in container signing and what the new project is working on.

Speakers
avatar for Justin Cormack

Justin Cormack

Engineer, Docker
Justin Cormack is Security Lead at Docker. He is a maintainer on the CNCF Notary project and is involved with CNCF SIG Security. He has spoken at Kubecon on a variety of subjects such as containerd, security audits, Notary and container runtimes. He also speaks at other events such... Read More →
OP

Omar Paul

Product Manager, Amazon


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

SIG Scheduling Deep Dive - Aldo Culquicondor, Google & Mike Dame, Red Hat
Kube-Scheduler is the component of Kubernetes that assigns pods to nodes based on the configured scheduling requirements. These requirements can be high availability, resource efficiency and other policies and heuristics. This talk will provide an overview of the new and upcoming features in the scheduler, including the scheduler framework, and the new component config API that enables scheduling profiles. In addition, we'll present updates on other sig-scheduling projects like the Descheduler. We will dedicate about half of the time of the presentation to audience questions and users' feedback.

Speakers
avatar for Mike Dame

Mike Dame

Software Engineer, Red Hat
avatar for Aldo Culquicondor

Aldo Culquicondor

Software Engineer, Google
Approver at SIG-Scheduling


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

SIG Service Catalog Update - Jonathan Berkhahn, IBM & Mateusz Szostok, Kyma
Service Catalog lets you provision cloud services directly fromt he comfort of native Kubernetes tooling, regardless of where the service is actually hosted. Service Catalog is a Kubernetes implementation of the Open Service Broker API, an open standard to provision and manage cloud services. In this session,t he Service Catalog leads will demo the current Service Catalog functionality, and the activities around the sub-projects. This will be followed by a deep dive into the problems we are facing and the future of the Service Catalog project. At the end of this talk, we'll also go through a short comparison between Service Catalog and operators.

Speakers
JB

Jonathan Berkhahn

Open Source Contributor, IBM
Joanthan is a software engineer that contributes to open source projects in the cloud platform space. He has previously contributed to Cloud Foundry, and currently contributes to Kubernetes Service Catalog and various Kubernetes Operator related projects. He has spoken at several... Read More →
MS

Mateusz Szostok

Senior Software Engineer, Kyma


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Scaling Kubernetes Networking Beyond 100k Endpoints - Rob Scott & Minhan Xia, Google
As Kubernetes continues to grow, scalability is increasingly important. One of the key bottlenecks that emerged as clusters got larger was related to network endpoints. They became quite slow at scale, and had limitations preventing them from growing beyond approximately 5,000 endpoints per Service.

In this talk, Rob will show how the scalability of network endpoints has been dramatically increased in Kubernetes. He’ll cover the design and implementation of EndpointSlices, along with the impact they’ve had. He’ll walk through the process of profiling key components in the Kubernetes codebase to identify areas that could be optimized. Finally, he’ll show how all this work has improved Kubernetes network scalability, including real world performance metrics from large clusters with over 100,000 endpoints.

Speakers
avatar for Minhan Xia

Minhan Xia

Software Engineer, Google
Minhan Xia has been a member of Kubernetes networking team at Google since K8s 1.0 2015. He has contributed to various aspects of K8s networking, including pod networking, K8s service and K8s ingress.
avatar for Rob Scott

Rob Scott

Software Engineer, Google
Rob Scott is a Software Engineer at Google focused on improving networking in Kubernetes. He has a wide variety of experience with Kubernetes, both as an end user and as a developer. Most recently, he led the development of the EndpointSlice API in Kubernetes. He is an author of the... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Hubble - eBPF Based Observability for Kubernetes - Sebastian Wicki, Isovalent
Troubleshooting network issues in Kubernetes often requires deep insight into different layers of your stack. Hubble is a new open-source observability platform that aims to assist you in understanding what is going on in all layers of your Kubernetes network. Based on the Cilium CNI and the Linux kernel eBPF technology, it is able to obtain fine-grained visibility into network traffic and applications behavior, with low overhead and without having to modify applications.

In this talk, you will get a introduction into Hubble, and the technologies that power it, the Cilium CNI and eBPF. You will be presented with practical examples of how Hubble can be used to interactively troubleshoot complex network issues. The talk will show how to write custom Hubble metrics which allow you to benefit from eBPF's superpowers without having to write or understand any kernel code.

Speakers
SW

Sebastian Wicki

Software Engineer, Isovalent
Sebastian Wicki is a software engineer currently working on Hubble and Cilium at Isovalent. Previously he worked on distributed stream processing systems for real-time data center network monitoring and analytics at ETH Zurich.


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

The Path to Painless Multi-cluster Orchestration - Cecile Robert-Michon, Microsoft & Vince Prignano, VMware
As a Kubernetes administrator, is it possible to manage multiple clusters with ease and open source tools? Absolutely!

Experience has proven that, in most situations, relying on a single large production cluster is an anti-pattern: it increases blast radius and failure domain while reducing flexibility and cross-team velocity. However, running dozens or hundreds of clusters can be daunting.

In this talk, Cecile and Vince will share how they’ve managed the lifecycle of multiple clusters using Cluster API, from creation to ongoing production maintenance. Cluster API is a Kubernetes SIG project that extends the Kubernetes APIs to allow managing cluster lifecycle of Kubernetes clusters in different environments, both on-prem and in-cloud.

Attendees will walk away with knowledge about different cluster management challenges and ways to automate and operate clusters at scale.

Speakers
avatar for Cecile Robert-Michon

Cecile Robert-Michon

Software Engineer, Microsoft
Cecile Robert-Michon is a software engineer at Microsoft working on the Azure Cloud Native Compute team, where she spends most of her time contributing to various open source projects. She speaks French, English and Spanish and studied engineering at McGill University in Montreal... Read More →
avatar for Vince Prignano

Vince Prignano

Senior Software Engineer, VMware
Vince Prignano is a Sr. Member of the Technical Staff at VMware, core contributor to Kubernetes, SIG-Cluster-Lifecycle, and Cluster API maintainer.


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

11 Ways to Disrupt Your etcd Cluster and 11 Ways to Save It - Gyuho Lee, Amazon & Wenjia Zhang, Google
As the most critical component to Kubernetes control plane, etcd provides strong consistency and durability of cluster metadata. The performance of etcd plays a major role for Kubernetes cluster scalability. In this presentation, we would like to share the lessons learned from operating etcd clusters for large cloud providers. We will review common scalability challenges for Kubernetes workloads, and discuss how etcd performance improvement could help. Furthermore, we will share interesting (but disruptive!) Kubernetes use cases that created noticeable delays to cluster, or made cluster completely inaccessible.

Speakers
avatar for Wenjia Zhang

Wenjia Zhang

Software Engineer, Google
Wenjia Zhang is a Software Engineer on GKE team at Google. She is an active contributor for both Kubernetes and etcd open source projects.
avatar for Gyuho Lee

Gyuho Lee

Software Developer Engineer, Amazon Web Services, Inc.
Gyuho is working on AWS EKS and a lead etcd maintainer. He loves to talk about distributed systems, and is passionate about making complex systems easier to understand.


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

How This Innocent Image Had a Party in My Cluster - Amir Jerbi & Itay Shakury, Aqua Security
As security practices and tools for scanning container images are becoming increasingly popular, malicious actors are introducing sophisticated techniques to obfuscate their intent and evade scanning tools. The malware they plant cannot be detected using static analysis, or based on signatures. But dynamic analysis that runs the image, and then traces the activity of the running container can detect and document the entire multi-stage attack.

In this talk, we will review the evolution of these attacks as observed by Aqua’s security research team, and demonstrate the full chain of events and IoCs (indicators if compromise) that were detected. We will give practical advice on what developers and cluster admins should do to detect similar techniques, and the security controls the should be employed to reduce the chances of such an attack succeeding, as well as reduce its potential impact.

Speakers
IS

Itay Shakury

Aqua Security
AJ

Amir Jerbi

Co-founder and CTO, Aqua Security
Amir is the co-founder and CTO of Aqua Security, which he started 4 years ago. Before joining Aqua , he was the Chief Architect at CA Technologies and has 14 cloud and virtual security related patents and published papers. Amir is the co-organizer of the Tel Aviv Cloud Native Computing... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Building a Distributed API Gateway with a Service Mesh - Rei Shimizu, Waseda University & Cynthia Coan, Tetrate
API Gateways are going through an identity crisis. As microservice architectures proliferate we're learning that really, we need API Gateway functionality between all of our services, and not just at ingress where API Gateways have been deployed traditionally. The ability to dynamically extend Envoy at runtime via WASM opens the door for many new capabilities, including moving API Gateway functionality into the service mesh layer.

In this talk, we'll explore how we helped extend Envoy to support executing WASM as a safe, sandboxed way to run arbitrary code in the proxy. We'll then go further by showing how we used WASM to move functionality typically reserved for the edge of our deployments - API Gateway functions like token validation, rate limiting, and payload transformation - into the service mesh in a real user's deployment.

Speakers
avatar for Rei Shimizu

Rei Shimizu

Student, Waseda University
Rei is a computer engineering student at Waseda University, Japan. He is also a contributor to the Envoy proxy project.
avatar for Cynthia Coan

Cynthia Coan

Software Engineer, Tetrate
Cynthia is a software engineer at tetrate trying to make networking a little less terrible for everyone. She works frequently on Envoy, and it's related projects.


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Five Great Ways to Lose Data on Kubernetes (And How to Avoid Them) - Robert Hodges, Altinity LTD
Databases and stateful apps are gravitating rapidly to Kubernetes, so the sorrows of accidental data loss cannot be far behind. As long-time database engineers and authors of the ClickHouse Kubernetes operator, our team has seen lots of imaginative ways to lose data. We also learned how to prevent them.

The talk starts with standard high availability/disaster recovery models used in DBMS and demonstrates that classic ways to lose data are still alive and well on Kubernetes. We'll then pivot to Kubernetes-specific disasters-in-waiting, such as the PV that wasn't, affinity afflictions, and the dreaded fat fingers of fate. The talk will help instill a healthy sense of paranoia and give listeners tools to ensure their experiences with cloud-native data will be happy ones.

Speakers
RH

Robert Hodges

CEO, Altinity LTD
Robert Hodges is the CEO of Altinity, a software and services provider for ClickHouse. He is also a database geek has used or worked on over 20 different database systems. Additional technical interests include distributed systems, Kubernetes, and open source. He is an organizer of... Read More →


Tuesday August 18, 2020 16:35 - 17:10
TBA

16:35

Tutorial: Kubernetes Runtimes: Translating your Docker skills to containerd - Bret Fisher & Jérôme Petazzoni
You know some Docker and Kubernetes basics, and now you're learning that your clusters will use containerd and not Docker for a container runtime. What does that mean, and what do you need to learn? Lead by Docker Captain Bret Fisher and Kubernetes Trainer Jérôme Petazzoni, this tutorial will take you through containerd basics on your own cloud instance, while you learn the differences in the two leading container runtimes.

Who is this tutorial for?

Anyone who's planning to use containerd as their Kubernetes runtime.

What You'll Learn

- Hands-on installing containerd for Kubernetes
- Transitioning your Docker skills to containerd
- Understanding containerd configuration
- Practicing the ctr CLI
- Testing optional features of containerd
- Learning the pros and cons of each
- Testing options for using both

Prerequisites

- Computer with SSH
- Knowledge of the Docker basics

Speakers
avatar for Jérôme Petazzoni

Jérôme Petazzoni

Tinkerer Extraordinaire, Independent
Jérôme was part of the team that built, scaled, and operated the dotCloud PAAS, before it became Docker. He worked seven years at the famous container company, wearing various hats. When he's not busy with computers, he collects musical instruments. He can arguably play the theme... Read More →
avatar for Bret Fisher

Bret Fisher

Docker Captain & DevOps Dude, Independent
Bret's a freelance DevOps and container consultant, trainer, speaker, and open source volunteer working from Virginia Beach, USA. He's a Docker Captain and the author of the popular Docker Mastery and Kubernetes Mastery series on Udemy with over 130k students. Bret hosts a weekly... Read More →


Tuesday August 18, 2020 16:35 - 18:05
TBA

17:30

Session: To Be Announced
Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Advanced Interactions with Kubernetes (As Taught by Helm) - Taylor Thomas, Microsoft
Helm is well-known as the package manager for Kubernetes. However, it is less well-known as a showcase for advanced interactions with the Kubernetes libraries and APIs. Using some of the Helm code as a backdrop, this talk will dive into the nitty gritty details of checking the status of various workload API objects, complex patching needs, validation, and more! If you are interested in extending or building on top of Kubernetes, this talk will help you get you acquainted with various Kubernetes libraries and show concrete examples of complex interactions with those libraries.

Speakers
avatar for Taylor Thomas

Taylor Thomas

Senior Software Engineer, Microsoft
Taylor Thomas is a Senior Software Engineer working on Helm and other open source tooling at Microsoft. He has been involved with containers and Kubernetes platforms at Intel, Nike, and Microsoft and is one of the core maintainers of Helm. He currently lives in the Utah area and enjoys... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Migrating Transactions Worth Billions of $ to Service Mesh With No Downtime - Mahendra Kariya & Shishir Joshi, Gojek
The word “Fintech” is generally associated with legacy systems and technologies. But that’s not the case at Gopay, one of the biggest payments companies in South East Asia. Gopay processes transactions worth billions of dollars, with peak scale of more than 15000 financial transactions per minute. Gopay has heavily adopted Kubernetes to run its few hundred microservices and has very recently migrated to a service mesh based architecture.

This talk is a case study of why Gopay chose to move to service mesh, and how it was accomplished with zero downtime. Mahendra will cover some of the critical decisions made by the team, the overall approach for migration, along with a few interesting war stories. He will also discuss the criticality of monitoring the health of service mesh and how the team is doing it using Prometheus and Cortex.

Speakers
avatar for Mahendra Kariya

Mahendra Kariya

Tech Lead, GOJEK
Mahendra joined Gojek back in 2016, when it was a unicorn. He is part of the core engineering team, that has seen the company become the first decacorn of Indonesia. Currently, Mahendra is leading the initiative to migrate Gopay - a Gojek product and the leading digital payments ecosystem... Read More →
avatar for Shishir Joshi

Shishir Joshi

Product Engineer, Gojek
Interested in distributed systems, code and software practices. He has been writing code for 17 years and started earning a wage by writing code for 8 years.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Where to Put All That YAML: Secure Content Management for Cloud Native Apps - Ryan Abrams, Mirantis
An important part of the CI/CD toolchain for cloud-native apps is managing the content. In addition to your actual source code, container images and Helm Charts and Kubernetes Object YAMLs are all part of bringing apps into production. They are your intellectual property and must be managed carefully.

The OCI distribution spec under the Linux Foundation was originally designed for container images, but the manifest and index definitions in the spec are quite flexible. This means it’s possible to support newer artifact types using the OCI distribution spec, including Helm Charts, build caches, snapshots and other YAML files, with some minor modifications, leveraging the same OCI-compliant registries to support more than just containers.

In this talk, Ryan Abrams will discuss the common traits of different configuration formats and how you can use existing tools to support them.

Speakers
RA

Ryan Abrams

Staff Engineer, Mirantis
Ryan Abrams is a functional architect and engineering leader at Docker and now Mirantis. A frequent contributor to many open source projects, Ryan has also graced the mainstage at DockerCon, executing live demos in front of thousands.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Developing the Kubernetes Python Client - Scott Lee, Facebook
The Kubernetes Python client allows users to programmatically interact with clusters using the Python language. With Python being one of the most popular programming languages, the Python client provides a way for those unfamiliar with Golang to still reap the benefits of a code interface to Kubernetes. This session will cover the repositories and resources that are used to generate the Python client and dive into examples of how the client is used.

This talk will also cover how to get involved as a contributor to the Python client by covering processes and resources.

Note: Brendan Burns gave a talk titled "!go, Interacting with and Extending Kubernetes in a Polyglot World" but it covered Kubernetes clients generally while this talk is specifically about the Kubernetes Python client and dives deeper into the nuances of the client and how to get involved as a contributor.

Speakers
avatar for Scott Lee

Scott Lee

Systems Engineer, Facebook
Scott Lee is a contributor to the Kubernetes project, mainly to the Kubernetes Python client. He also contributes to Kubeflow test infra.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Panel: CNCF Ambassadors: Building the Cloud Native Community –  Ihor Dvoretskyi, CNCF; Kasper Nissen, Lunar; Alison Dowdney, Weaveworks; Jessica Andersson, Meltwater; & Saiyam Pathak
As the adoption of Cloud Native increases, the need for local communities increases. End users are looking for others in similar situations to share experiences and learn from each other. CNCF helps and supports local organizers through the meetup and ambassador program. In this session, the panelists will share their experiences in building and scaling local communities around the Cloud Native ecosystem. How can you get started? Where do you find speakers and venues? How to keep the momentum? These are just a few of the questions the panelists will try to answer.

Speakers
avatar for Kasper Nissen

Kasper Nissen

Lunar, Site Reliability Engineer
Kasper is a Cloud Native Computing Foundation Ambassador and organizes meetups in Denmark. He works as a Site Reliability Engineer at Lunar, previously worked as a DevOps & Infrastructure Consultant at LEGO. Kasper wrote his master thesis, “KubeCloud - A Small Scale Cloud Computing... Read More →
avatar for Alison Dowdney

Alison Dowdney

Customer Reliability Engineer, Weaveworks
avatar for Ihor Dvoretskyi

Ihor Dvoretskyi

Developer Advocate, Cloud Native Computing Foundation
Bio: Ihor Dvoretskyi is a Developer Advocate at Cloud Native Computing Foundation (CNCF), closely working with the open source communities within the Cloud Native ecosystem (including Kubernetes, Helm, and others). At CNCF, Ihor helps in driving multiple developer relations programs... Read More →
avatar for Saiyam Pathak

Saiyam Pathak

Software Engineer, WalmartLabs
Saiyam is a Software Engineer working on a multi-cloud kubernetes project at Walmart Labs with a focus on creating and managing the Machine Learning ecosystem. Previously at HP and Oracle, Saiyam has worked on many facets of k8s including scaling, multi-cloud, managed k8s services... Read More →
avatar for Jessica Andersson

Jessica Andersson

Infrastructure Engineer, Meltwater
Jessica is an Infrastructure Engineer at Meltwaters platform team located in Gothenburg, Sweden. She is also co-organizer of the meetup Kubernetes Göteborg.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Using Kubernetes to Build Better Kubernetes Networking and Autoscaling - Ahmet Alp Balkan & Spencer Small, Google
While Kubernetes revolutionized the infrastructure management, it still falls short of effectively running microservices, since it doesn't distinguish between stateless HTTP-based apps and regular workloads like batch jobs.

For example, Kubernetes cannot natively perform traffic splitting, blue/green deployments, or evenly distributed load-balancing. Similarly, Kubernetes autoscaling cannot handle spiky traffic without dropping in-flight requests, or scale Pods down to zero when there are no requests.

This talk will be about Knative Serving, which is a set of controllers built on Kubernetes to simplify mentioned network and autoscaling problems. By inspiring developers with the ideas learned from developing Knative, operators can extend Kubernetes themselves or adopt these practices to simplify running microservices on Kubernetes and make it more approachable to their dev teams.

Speakers
avatar for Ahmet Alp Balkan

Ahmet Alp Balkan

Developer Advocate, Google
Ahmet Alp Balkan is a Software Engineer at Google, working on developer experiences for open source technologies like Kubernetes and Knative. He is the maintainer of developer tooling like kubectx.dev and krew.dev, which is a Kubernetes SIG CLI sub-project. At Google, he works on... Read More →
avatar for Spencer Small

Spencer Small

Software Engineer, Google
Spencer Small is a Software Engineer who believes that developer time should be spent solving business problems. Any time spent on infrastructure or tooling that does not deliver business value is an opportunity to automate and simplify. Spencer\'s love/hate relationship with Kubernetes... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Fluentd: Introduction to Cloud Native Logging - Masahiro Nakagawa & Yuta Iwama, Arm Treasure Data
Logging for cloud-native applications and environments is a continuous challenge from an operational perspective. Fluentd offers a full logging layer than can be accommodated and extended as required to solve any logging need. In this Fluentd session, you will learn about its administration and log processing from a general perspective.

Speakers
MN

Masahiro Nakagawa

Principal Engineer, Arm Treasure Data
Fluentd maintainer
YI

Yuta Iwama

Software Engineer, Arm Treasure Data
Fluentd maintainer


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Intro: SIG Scalability - Wojciech Tyczynski & Matt Matejczyk, Google
This session will focus on the different efforts that SIG Scalability is involved in: defining what scalability means for Kubernetes, driving performance improvements, maintaining infrastructure for scalability testing, guarding Kubernetes against performance regressions. Time for Q&A will be reserved at the end of the session to understand how the SIG can better engage with the community as well as to allow the audience to provide the input about the roadmap.

Speakers
avatar for Wociech Tyczynski

Wociech Tyczynski

Staff Software Engineer, Google
Wojciech is working on Google Technical Infrastructure & Cloud since 2012. Since February 2015 he works on Kubernetes and Google Kubernetes Engine. With the main focus on scalability, performance and availability, he gained experience and contributed to many Kubernetes features and... Read More →
avatar for Matt Matejczyk

Matt Matejczyk

Senior Software Engineer, Google
Matt is a senior software engineer at Google and co-chair of SIG Scalability.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Introduction to Windows Containers in Kubernetes - MICHAEL MICHAEL, VMware & Mark Rossetti, Microsoft
The leaders of SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This will concentrate on presenting an introduction of Windows Containers in Kubernetes and new features that are being delivered.

Speakers
avatar for Michael Michael

Michael Michael

Director of Product Management, VMware
Michael Michael (or M2 as he's known) is VMware's Director of Product Management. He is currently working on cloud native technologies, delivering agility and simplicity to developers and accelerating the modernization of enterprise applications. Michael co-chairs SIG-Windows, one... Read More →
MR

Mark Rossetti

Principal Software Engineer, Microsoft


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

KubeEdge: Kubernetes Native Edge Computing Framework (Intro) - Yin Ding, FutureWei
KubeEdge is an open source edge computing framework that extends the power of kubernetes from central cloud to edge. It provides application management and service communication across cloud and edge sites, device management for multiple IoT/Edge device communication protocols with lightweight implementation. During this talk, Kevin and Jie will review KubeEdge motivation, architecture; then go through latest updates on new features and user adoptions. After that Kevin and Jie will introduce where the project is heading to and how new contributors to get involved. There will be an open Q&A for attendees to ask questions.

Speakers
YD

Yin Ding

FutureWei


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Kubernetes Cloud Providers are (Finally) Being Removed - Walter Fender, Google
The in-tree Kubernetes cloud providers are finally being removed! The on-going effort by SIG Cloud Provider to remove the in-tree Kubernetes cloud providers is coming closer to an end as more users adopt external (a.k.a out-of-tree) cloud providers. In this session, The speaker will give a project update highlighting the importance of this work for the project's health and how users can prepare for this upcoming change. Lastly, they will do a live cluster upgrade on every remaining in-tree cloud provider (AWS, Azure, GCP, OpenStack and vSphere), migrating clusters from using in-tree cloud providers to out-of-tree cloud providers.

Speakers
WF

Walter Fender

Software Developer, Google
Graduated from U.C. Berkeley. Working at Google and on Kubernetes API Machinery, Cloud Provider and Node for three years.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Open Policy Agent Introduction - Rita Zhang, Microsoft & Patrick East, Styra
Come to this session to learn about the Open Policy Agent (OPA) project. OPA is a general-purpose policy engine that solves a number of policy-related use cases in Kubernetes and the wider cloud native ecosystem. During this session the OPA maintainers will introduce the project and then provide updates on the latest and greatest features to land in OPA and OPA Gatekeeper.

Speakers
avatar for Rita Zhang

Rita Zhang

Principal Software Engineer, Microsoft
Rita Zhang is a software engineer at Microsoft, based in San Francisco. She is on the Azure Cloud Native Compute team building features for Kubernetes upstream and for Azure Kubernetes Service. Rita is a maintainer of the OPA Gatekeeper project. Rita is passionate about open source... Read More →
avatar for Patrick East

Patrick East

Senior Software Engineer, Styra


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Save Your Services from Sneaky Snoops With SPIFFE? - Daniel Feldman & Emiliano Berenbaum, Scytale
Lurking inside almost every cloud native project is a hidden threat: hardcoded credentials for services like external APIs and databases. While these credentials can be set to long random strings and encrypted, they still can be stolen by an intruder or accidentally misused by insiders. In this talk, we’ll demonstrate how to use CNCF’s SPIFFE and SPIRE Projects to securely authenticate to workloads such as PostgreSQL, MongoDB, and AWS from inside your services, all without any hardcoded credentials -- eliminating an entire class of security vulnerabilities while decreasing your work as a DevSecOps team.

Speakers
avatar for Emiliano Berenbaum

Emiliano Berenbaum

CTO, Scytale
Before co-founding Scytale, Emiliano was a principal engineer at Splunk, where he helped lead the engineering effort to convert Splunk into an entirely SaaS offering and platform. Previously, he was Okta’s founding employee, where he worked on all aspects of the SaaS offering, culminating... Read More →
avatar for Daniel Feldman

Daniel Feldman

Software Engineer, Scytale
Daniel Feldman is a Scytale software engineer who is making networks more secure by implementing SPIFFE zero-trust security. Before joining Scytale, he worked at Veritas, implementing zero-trust security for NetBackup enterprise backup software which is used by more than 10,000 c... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Hacking on Network Sevice Mesh Dataplane for a True Multi-cloud Experience - Aleksandra Kowalska, Netcompany & Jaroslaw Lukow, Argo9
In this session the presenters will guide you through integrating Network Service Mesh with the Tungsten Fabric SDN controller as the dataplane tunnel provider. The session will bring both information about the NSM architecture and its use-cases. The TF's ubiquity of integrations (Kubernetes, OpenStack, VMware, physical appliances etc.) enables to demonstrate the true concept of cloud-native networking - when the location of the network service is irrevelant to the consumer and she can focus only on the required functionality. Thus, we can mix and match different clusters, orchestrators and technologies to provide a flexible networking environment.

Speakers
avatar for Aleksandra Kowalska

Aleksandra Kowalska

DevOps Engineer, Netcompany
Aleksandra is an experienced Software Engineer that started to work as a DevOps Engineer to help bridge the gap between software and infrastructure. She works with Kubernetes-based clouds and develops tooling focused around automation and CI/CD. She is passionate about bringing the... Read More →
JL

Jarek Lukow

DevOps Engineer, Nine Fives Labs


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Make Prometheus Use Less Memory and Restart Faster - Ganesh Vernekar, Grafana Labs
These days, the most common reason for a Prometheus server to run out of memory is an excessive amount of time series in the so called head block, the part of the internal TSDB with the freshest data, which has to be kept in memory prior to consolidation into a block on disk. A large head block leads to a long restart time because the head block has to be rebuilt from the write-ahead log. On large servers, the restart time can be 10 minutes or more. Since restarts happen regularly to upgrade the binary or to change flags, the resulting interruption of sample collection is problematic. Even worse: After an OOM crash, the same replaying from the WAL has to happen, often causing another OOM crash immediately. Ganesh Vernekar will talk about the work started in late 2019 to persist parts of the head block earlier, thereby reducing both the memory footprint and the restart time.

Speakers
avatar for Ganesh Vernekar

Ganesh Vernekar

Software Engineer, Grafana Labs
Ganesh Vernekar is a Software Engineer at Grafana Labs, a Prometheus member and maintainer of Prometheus\' storage engine. He graduated with Bachelors in 2019 and works on Prometheus and Cortex full-time.


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Building, Managing and Automating Clusters at Scale With Prow - Mike Splain, Sonos
Whether building your first or 100th Kubernetes cluster, it eventually becomes clear– this must be automated. These days, building and customizing a cluster is pretty straight forward based on your required workloads, infrastructure and tooling. The real hard work comes when answering the question, how do we manage this long term?

In this talk you’ll learn how we accelerated our automation at Sonos by moving our cluster management to the CI system built and trusted by Kubernetes itself, Prow. We will start at the basics of Prow and work up to why it was a great fit for us. Finally we’ll show how it all works and discuss how to approach your own cluster automation at scale.

Speakers
avatar for Mike Splain

Mike Splain

Senior DevOps Engineer, Sonos
Mike Splain has been hacking on Kubernetes since the pre-1.0 days, and has taken multiple companies from Kubernetes project inception to full production employments. He has written multiple kubernetes deployment frameworks and is a maintainer on Kubernetes kops. Mike founded the Kubernetes... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Performance Optimization – Rook on Kubernetes - Mark Darnell & Ryan Tidwell, SUSE
Storage systems like Ceph require maximum performance from their underlying platforms, historically relying on custom silicon or bare metal access. Rook, a containerization of Ceph, will potentially require optimization of the network stack in order to match Ceph’s bare-metal performance capabilities.

Join us as we walk the audience through the measurement, discover, and optimization processes, leveraging different architectures and CNI plugins to optimize Rook/Ceph on K8s.

Speakers
MD

Mark Darnell

Senior Product Manager, SUSE
Mark has worked positions from senior engineer through C-level in verticals ranging from storage through ERP and aerospace and telecom to software-defined infrastructure. He currently works at SUSE as the senior product manager for networking across SUSE's product portfolio.
RT

Ryan Tidwell

Senior Network Engineer, SUSE
Ryan Tidwell is a contributor to several open source networking projects. He is well-versed in developing tools for operating on-premise clouds, building SDN controllers and applications, and navigating the world of open source. Ryan has experience as both a developer and an operator... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Making Compliance Cloud Native - Ann Wallace & Zeal Somani, Google
If you’re in a highly-regulated industry, you likely have compliance requirements which make it challenging to adopt containers. Traditional compliance frameworks such as PCI and ISO 27001 were written for traditional architectures and have not yet adapted to cloud-native technologies.

We’ll first discuss misconceptions that auditors believe about cloud-native technologies and architectures. Then, we will demonstrate how to meet compliance requirements – like segmentation, encryption, supply chain management, and monitoring – in a containerized environment, using our OSS K8S compliance starter kit. Lastly, we will share techniques for communicating these learnings with audit and compliance officers.

Attendees will come away from this talk with knowledge of how technologies like Kubernetes can actually make compliance easier and how to shift left security and compliance requirements.

Speakers
avatar for Ann Wallace

Ann Wallace

Security Lead, Google
Ann Wallace is the Security Lead for Google Cloud PSO and a PCI Internal Security Assessor (ISA) for Google. She works with customers to help make their workloads PCI compliant, and co-wrote Google’s guidance for running PCI compliant workloads on GKE. Before Google, Ann spent 14... Read More →
avatar for Zeal Somani

Zeal Somani

Security and Compliance Specialist CE, Google
Zeal Somani is a Security and Compliance Specialist within the Customer Engineering team at Google Cloud. At Google, Zeal helps customers migrate to the Google Cloud Platform by addressing their security and compliance requirements. She co-wrote Google’s guidance for running PCI... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Panel: Are Cloud Native 5G Core Network Functions (NFs) Truly Manageable & Secure? - Ramki Krishnan, VMware; Srini Addepalli, Intel; Heather Kirksey, The Linux Foundation; Tom Kivlin, Vodafone; & Balaji Ethirajulu, Ericsson
In the transition towards Cloud Native, 5G Core NFs has an interesting architectural mix of HTTP 2.0 and other network I/Fs.

In this panel, we first examine the various manageability/security/visibility challenges of the 5G Core NFs in K8S with 1) Multiple network I/Fs for high performance data plane NFs and for isolation for all NFs 2) Chaining of NFs that are distributed across K8S clusters.

While multi-cluster L7 Service Mesh (Istio, Linkerd etc.) seems to be a reasonable solution choice especially for HTTP-based functions, there are unique challenges posed by other NFs operation with other protocols and at lower layers. We will explore options such as an integrated Layer 2-7 service mesh approach leveraging open source efforts such as Open Virtual Network (OVN) to address these challenges - e.g. inter node/cluster secure communication using for Layer 7 TLS or Layer 2-4 IPSEC.

Speakers
avatar for Ramki Krishnan

Ramki Krishnan

Lead Technologist, Open Source, VMware
Ramki, with 20+ years of industry experience, has a deep understanding of various technologies and strong business acumen to lead and transform innovation into customer-winning products. Currently, at VMware, he is responsible for Telco/Enterprise open source technology vision, strategy... Read More →
avatar for Heather Kirksey

Heather Kirksey

VP, Community & Ecosystem Development, The Linux Foundation
Heather Kirksey works with the community to advance the adoption and implementation of open source NFV platforms. Before joining The Linux Foundation, she led strategic technology alliances for MongoDB. Earlier in her career she held various leadership positions in the telecom industry... Read More →
avatar for Balaji Ethirajulu

Balaji Ethirajulu

Senior Director Product Management, Ericsson
Balaji Ethirajulu is a senior director of product management at Ericsson, driving technologies in the areas of open source, automation, orchestration, NFV, SDN, 5G, cloud-native, edge computing, networking, and IoT. He has more than 25 years of experience in product management, technology... Read More →
SA

Srini Addepalli

Sr. Principal Engineer & Chief Architect, Intel
Srini Addepalli has over 22+ years of experience in networking, security, analytics and automation. He has been in Intel for last 3 years working as Sr. Principal Engineer & Chief Architect. In his current role, he technically leads the software engineering & architecture activities... Read More →
avatar for Tom Kivlin

Tom Kivlin

Principal Cloud Orchestration Architect, Vodafone
Tom, with over 15 years of experience in building and operating infrastructure and software within the Telco industry, is passionate about using modern technology and operating practices to deliver real business value. Currently, at Vodafone Group, he is responsible for defining... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA

17:30

Zero Downtime Data Relocation with Vitess - Liz van Dijk & Deepthi Sigireddi, PlanetScale
Vitess has a flexible sharding architecture and natively supports "cells" which correspond to infrastructure located in multiple locations. This allows for the creation of jurisdiction-aware database clusters that solve data locality without having to re-architect your application. Also, Vitess's built-in support for resharding workflows makes migrating from existing databases into databases resident in multiple locations easy.
In this talk the speakers will show how to build a custom sharding scheme in Vitess that respects data locality requirements. They will then demonstrate a database cluster built using this scheme that enables transfer of existing data belonging to people from 8 different countries from one jurisdiction to four(4) separate jurisdictions with zero downtime at the application level.

Speakers
avatar for Deepthi Sigireddi

Deepthi Sigireddi

Software Engineer, PlanetScale
Deepthi is a Software Engineer at PlanetScale, where she focuses on support and new feature development for Vitess, a CNCF project. She is an active Vitess maintainer who loves to talk about how technology is changing the world.
avatar for Liz van Dijk

Liz van Dijk

Solution Architect, PlanetScale
T(h)inker, Freelancer, Operational Swiss Army Knife. Coming from an engineering background, currently 100% focused on building solutions that accelerate all areas of business operations. Though strongly rooted in tech, Liz\'s true passion lies in understanding the drive and motivations... Read More →


Tuesday August 18, 2020 17:30 - 18:05
TBA
 
Wednesday, August 19
 

09:00

Keynote: Opening Remarks - Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Software Engineer, Splunk
Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Splunk
Constance is a senior software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and maintained... Read More →


Wednesday August 19, 2020 09:00 - 09:05
TBA

09:05

Keynote: Kubernetes Project Update - Vicki Cheung, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Engineering Manager, Lyft
Speakers
avatar for Vicki Cheung

Vicki Cheung

Engineering Manager, Lyft
Vicki is an engineering manager at Lyft, where she helps drive the company-wide Kubernetes migration. Previously, she was the Head of Infrastructure and founding engineer at OpenAI, where she and her team built out their Kubernetes-based deep learning infrastructure.


Wednesday August 19, 2020 09:05 - 09:20
TBA

09:22

Sponsored Keynote: The Kubernetes Effect - Igniting Transformation in Your Team - Briana Frank, Director of Product, IBM Cloud
Kubernetes and Cloud Native architecture has begun to ignite transformation within companies in every industry. Growing from that first container project, team are starting to change how they build, work, collaborate and invent. Briana Frank will share how Kubernetes is the catalyst for this enterprise transformation and how to maximize the impact for your organization.

Speakers
avatar for Briana Frank

Briana Frank

Director of Product, IBM Cloud
Briana directs the Product Management teams within IBM Cloud Developer Services. Briana lead the Offering Management and Design teams that built the IBM Cloud Kubernetes service in 5 months and now manages 10's of thousands of clusters worldwide. Briana believes in creating exceptional... Read More →


Wednesday August 19, 2020 09:22 - 09:27
TBA

09:29

Keynote: How to Love K8s and Not Wreck the Planet - Holly Cummins, Worldwide IBM Garage Developer Lead, IBM
The past five years have been the warmest since records began. Human activity, including the IT industry, is driving worrying climate change. Data centres alone consume 3% of the world's energy, and more and more of that energy is being used by Kubernetes and workloads running on Kubernetes. Is k8s helping, or making things worse?

The beauty of the cloud is that it makes it easy to run code, virtualised and scheduled for efficiency... but it doesn't provide any guarantee that what's running is useful. Even when the workload is high-value and efficient, Kube sprawl can lead to low utilisation, unsatisfactory elasticity, and high costs - but mega-mono-clusters have their own problems around isolation, security, and management. How should these competing requirements be balanced? This talk discusses some of the trade-offs and provides a roadmap to figuring out the right thing.

Speakers
avatar for Holly Cummins

Holly Cummins

Worldwide IBM Garage Developer Lead, IBM
Holly Cummins is the worldwide development practice lead for the IBM Garage. As part of the Cloud Garage, Holly delivers technology-enabled innovation to clients across a range of industries, from banking to catering to retail to NGOs. She has led projects to count fish, help a blind... Read More →


Wednesday August 19, 2020 09:29 - 09:44
TBA

09:46

Sponsored Keynote: Keep It Simple - A Human Approach to Coping with Complexity - Hannah Foxwell, Associate Director, Platform Services, VMware Pivotal Labs
We humans are simple creatures. Our focus is finite. Wrestling with complexity can overwhelm and demotivate even the smartest engineers, but there are ways we can make life a little easier. In this talk Hannah will propose a human approach to coping with complexity—something we all need to consider when building successful engineering teams—and will share how to begin applying user-centric design to reduce the cognitive load on developers.

Speakers
avatar for Hannah Foxwell

Hannah Foxwell

Associate Director - Platform Services, VMware Pivotal Labs
Hannah has spent her career building incredible Software Engineering Teams and continues that work today helping her customers create wildly successful Platform Teams as part of VMware Pivotal Labs. Hannah is organiser of DevOpsDays London and HumanOps London.


Wednesday August 19, 2020 09:46 - 09:51
TBA

09:53

Keynote: To Be Announced
Wednesday August 19, 2020 09:53 - 10:08
TBA

10:08

Keynote: Closing Remarks - Constance Caramanolis, KubeCon + CloudNativeCon Europe 2020 Co-Chair & Software Engineer, Splunk
Speakers
avatar for Constance Caramanolis

Constance Caramanolis

Software Engineer, Splunk
Constance is a senior software engineer at Splunk, formerly Omnition, contributing to OpenTelemetry. Previous to Omnition, she worked at Lyft as part of the data platform and server networking teams. While at Lyft, Constance built, deployed, and configured Envoy internally, and maintained... Read More →


Wednesday August 19, 2020 10:08 - 10:10
TBA

10:10

Sponsor Showcase
Wednesday August 19, 2020 10:10 - 17:45
TBA

10:55

Architectural Caching Patterns for Kubernetes - Rafał Leszko, Hazelcast
Kubernetes brings new ideas of how to organize the caching layer for your applications. You can still use the old-but-good client-server topology, but now there is much more than that. This session will start with the known distributed caching topologies: embedded, client-server, and cloud. Then, I'll present Kubernetes-only caching strategies, including:
- Sidecar Caching
- Reverse Proxy Caching with Nginx
- Reverse Proxy Sidecar Caching with Hazelcast
- Envoy-level caching with Service Mesh

In this session you'll see:
- A walk-through of all caching topologies you can use in Kubernetes
- Pros and Cons of each solution
- The future of caching in container-based environments

Speakers
avatar for Rafał Leszko

Rafał Leszko

Cloud Software Engineer, Hazelcast
Cloud software engineer at Hazelcast, author of the book "Continuous Delivery with Docker and Jenkins", trainer, and conference speaker. He specializes in Java development, Cloud environments, and Continuous Delivery. Former employee in a number of companies and scientific organizations... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Accelerating Drug Discovery by Competitive Cooperation Through Open Source - Bill Mulligan, Loodse & Camille Marini, Owkin
Historically, pharmaceutical companies have kept their machine learning (ML) models and data strictly confidential. The EU/EFPIA IMI2 Joint Undertaking funded “MELLODDY” (Machine Learning Ledger Orchestration for Drug Discovery, Grant n° 831472) initiative, a 3 year 18.4M EUR effort, brings together 10 leading pharma companies and 7 tech partners to build a new collaborative ML platform that boosts drug discovery model development while addressing both security and privacy preservation concerns (including commercial confidentiality). Kubernetes provides the consistent computing infrastructure across companies ensuring that data owners maintain control while running the common ML software and sharing the resulting models. This project demonstrates the potential of Kubernetes to accelerate drug discovery and enable cooperative competition in IP-sensitive industries.

https://www.melloddy.eu/
https://www.imi.europa.eu/projects-results/project-factsheets/melloddy

Speakers
CM

Camille Marini

VP of Engineering, Owkin
BM

Bill Mulligan

Kubernetes Advocate, Loodse


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

KinD-ly Validating Your K8s Apps Automatically Per PR - Sarah Khalife, GitHub & Grant Griffiths, Portworx
Kubernetes application developers working on successful projects thrive on collaboration that is transparent, consistent, and rigorous. This is one of the reasons many open source projects excel. However, a common pitfall that app developers face is manually testing against inconsistent environments. Testing k8s application correctness can differ per developer environment. It is also very time consuming to spin up and down k8s clusters. In this talk, we will demonstrate a simple set of steps to create and automate a homogenous testing environment for your application. We will be using KinD, a tool for running Kubernetes in Docker, and CI to automatically run e2e tests across a common environment for a k8s application. To maintain consistency, we will automate the creation of this environment per pull request and run the test suite before deploying to production.

Speakers
GG

Grant Griffiths

Software Engineer, Portworx
Grant Griffiths is a core contributor to the Kubernetes CSI and SIG Storage communities working at Portworx. For kubernetes-CSI, he is bringing the external-snapshotter to Beta, improved support for secrets, and improving release tooling. At Portworx, he works on control plane components... Read More →
avatar for Sarah Khalife

Sarah Khalife

Solutions Engineer, GitHub
Passionate about creating an environment to help organizations implement best practices and improve their Software Development Life Cycle operations, Sarah is Solutions Engineer at GitHub. She helps drive open source and innersource, automated workflows, and more secure development... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Burnt Out? Let’s Fix It Together - Kateryna Ivashchenko, Portworx
Burnout can be a depressing topic for a discussion, but it doesn’t have to be - life is not so bad after all! The same way teams go through extreme Kubernetes-in-production failures and come out stronger and more aware at the end, those who look burnout straight in the face and go through the experience have unique and inspiring stories to tell. If vendors are sharing triumphs of their customers, why not highlight wins of the community around mental health?

At recent KubeCon + CloudNativeCon, we were successful in starting the conversation around mental health in OSS communities with new sessions added to the schedule and OSMI (Open Sourcing Mental Illness) getting involved.

Now it’s time to take it a step further and address the stigma in a positive way. Come to hear what this community is capable of when it comes to managing stress and leave energized to help yourself and others.

Speakers
avatar for Kateryna Ivashchenko

Kateryna Ivashchenko

Manager, Demand Generation, Portworx
Kateryna Ivashchenko is a somewhat-recent college grad who jumped into the world of tech and Kubernetes one week after walking the stage at her college graduation. She helps organize meetups for the world’s largest CNCF user group, occasionally volunteers at the OSMI booth at KubeCon... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

A Journey Through Kubernetes Admission Controller Taxanomy - Morgan Bauer & Srinivas Brahmaroutu, IBM
Kubernetes admission controllers are plugins that govern and enforce how the cluster is used. They can be built-in to the APIServer, or webhooks that are customizable to your needs. Admission webhooks help you do some really cool stuff, there are two kinds of webhooks, validating and mutating. In this talk we will go thorough the taxonomy of Admission Controllers, providing examples of each type, and how to use them. There are many built-in to kubernetes, and they are optional to use. Others are webhooks that can be run external to the cluster. We will detail the differences between mutating and validating webhooks, and when to use each. During our talk we will examine the difficulties and complications and propose resolutions. 
We will show code examples to help write your own in the future. Join us on a journey through existing Admission Controllers before you write your own!

Speakers
avatar for Srinivas Brahmaroutu

Srinivas Brahmaroutu

Sr. Software Engineer, IBM
Srinivas Brahmaroutu works as a Software Engineer at IBM Corp. He has many years of experience around IBM cloud offerings. He has worked on many strategic open source projects including Cloud Foundry, Docker and Mesos. Currently he works on Kubernetes contributing to test-infra and... Read More →
avatar for Morgan

Morgan

Sr Software Engineer, IBM
After contributing to Docker & Kubernetes for 3 years, Morgan has gained valuable insight into the varying culture around open source container technology. Pivoting towards blockchain technologies has landed Morgan in Hyperledger Fabric. Morgan is a maintainer on the core Docker Engine... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Pwned By Statistics: How Kubeflow & MLOps Can Help Secure Your ML Workloads - David Aronchick, Microsoft
While machine learning is spreading like wildfire, very little attention has been paid to the ways that it can go wrong when moving from development to production. Even when models work perfectly, they can be attacked and/or degrade quickly if the data changes. Having a well understood MLOps process is necessary for ML security!

Using Kubeflow, we will demonstrate how to the common ways machine learning workflows go wrong, and how to mitigate them using MLOps pipelines to provide reproducibility, validation, versioning/tracking, and safe/compliant deployment. We will also talk about the direction for MLOps as an industry, and how we can use it to move faster, with less risk, than ever before.

Speakers
avatar for David Aronchick

David Aronchick

Head of OSS Machine Learning, Microsoft
David leads Open Source Machine Learning Strategy at Azure. This means he spends most of his time helping humans to convince machines to be smarter. He is only moderately successful at this. Previously, he led product management for Kubernetes, launched Google Kubernetes Engine and... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Connecting CoreDNS to Envoy's Discovery Control Plane - Miek Gieben & Michael Grosser, Independent
This session looks at a new and experimental CoreDNS plugin called "traffic", that implements Envoy's discovery protocol. With this plugin you can use CoreDNS to steer traffic to drain endpoints, allow for canarying and more advanced featuresr, for instance draining an entire Kubernetes cluster.

The session describes Envoy's discovery protocols, how CoreDNS has implemented these and a demonstration on how CoreDNS and Envoy can work together.

Speakers
avatar for Miek Gieben

Miek Gieben

n/a, n/a
I'm lead developer of CoreDNS. Come talk to about service discovery, DNS and the future of these technologies in a cloud native world.
avatar for Michael Grosser

Michael Grosser

Founder, Okkur Labs
Michael Grosser has contributed to Kubernetes and CoreDNS for some time. As a Google Developer Expert for Kubernetes and GCP he is excited about technology and reading DNS RFCs. He is the founder of Okkur Labs and Rekkur Solutions.Okkur Labs is an open source lab researching, contributing... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Deep Dive Into Building a Secure & Multi-tenant SaaS Solution with NATS - Wally Quevedo & Phil Pennock, Synadia
The NATS project turns 10 in 2020, and what started as a simple and high performance messaging system written in Go to build event-driven architectures using Pub/Sub, has since then evolved into a component that can allow the seamless communication of streams & services across multiple regions, thus simplifying further the stack required to deploy globally available services. In this talk, you will learn from one of the maintainers of the project how to create applications in Go that take advantage of NATS messaging and security features by demonstrating how to implement a minimal chat application that is secure and globally available.

Speakers
avatar for Waldemar Quevedo

Waldemar Quevedo

Software Engineer, Synadia
Waldemar Quevedo is a core maintainer of the NATS.io project and author of "Practical NATS". He currently works at Synadia Communications, Inc., developing a global communications network based on NATS.io called NGS. Before joining Synadia, he worked on a container orchestration... Read More →
avatar for Phil Pennock

Phil Pennock

Software Engineer (SRE), Synadia
British-American SRE, sysadmin, programmer, etc. A little old-school at times. Talk to me about anything, but get more intelligent responses around Internet security stacks, OpenPGP, email systems, NATS, container frameworks, posix Shell, Python, Go, etc.


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Demystifying CI Signal: The Link Between Kubernetes Testing and Release - Jorge Alarcon Ochoa, Searchable & Stephen Augustus, VMware
One of the more curious roles within the Release Team is CI Signal. The responsibilities of the CI Signal team are vast, but the primary goal has always been to answer the question, "Are our tests green enough to actually release Kubernetes?". In making a determination on that, our global CI Signal members often act as the first point of support in recognizing issues, and collaborate across all SIGs to drive us towards test failure resolution. As we have expanded this role into a subproject for 2020, we'll take the opportunity here to walk you through day-to-day tasks of the group, how to identify and react to test failures in the Kubernetes project, chasing test flakes, and some of the tooling improvements we've made to support this over the past year.

Speakers
avatar for Stephen Augustus

Stephen Augustus

Lead, Cloud Native Tools & Advocacy, VMware
Stephen Augustus is an active leader in the Kubernetes community. He currently serves as a Special Interest Group Chair (Release, PM), a Release Manager, and a subproject owner for Azure.Stephen leads the Cloud Native Developer Strategy team at VMware, driving meaningful interactions... Read More →
avatar for Jorge Alarcon Ochoa

Jorge Alarcon Ochoa

Site Reliability Engineer, Searchable


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

gRPC Easy - Richard Belleville, Google
gRPC is a modern, open source remote procedure call (RPC) framework that can run anywhere. It enables client and server applications to communicate transparently, and makes it easier to build connected systems. Getting your micoservices talking to one another should be as simple as "import antigravity". Come hear about the latest developments in gRPC's Python bindings that make getting up and running easier than it's ever been. This talk will cover running services without generating code and simplifications in channel management.

Speakers
RB

Richard Belleville

Software Engineer, Google


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Introduction to Strimzi: Apache Kafka on Kubernetes - Jakub Scholz & Paolo Patierno, Red Hat
Strimzi is a CNCF project focusing on running Apache Kafka on Kubernetes. Apache Kafka has emerged as a leading platform for building real-time data pipelines. It provides support for high-throughput/low-latency messaging, as well as sophisticated development options that cover all the stages of a distributed data streaming pipeline, from ingestion to processing. But running it on Kubernetes can be complex and tedious. This talk will introduce you to Strimzi - an operator which makes it easy to run Apache Kafka on Kubernetes. It addresses the whole lifecycle from creating, managing, and monitoring Kafka clusters to managing topics or users. This session will go through the main challenges of running Apache Kafka on Kubernetes, explain how they are solved by Strimzi and show a live demo.

Speakers
JS

Jakub Scholz

Principal Software Engineer, Red Hat
avatar for Paolo Patierno

Paolo Patierno

Principal Software Engineer, Red Hat
Paolo is a Principal Software Engineer working for Red Hat on the messaging and IoT team. He is a maintainer of Strimzi, a CNCF sandbox project for running Apache Kafka on Kubernetes using operators. In his previous role, he worked on different integration projects about AMQP with... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Kubeadm Deep Dive - Rostislav Georgiev, VMware & Rafael Lopez , SUSE
Don’t miss this talk if you want to understand what are the driving forces for kubeadm evolution, if you want to take your first opportunity to influence the roadmap, or, least but not last, if you are considering to step up as a new contributor helping making this happen. We’ll reserve time to talk about how to get involved with SIG Cluster Lifecycle and kubeadm, for all your questions, concerns, and feature requests!

Speakers
avatar for Rostislav Georgiev

Rostislav Georgiev

Software Engineer, VMware
Rostislav (or simply Ross) started programming as a hobby in his early teens. Since then, he is interested in operating system architectures, IoT, storage, cluster computing and cloud-native design. He is part of the VMware Open Source Technology Center and Kubernetes community member... Read More →
avatar for Rafael Fernández López

Rafael Fernández López

Software Engineer, SUSE


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Kubernetes SIG Instrumentation: Instrumenting for Day Two Concerns - Frederic Branczyk, Red Hat & Marek Siarkowicz, Google
Kubernetes SIG Instrumentation is responsible for ensuring high quality and consistent instrumentation across the Kubernetes project. This intro session will give an overview of the efforts the SIG Instrumentation has worked on in the past and is currently working on. Software engineering and operations are both disciplines practiced in SIG Instrumentation, and any experience will help the special interest group's mission. Join this session to learn how to get involved in SIG Instrumentation to make Kubernetes' instrumentation even better!

Speakers
MS

Marek Siarkowicz

Software Engineer, Google
Marek is a Software Engineer working at Google in GKE Logging and Monitoring team. He began his career in local startups where he loved open source and extreme programming. Currently he is an active member of SIG-instrumentation leading structured logging effort in Kubernetes. In... Read More →
FB

Frederic Branczyk

Principle Engineer, Red Hat


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Automating Load Balancing and Fault Tolerance via Predictive Analysis - Steven Rosenberg, Red Hat
Just imagine, wouldn't it be great if Kubernetes load balancing could predict application traffic in advance and react appropriately? We’ll explain how to improve performance, reduce costs, and increase reliability in order to provide more intelligent workload balancing.

The solution is Predictive Analysis which allows us to “predict” the future from historical events. We will discuss how predictive analysis can improve overall system performance while reducing costs and improve the reliability of Kubernetes and Hybrid Cloud based environments.

Attendees will come away with a better understanding of cutting edge technology for solving complex problems that are fast becoming the next generation of technological advances.

Speakers
SR

Steven Rosenberg

Software Engineer, Red Hat
Steven Rosenberg has more than 30 years of experience in the Software Industry on various projects including Communications, Distributed Processing, High Availability, Cyber Security, Rules based systems, Machine Learning, IOT, and many other technologies for many industries. Steven... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Managing a Managed Kubernetes Platform - Annegies van 't Zand & Wiender Sarup, Nationale Nederlanden
Over the past year Nationale Nederlanden (NN) has built a managed Kubernetes platform for their DevOps teams.

Now, a year later, we are managing over twenty Kubernetes clusters that are running multiple production workloads. Although Kubernetes is the main component, it turned out that lifecycle management and reliable delivery of changes to in-use platforms proved to be the most challenging part. All-in-all there are fifteen components that provide all the platform features and services, so we had to get creative to make sure that we kept up to date with all of them.

In this talk we will share our solutions for setting up a platform delivery pipeline and the lifecycle management of our platform components. Fan-in/fan-out cluster deployments, platform integration tests, version dashboards and feature flagging are some of the subjects that we will address.


Speakers
avatar for Annegies van 't Zand

Annegies van 't Zand

Kubernetes platform engineer, Nationale Nederlanden
Annegies is a Kubernetes platform engineer at the Nationale Nederlanden.
avatar for Wien Sarup

Wien Sarup

Kubernetes platform engineer, Nationale Nederlanden
Wien Sarup is a Kubernetes platform engineer at the Nationale Nederlanden.


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Do The Math: Auto-Scaling Applications with Kubernetes - Antoine Hamon, Nephely
What better place is there to host applications but inside a Kubernetes cluster? Yet what feature is more under-estimated than pod auto-scaling? Yes pod auto-scaling can be really hard, especially when searching for an optimized configuration. Whatever the application, goals are always the same: making sure our pods are able to scale-up quickly enough so users don't ever face any latency nor HTTP/5xx, while keeping the cost as low as possible. As both goals directly leverage the other, the complexity is all about finding the correct balance. Instead of putting the regular 80% CPU utilization threshold (which is sometimes fine-tuned with load-testing and/or feedback monitoring), would it be possible to have a more mathematical approach to solve this problem?

During this talk Antoine will present one he created and explain how to utilize it within Kubernetes.

Speakers
avatar for Antoine Hamon

Antoine Hamon

SRE/DevOps, Cloud Architect, Nephely
Antoine is a DevOps/CloudArchitect specialized in Kubernetes, AWS and OpenStack. He started playing with Docker while it was still in beta release, and Kubernetes naturally followed soon after.With almost 10 years of experience, Antoine is now a freelance and helps companies improving... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Virtual Cluster - A Practical Kubernetes Hard Multi-tenancy Solution - Fei Guo, Alibaba
Conventional, the concept of Kubernetes multi-tenancy is realized by namespaces. Tenants access controls are limited within tenant namespaces using RBAC rules. The Pod level isolation is primarily done using network policy.

This model faces various problems when applied in production since Kubernetes is far from tenancy-ready. For example:
1) APIServer is lack of tenant-aware flow control. A single tenant may generate large amount of concurrent traffic making APIServer unresponsive to other tenants;
2) Tenants cannot install customized CRDs which requires cluster scope permission;

We proposed Virtual Cluster solution to resolve the multi-tenancy problem from a different angle. Basically, every tenant will be assigned a dedicated K8s control plane. All tenant K8s shares a big super master. Virtual cluster is built based on CRDs. The entire solution is open sourced in Github.

Speakers
FG

Fei Guo

Senior Staff Engineer, Alibaba
Fei Guo is currently a senior staff engineer in Alibaba Container Platform Group. He has more than 10 years of experience in compute resource management and performance optimization for virtualized and containerized environments. His work focuses on providing workload automation and... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Uncharted Territories: Discovering Vulnerabilities in Public Helm Charts - Hayley Denbraver, Snyk
CNCF projects are making investments in security (including the recently open sourced security audits of both Kubernetes and Helm). Helm is an interesting case study because both the security of Helm as a tool and the security of Helm Charts are important considerations for users. What do we know about the security of individual Helm Charts, what can we find out, and how does that change how we approach the project? All these questions and more will be addressed as we plot course to Helm Chart security.

Speakers
avatar for Hayley Denbraver

Hayley Denbraver

Developer Advocate, Snyk
Hayley Denbraver is a Developer Advocate at Snyk. In that role, she is committed to open source security education, listening to developer communities, and posting pictures of her dog on the company slack.


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Kubernetes Storage: The Power of Portability - Saad Ali, Google
Storage, traditionally, has been tightly coupled with the app consuming it. This is true whether you are running on-prem or in the cloud.

Kubernetes and its storage abstractions, however, unlock radical new ways to expose and use storage by decoupling the concerns and responsibilities of cluster admins from those of app developers. This enables true application portability across environments.

I will explain how Kubernetes storage primitives were designed to enable this abstraction, without sacrificing the unique abilities of individual storage systems. More importantly, I will help you understand what you (as a cluster admin or application developer) must do to harness this power of portability. I will explain how little things, like names of StorageClasses, are crucial for unlocking these benefits or how small mistakes you make as an app dev could adversely affect app portability.

Speakers
avatar for Saad Ali

Saad Ali

Staff Software Engineer, Google
Saad Ali is a Staff Software Engineer at Google and member of the CNCF Technical Oversight Committee. He works on the open-source Kubernetes project, and has led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, and... Read More →


Wednesday August 19, 2020 10:55 - 11:30
TBA

10:55

Kubernetes Networking Intro and Deep-Dive - TBD
Networking is less complicated than you think! This session is a combined intro and deep dive. This talk will start with some background on Kubernetes networking. Attendees who are not already comfortable with the "hows and whys" of basic networking in Kubernetes can get a bit of a primer before we dive deep on a few of the more recent developments and efforts in the networking space.

Wednesday August 19, 2020 10:55 - 12:25
TBA

10:55

Tutorial: Communication Is Key -- Understanding Kubernetes Networking - Jeff Poole, Vivint Smart Home
Networking in Kubernetes has several aspects, including DNS, iptables, routing, software bridges, IP assignment, network policies, etc. While the practices for understanding the network were fairly easy to translate from physical servers to virtual machines, the level of complexity increases greatly when moving to containers in Kubernetes.

This tutorial will explain several of the networking concepts used in Kubernetes with accompanying lab exercises in a virtualized environment so that participants will become comfortable looking under the hood at how a Kubernetes cluster is working (or not working, as the case may be).

The material will be designed for people comfortable with SSH, bash, kubectl, and basic networking concepts, and will fill in the more advanced networking knowledge as the tutorial progresses. Please have Vagrant + VirtualBox installed to run the labs locally.

Speakers
avatar for Jeff Poole

Jeff Poole

Director, Platform Engineering, Vivint Smart Home
Jeff Poole is currently an engineering director over both operations and development teams at Vivint Smart Home, where his team maintains the backend platform that powers the smart home and security aspects of Vivint’s products. Over his career, he has held a diverse collection... Read More →


Wednesday August 19, 2020 10:55 - 12:25
TBA

11:50

Standardizing Applications For the Cloud at a Global Scale - Jared Watts, Upbound & Lei Zhang, Alibaba
In our rapidly maturing world of cloud native software, what exactly does it mean to be an “application”, especially as deployments become more complicated and move towards multiple clusters, regions, and even clouds at a global scale? In this talk, we will examine both the need and the benefits of a standard application definition model, as well as dive into the details of recent specific efforts in the ecosystem, such as the Open Application Model (OAM).

Once an “application” has a standard definition, it becomes easier to perform powerful higher level orchestration capabilities, such as scheduling the application and all of its infrastructure dependencies across multiple environments. We will learn about how scheduling works in Kubernetes and how the principles of scheduling pods to nodes can be applied to a global scale to schedule complete applications across multiple clouds.

Speakers
avatar for Jared Watts

Jared Watts

Founding Engineer, Upbound
Jared Watts is a Founding Engineer at Upbound, where he is working on advancing cloud-native computing by building the "open cloud". He is also a founder and maintainer for the open source Rook (https://rook.io) and Crossplane (https://crossplane.io) projects. Prior to Upbound, Jared... Read More →
avatar for Lei Zhang

Lei Zhang

Staff Engineer, Alibaba
Lei is a co-maintainer of Kubernetes community, and co-chair of CNCF App Delivery SIG. Lei is co-leading engineering effort in Alibaba including Kubernetes and large-scale cluster management system. Before it, Lei worked for Hyper_ and Microsoft Research (MSR). Lei is a popular speaker... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Why We Are Choosing Cloud Native Buildpacks at GitLab - Abubakar Siddiq, GitLab
GitLab provides a zero configuration build/test/deploy pipeline called "Auto DevOps" which relies on Herokuish for detecting how to build/test your source code into a runnable docker image. Currently, GitLab uses Herokuish  to match projects with known languages and build them. The new tooling from CNB is capable of building smaller resultant images by separating the build layers from the runtime layers. In order to increase the speed and efficiency of GitLab's products, the Product team investigated the Cloud Native Buildpacks, which provide a cloud-native means of standardizing code detection and producing a standards-based container runtime.

In this talk, learn about GitLab’s goals, plan, and how they made the decision to move forward based on the greatest benefit to GitLab from CNAB -  the larger community fixing CNAB issues.

Speakers
avatar for Abubakar Siddiq Ango

Abubakar Siddiq Ango

Technical Evangelism Program Manager, GitLab
Abubakar is the Technical Evangelism Program Manager at GitLab before then he was supporting Enterprise customers of GitLab in Managing the GitLab instances on Kubernetes. Outside work, he manages Developer Communities and learns how to fly on XPlane.


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

DevOps Patterns and Antipatterns for Continuous Software Updates - Baruch Sadogursky & Kat Cosgrove, JFrog
So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possibly go wrong?

In this talk, we’ll analyze real-world software update failures and how multiple DevOps patterns, that fit a variety of scenarios, could have saved the developers. Manually making sure that everything works before sending update and expecting the user to do acceptance tests before they update is most definitely not on the list of such patterns.

Join us for some awesome and scary continuous update horror stories and some obvious (and some not so obvious) proven ideas for improvement and best practices you can start following tomorrow.

Speakers
avatar for Baruch Sadogursky

Baruch Sadogursky

Head of DevOps Advocacy, JFrog
Baruch Sadogursky (a.k.a JBaruch) is the Head of DevOps Advocacy and a Developer Advocate at JFrog. His passion is speaking about technology. Well, speaking in general, but doing it about technology makes him look smart, and 19 years of hi-tech experience sure helps. When he’s not... Read More →
avatar for Kat Cosgrove

Kat Cosgrove

Developer Advocate, JFrog
Kat Cosgrove is a chronic early-adopter of new technologies and a real-life cyborg. Her professional engineering background is in web development, IoT, and programming education, but today she's a Developer Advocate for JFrog. She loves finding creative solutions for hard problems... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Neuro-Inclusivity: The Future of the Tech Industry - Kiran "Rin" Oliver, Independent & Leena Haque, BBC
According to a 2018 report from Tech Nation, 83% of the tech community in the UK believe their biggest challenge is accessing skilled workers. Too many talented people are going unnoticed by recruiters. As a result, there’s been much focus on attracting talent of all ethnicities and genders, but there’s a growing view emerging that more needs to be done in the area of neurodiversity.

Many cloud native companies are answering this issue by creating initiatives to hire neurodivergent people. Often, an entire division of recruiting/HR is dedicated to sourcing these individuals. There’s just one problem: They don't actually know what to do next. This panel will go into those next steps, in particular, focusing on on-boarding, retaining, and creating a welcoming work environment for neurodivergent individuals in today’s Kubernetes-based, cloud-native landscape.

Speakers
avatar for Rin Oliver

Rin Oliver

Technical Writer
Rin is a Technical Writer and an active Member of Kubernetes. They are nonbinary, autistic, have ADD, dyscalculia, and dyspraxia. As a Member of Kubernetes, Rin participates actively in the Contributor Experience SIG and is a Storyteller on the Kubernetes Upstream Marketing Team... Read More →
avatar for Leena

Leena

Senior UX Designer, BBC
Leena is currently a Senior UX Designer at the BBC and also co-founder for a creative initiative called CAPE (Creating A Positive Environment) The aim of CAPE is to promote the idea that differences in brain functioning, such as autism and dyslexia, are not disabilities, but natural... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

The Hidden Generics in Kubernetes' API - Eirik Albrigtsen, Babylon Health
A look into how apimachinery enforces strong conventions on kubernetes' api, how that impacts client-go, and how we can take advantage of these hidden generic properties to build an actually generic client in rust.

We will go through a kubernetes Object, its generic parts as modelled via a rust Trait, and how this enables the rust compiler to automatically populate all kubernetes objects' api calls and serialization code from a single generic impl.

We will also show examples on how to write single file, performant, async/await rust controllers that follow operator best practices.

Speakers
EA

Eirik Albrigtsen

Platform Engineer, Babylon Health
Eirik Albrigtsen is currently employed as a platform engineer Babylon Health operating kubernetes clusters, and previously as a platform engineer at Cisco. He has been speaking at public venues in London about rust, kubernetes, and devops at the Rust London User Group and London... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Enabling Multi-user Machine Learning Workflows for Kubeflow Pipelines - Yannis Zarkadas, Arrikto
Kubeflow is an open source machine learning platform built on Kubernetes. Every service in Kubeflow is implemented either as a Custom Resource Definition (CRD) (e.g., TensorFlow Job) or as a standalone service (e.g., Kubeflow Pipelines).

As enterprises start to adopt Kubeflow, the need for access control, authentication, and authorization is emerging. Kubernetes CRDs come with their own auth story, but what about Services with their own API and database, like Kubeflow Pipelines? In this talk, we explore how we enabled multi-user workflows for Kubeflow Pipelines, in a Kubernetes-native way.

We present how we combined open-source, cloud-native technologies to design and implement a flexible, Kubernetes-native solution for services with their own API and database. The talk will include a live demo.

Speakers
avatar for Yannis Zarkadas

Yannis Zarkadas

Software Engineer, Arrikto
Yannis is a software engineer at Arrikto, working with Kubeflow and the Kubernetes sig-storage group. He loves contributing to open source projects and has authored the Cassandra Operator in Rook and the official Scylla Operator, which he is currently maintaining.


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Cluster API Deep Dive - Naadir Jeewa, VMware & Cecile Robert-Michon, Microsoft
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. In this deep dive, we will examine how the Cluster API simplifies the cluster management experience for cluster operators by enabling consistent machine management across environments, and bringing declarative upgrades to Kubernetes clusters.

Speakers
avatar for Cecile Robert-Michon

Cecile Robert-Michon

Software Engineer, Microsoft
Cecile Robert-Michon is a software engineer at Microsoft working on the Azure Cloud Native Compute team, where she spends most of her time contributing to various open source projects. She speaks French, English and Spanish and studied engineering at McGill University in Montreal... Read More →
avatar for Naadir Jeewa

Naadir Jeewa

Software Engineer, VMware
Chat to me about all things Cluster API related.


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

CRI-O: Deep Diving into the Security - Sascha Grunert, SUSE & Daniel Walsh, Red Hat
Container Runtime security is one of the most important aspects of the Kubernetes ecosystem. Runtimes have to ensure that all security constraints provided by the end-users are met on the system, as well as provide strong defaults for less experienced users. CRI-O is a container runtime that prides itself in its focus on security and safe defaults. In this talk Dan Walsh and Sascha Grunert will dive deep into CRI-O’s security principles. They will present common container workload securing practices and demonstrate how the container runtime will apply those to the target system. The talk will cover best practices in SELinux, AppArmor, seccomp, Linux capabilities and namespace isolation techniques which make Kubernetes based end-user applications more secure. At the end of the talk, they will also cover a general overview of the current status of container runtime security.

Speakers
avatar for Daniel Walsh

Daniel Walsh

Senior Distinguished Engineer, Red Hat
Daniel Walsh has worked in the computer security field for over 30 years. Dan is a Consulting Engineer at Red Hat. He joined Red Hat in August 2001. Dan leads the Red Hat Container Engineering team since August 2013, but has been working on container tec
avatar for Sascha Grunert

Sascha Grunert

Senior Software Engineer, SUSE
Sascha is a Senior Software Engineer at SUSE, where he works on many different container related open-source projects like Kubernetes and CRI-O. He joined the open-source community in November 2018, having gained container experience before joining SUSE. Sascha's passions include... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Intro: Telepresence - Daniel Bryant, Datawire
This session will provide an intro to Telepresence, a CNCF Sandbox tool. We’ll talk about development workflows for Kubernetes. We’ll discuss the differences between traditional development, and different approaches people take to building Kubernetes services. We’ll then introduce Telepresence and discuss how it integrates with different organizational development workflows. Finally, we’ll talk about the evolution of Telepresence and how we are actively moving Telepresence forward from its heritage as a VPN-type approach into a more sophisticated L7 routing layer for developers.

Speakers
avatar for Daniel Bryant

Daniel Bryant

Product Architect, Datawire
Daniel Bryant works as a Product Architect at Datawire. His technical expertise focuses on ‘DevOps’ tooling, cloud/container platforms, and microservice implementations. Daniel is a Java Champion, and contributes to several open source projects. He also writes for InfoQ, O’Reilly... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Kubernetes SIG Auth Deep Dive - Michael Danese, Google & Mo Khan, VMware
In this session we'll cover the recent changes and improvements to the Certificates API as we work towards GA!

Speakers
avatar for Mike Danese

Mike Danese

Software Engineer, Google
Mike is a software engineer at Google. He has worked on Kubernetes and GKE for over four years and is currently the lead of the GKE Identity Team. He is a chair and TL of the Kubernetes Auth Special Interest Group. He develops and maintains authentication infrastructure in Kubernetes... Read More →
avatar for Mo Khan

Mo Khan

Software Engineer, VMware


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Multi-Tenant Clusters with Hierarchical Namespaces - Yoshi Tamura, Google
The multi-tenancy working group is developing new building blocks in Kubernetes to better support multi-tenant use cases, such as hosting multiple teams in large enterprises and enabling multi-single-tenant deployments in SaaS. Namespaces are one of the most important foundations of multi-tenancy in Kubernetes. In this talk, we introduce a new building block called Hierarchical Namespaces that allow policies like RBAC and Network Policies to be consistently inherited across trees of namespaces. Based on our experience working with customers, we believe this new technique will simplify namespace management in Enterprise and SaaS use cases. This talk will show how you can use hierarchical namespaces to safely and easily share your cluster across teams and deployments within an organization. Hierarchical Namespaces are an open source project currently incubating in the Multi-tenancy working group. You can check out the code and get involved in the project here: https://github.com/kubernetes-sigs/multi-tenancy/tree/master/incubator/hnc

Speakers
YT

Yoshi Tamura

Product Manager, Kubernetes Engine, Google


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Notary v2 Outstanding Issues Working Session - Justin Cormack, Docker & Steve Lasker, Microsoft
The Notary v2 project is a rework of the infrastructure for container signing, supporting additional OCI Artifacts, such as Helm, Singularity and CNAB, and fixing usability and other issues. This session examines the current state of the project, discussing the design decisions as they relate to the target scenarios. This session is a working session to engage face to face discussions for all participants.

Speakers
avatar for Justin Cormack

Justin Cormack

Engineer, Docker
Justin Cormack is Security Lead at Docker. He is a maintainer on the CNCF Notary project and is involved with CNCF SIG Security. He has spoken at Kubecon on a variety of subjects such as containerd, security audits, Notary and container runtimes. He also speaks at other events such... Read More →
SL

Steve Lasker

Principal Program Manager, Microsoft


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Simplifying Windows runtime and deployment in Kubernetes - Muzz Imam, Microsoft
The leaders of SIG-Windows will provide an update on the efforts to bring Windows to Kubernetes. This session will concentrate on presenting new features and capabilities as well as focus on advanced capabilities like Kubeadm support, ContainerD integration, and Cluster API for Windows. At the end, we will open the floor for Q&A with customers and members of the SIG-Windows community. Some familiarity with Windows on Kubernetes is required for the deep dive part since we will have an in-depth discussion on key features that are in the pipeline for Windows, explain their implementation and have a discussion on trade-offs with the community.

Speakers
MI

Muzz Imam

Program Manager, Windows Containers, Microsoft


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Failure Stories From the On-premise Bare-metal World - Stephan Fudeus & David Meder-Marouelli, 1&1 Mail & Media Development & Technology GmbH
Setting up a Kubernetes cluster is not trivial in general and doing that on-premise with bare-metal machines has very specific challenges. In addition to "just" defining the pod overlay network and embedding the host network into an existing topology, ingesting and directing traffic into the cluster is an essential task. Regardless of the chosen solution, compromises need to be made and eventually, failures will occur.

In this session David and Stephan will show their real world setup of reasonably large clusters (up to 150 nodes currently), the reasoning behind the network design and the failure stories they experienced and had to deal with. The topics are ranging from ingress controllers via BGP, network routing, DNS and iptables to hardware load balancer appliances - and how those technologies are not as cloud native as one might wish.

Speakers
avatar for Stephan Fudeus

Stephan Fudeus

Expert Continuous Delivery, 1&1 Mail & Media Development & Technology GmbH
Stephan Fudeus is an Evangelist for Continuous Delivery by title and a backend and infrastructure engineer by heart. He used to develop scalable multi-tenant applications for up to a million customers in a DevOps fashion for 14 years at 1&1 Internet and now is Product Owner and Technology... Read More →
avatar for David Meder-Marouelli

David Meder-Marouelli

Systems Architect, 1&1 Mail & Media Development & Technology GmbH
David Meder-Marouelli currently has the position of a systems architect with 1&1 Mail & Media, one of the largest E-Mail providers in Germany (including brands like GMX & WEB.DE). In this position he is responsible for all projects related to automation. After his PhD in physics and... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Operating Kubernetes at Pinterest: Past, Present and Future - Rodrigo Menezes & Roberto Rodriguez Alcala, Pinterest
Over the last 2 years, Pinterest has been working on migrating systems to Kubernetes.
Currently we operate multiple multi tenant clusters that run ML workloads on GPUs and CPUs as well as highly available online serving systems. Operating Kubernetes at this scale has presented some challenges, like upgrades, safe deployments, autoscaling and more.

By leveraging Kops and combining it with other tools, we've been able to successfully overcome some of the challenges and we can now do things like
set up a cluster in hours, easily reshape our infrastructure or roll out updates seamlessly.

Along the way we added extra features like ephemeral nodes using spot instances, huge pages, GPUs and more; without any significant impact on the operation load.

This session will go through the design decisions, the reasons behind, details about our implementation and improvements that we're working on.

Speakers
avatar for Roberto Rodriguez Alcala

Roberto Rodriguez Alcala

Site Reliability Engineer, Pinterest
Roberto is a Site Reliability Engineer embedded in the Cloud Management Platform team at Pinterest. His main focus has been on Kubernetes, developing applications and putting building blocks together to allow existing workloads to migrate from existing infra to our Kubernetes clusters... Read More →
avatar for Rodrigo Menezes

Rodrigo Menezes

Site Reliability Engineer, Pinterest
Rodrigo is a member of the Core Site Reliability Engineering team at Pinterest. While at Pinterest, his main focus has been Kubernetes and creating applications to support running Pinterest's stateless prod infrastructure in containers. Outside of work, Rodrigo loves rock climbing... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Improving the Performance of Your Kubernetes Cluster - Priya Wadhwa, Google
Ever wonder if your Kubernetes cluster could be more performant? Most users of Minikube, a tool to run Kubernetes locally, have; in fact, improved performance has been one of the most requested features since the project began. In this talk, Priya Wadhwa will discuss how we tackled reducing the start latency and CPU overhead of a Kubernetes cluster.

You will walk away with knowledge of frameworks and tools to identify where performance issues exist in your own cluster. We’ll cover how we used these tools to identify where overhead was coming from and how we came up with solutions to reduce it, all while maintaining a great user experience.

Speakers
PW

Priya Wadhwa

Software Engineer, Google
Priya Wadhwa is a software engineer at Google working on local development tools for Kubernetes including Skaffold, Kaniko, and Minikube. In her free time she enjoys playing the drums and eating desserts!


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Container Isolation via Virtualization: Don't Forget to Shrink the Guest - Dan Williams, IBM & Hsuan-Chi (Austin) Kuo, UIUC
Virtualization must be lightweight to be useful for improving the isolation of container runtimes (e.g., Kata containers): adding traditional (heavyweight) virtualization layers to container primitives would, for example, result in unacceptable boot time and performance for important use cases like serverless computing. Fortunately, the community has made great strides towards lightweight virtualization with new VM monitors (e.g., AWS Firecracker) and associated tooling (e.g., Weaveworks Ignite). However, there has been relatively little attention paid to the guest kernel itself, which remains unnecessarily bloated, affecting both performance and security. We will make the case for guest kernel specialization via kernel configuration and highlight key challenges in applying these techniques in a sandboxed container context.

Speakers
DW

Dan Williams

Research Staff Member, IBM
Dan Williams is a Research Staff Member at IBM Research, where he works on unikernels and secure containers. He is an original author of the Solo5 unikernel base and Nabla Containers. Dan has given talks at many academic and industry conferences, including ACM SoCC, EuroSys, SOSP... Read More →
avatar for Hsuan-Chi (Austin) Kuo

Hsuan-Chi (Austin) Kuo

Student, UIUC
Hsuan-Chi (Austin) Kuo, is a Ph.D. candidate in the Dept. of Computer Science at the University of Illinois at Urbana-Champaign [UIUC]. He completed his B.S. in Computer Science from the National Tsing-Hua University in 2016. His research interests are in the area of systems, networking... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

OpenID Connect as SSO Solution: Strengths and Weaknesses - Álvaro Iradier, Sysdig
OpenID Connect (OIDC), an identity layer on top of OAuth2 protocol, makes user login easier and allows for a seamless SSO experience between multiple tools and services by delegating authentication to a trusted Identity Provider (Authorization Server). The concept is quite appealing at first sight. But different implementations and lack of agreement, both on the client applications and on the Authorization Servers, can ruin your trip.

In this talk we will explain the basic concepts of OIDC, how it works, how it compares to other Federated Authentication systems like SAML, and some integration examples like Harbor or Kubernetes. Then we talk about some common issues that are still rough edges, like the user onboarding and the roles and group management. Finally, we will see how we can make some non-OIDC aware applications work with OIDC by delegating authentication to an Nginx proxy.

Speakers
avatar for Álvaro Iradier

Álvaro Iradier

Solutions Engineer, Sysdig
Álvaro is a solutions engineer at Sysdig. Before that, he worked in an IoT and financial micro-transactions company for 11 years as a Ninja developer. Then, he discovered he had been doing the fuzzy concept of DevOps when Adidas hired him for CI/CD support and platform engineering... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

11:50

Whatever Can Go Wrong, Will Go Wrong – Rook/Ceph and Storage Failures - Sagy Volkov, Red Hat
Imagine running a 200-node Kubernetes cluster, and suddenly you lost a node or even a ToR switch. What is the state of your persistent storage that your application relies on? How can you make sure your storage is always available? How can you time and plan how long it takes for your storage to get back to 100% resiliency?

In this presentation we’ll go over the basics of storage demands (RPO/RTO), How different types of replications in Ceph impact our recovery time, and how components failure such as drive, node or cluster determine how long we are at risk.

We'll include a live demo of a Rook/Ceph recovery process from a failed component. We'll show what components of Rook are recreated, how Ceph behaves during components/pods recreation, and what is the impact on the application while these failures occur (In our case the application will be MariaDB).

Speakers
avatar for Sagy Volkov

Sagy Volkov

Storage Performance Instigator, Red Hat
Sagy Volkov is a former performance engineer in ScaleIO (created the performance engineering group and the ScaleIO enterprise advocates group) and architected the ScaleIO storage appliance reporting to the CTO/founder of ScaleIO. He is now with Red Hat as a storage performance instigator... Read More →


Wednesday August 19, 2020 11:50 - 12:25
TBA

14:25

Panel: Kubernetes and Cloud Native Security: A State of the Union - Rags Srinivas, Snyk/InfoQ; Gareth Rushgrove, Snyk; Kirsten Newcomer, Red Hat; Scott Coulton, Microsoft; & Phil Estes, IBM
With the advent of Containers, Kubernetes and microservices, and platforms that build on it, like Helm, openshift, Istio, etc. the attack surfaces have increased and that necessitates a more holistic and disciplined approach towards security. While there is a lot of FUD around cloud native security in general there are approaches to harden security during development and deployment today.

This panel, intended for developers and devops audience will look at the cloud native, containers and Kubernetes security ecosystem. Attendees will walk away with a better understanding of the challenges of some of the tools for the trade and how to overcome some of the security gaps that exist today.

Speakers
avatar for Rags Srinivas

Rags Srinivas

Cloud Architect/Evangelist, Snyk/InfoQ
KN

Kirsten Newcomer

Principal Product Manager, Red Hat
Principal Product Manager at Redhat
avatar for Phil Estes

Phil Estes

Distinguished Engineer & CTO, Container Architecture Strategy, IBM
Phil is a Distinguished Engineer in the office of the CTO for IBM Cloud, guiding IBM's strategy around containers and Linux. Phil is a founding maintainer of the CNCF containerd runtime project, and participates in the Open Container Initiative (OCI) as a member of the Technical Oversight... Read More →
avatar for Scott Coulton

Scott Coulton

Cloud Developer Advocate, Microsoft
Cloud Developer Advocate at Microsoft
GR

Gareth Rushgrove

Director, Product Management, Snyk
Gareth Rushgrove is director of product management at Snyk.


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Panel: End User Community Adoption of Cloud Native Principles & Lessons Learned - Ken Owens, Mastercard; Lee Mills, Spotify; Smaine Kahlouch, Dailymotion; Josh Michielsen, Condé Nast; & Cheryl Hung, Cloud Native Computing Foundation
This panel brings together engineers from the CNCF End User Community to provide their insights on the journey their respective companies have undergone in their transformation to Cloud Native. Each End User member company will discuss their Cloud Native principles and what has worked along with what has not worked. Topics will include operational best practices, developer experience, CNCF projects evaluated and implemented, and vendor management along with the lessons learned along the journey.

Speakers
avatar for Smaine Kahlouch

Smaine Kahlouch

DevOps team leader, Dailymotion
I have a background on system engineering with a strong focus on DevOps practices and passionate about Open Source solutions. I have a special interest in technologies around Linux containers. I spent my last years to help companies to develop their container orchestration platforms... Read More →
KO

Ken Owens

VP Cloud Native Engineering, Mastercard
Executive with over 20 years’ experience in architecture, analysis, design, research, and implementation of cloud computing infrastructures consisting of software design, virtualization, server, network, security, storage, automation, management layers, and deployment methodologies... Read More →
avatar for Cheryl Hung

Cheryl Hung

Director of Ecosystem, Linux Foundation
Cheryl Hung is Director of Ecosystem at the Cloud Native Computing Foundation, where she drives adoption of cloud native infrastructure. As a non-profit under the Linux Foundation, the CNCF hosts open source projects including Kubernetes, Prometheus and Envoy.She founded the 5000... Read More →
avatar for Josh Michielsen

Josh Michielsen

Senior Engineer, Platform Engineering, Condé Nast
Josh Michielsen is a Senior Software Engineer for the Platform Engineering team at Condé Nast, where he helps to drive the vision of a truly global platform to house some of the worlds largest online publications! He specialises in container orchestration, software development, continuous... Read More →
avatar for Lee Mills

Lee Mills

Engineering Manager, Spotify
Hi! I'm Lee, an engineering manager at Spotify focused on developer experience. I have a great opportunity, I'm sat right next to my customers. I get to live and breathe their experiences right there with them, and then I get to solve problems for them, letting them focus on solving... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Progressive Delivery in Kubernetes - Carlos Sanchez, Adobe & Viktor Farcic, CloudBees
Progressive Delivery makes it easier to adopt Continuous Delivery, by deploying new versions to a subset of users and evaluating their correctness and performance before rolling them to the totality of the users, and rolled back if not matching some key metrics. Canary deployments is one of the techniques in Progressive Delivery, used in companies like Facebook to roll out new versions gradually. But good news! you don't need to be Facebook to take advantage of it.

We will demo how to create a fully automated Progressive Delivery pipeline with Canary deployments and rollbacks in Kubernetes using Jenkins X, an open source platform for cloud native CI/CD in Kubernetes, and Flagger, a project that uses Prometheus and your service mesh of choice to automate Canary rollouts and rollbacks.

Speakers
avatar for Viktor Farcic

Viktor Farcic

Principal Software Delivery Strategist, CloudBees
Viktor Farcic is a Principal Software Delivery Strategist and Developer Advocate at CloudBees, a member of the Google Developer Experts and Docker Captains groups, and published author. His big passions are DevOps, Microservices, Continuous Integration, Delivery and Deployment (CI/CD... Read More →
avatar for Carlos Sanchez

Carlos Sanchez

Senior Cloud Engineer, Adobe
Carlos Sanchez specializes in software automation, from build tools to Continuous Delivery and Progressive Delivery. Involved in Open Source for over 15 years, he is the author of the Jenkins Kubernetes plugin and a member of the Apache Software Foundation amongst other open source... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

How vs Why: Asking the Right Question to Grow Your Open Source Community - Charles Pretzer, Buoyant
Attracting and keeping contributors is one of the biggest challenges that new open source projects face. "How can we quickly grow this community?" is a common question that project owners immediately ask themselves.

This talk seeks to change the perspective of project owners by getting them to ask "Why do I want to grow and nurture a community?" The content of this session will make the argument that asking the question "Why?" will lead to more actionable goals than asking the question "How?".

For example, by asking why, project owners can narrow down specific features and goals of their projects that open source contributors can relate to on a deeper level.

In addition, employees who are paid by their companies to work on open source projects will have a more meaningful language to encourage their managers and teams to contribute to open source projects.

Speakers
avatar for Charles Pretzer

Charles Pretzer

Field Engineer, Buoyant, Inc.
Charles Pretzer is a field engineer at Buoyant, where he spends his time collaborating and engaging with the open source community of the CNCF service mesh, Linkerd. He also enables production level adoption by helping companies integrate Linkerd into their Kubernetes based applications... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Optimized Resource Allocation in Kubernetes? Topology Manager is Here - Conor Nolan, Intel & Victor Pickard, Red Hat
To satisfy the resource demands of workloads, Kubernetes must be responsible for resources on the platform and the intricacies associated with them. The introduction of CPU Manager and Device Manager are two examples of K8s taking involved decisions for resource assignment. However, these two components act independently, which can lead to undesirable resource allocations most notable on a systems with multiple CPU Socket or NUMA Regions.

Under the guidance of SIG node, a new component is being introduced to Kubelet called Topology Manager, which will resolve this undesirable situation by enabling optimal resource allocation. This talk will introduce Topology Manager, how it works to solve these problems as well as the reasons behind introducing such a feature.

Speakers
VP

Victor Pickard

Principal Sofware Engineer, Red Hat
Victor Pickard is a Principal Software Engineer at Red Hat. He is working on Kubernetes and Openshift, focusing on Telco use cases for advanced networking. Specifically, Victor is working with folks at Intel and NVidia to get Topology Manager component to Beta status for kubernetes... Read More →
avatar for Conor Nolan

Conor Nolan

Software Engineer, Intel
Conor Nolan is a Software Engineer on the Cloud Native Orchestration team at Intel, primarily focused on resource management. He is a Kubernetes contributor and member. Specifically, he has been involved in the development and upstream of the Topology Manager, a Kubelet component... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Scalable ML Model Iteration and Skewless Features with Kubeflow and Feast - Hung-Ting Wen, Google & Zhiling Chen, Gojek
Kubeflow is a Kubernetes native platform for machine learning where users can build, train, and serve their models. Feast is an open source feature store which provides users a unified layer for feature usage in both model training and serving.

At Gojek, data scientists and engineers leverage both of the technologies to seamlessly move between model development, training and serving in production. The ability of combining both real time and batch features in a consistent way across training and serving has improved the performance of Gojek’s dynamic pricing models greatly.

In this talk you will learn how to: ingest features into Feast; deploy a training job which reads from Feast; deploy a scalable serving application with KFServing. With these, you will have an end to end platform that helps you build trackable, reproducible, data skewless models and serve these models at scale.

Speakers
HW

Hung-Ting Wen

Software Engineer, Google
Gabriel Wen is a software engineer at Google and working for Kubeflow project. Kubeflow provides a set of tools as a platform for users to build, train, and deploy their machine learning models at scale with Kubernetes. Gabriel works on multiple parts of Kubeflow infrastructure for... Read More →
ZC

Zhiling Chen

Software Engineer, Gojek
Zhiling Chen is a machine learning engineer at Gojek, a ride-hailing superapp and one of the fastest growing startups in Asia. At Gojek, Kubernetes powers ML across a multiplicity of applications - from ride allocation to food recommendations. As a member of the data science platform... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Advanced logging and Stream Processing with Fluent Bit - Eduardo Silva, Arm Treasure Data & Wesley Pettit, Amazon
Fluent Bit is a Fluentd sub-project that aims to solve the newest challenges in the cloud-native space. In this deep dive session, we will talk about its architecture, how data workflows operate and the ability to perform advanced stream processing on the edge. You will learn how to gather data value using the new SQL engine, data snapshots, aggregation windows, and basic machine learning.

Speakers
avatar for Eduardo Silva

Eduardo Silva

Principal Engineer, Arm Treasure Data
Eduardo is a Principal Engineer at Arm Treasure Data. He currently leads the efforts to make logging and data processing more friendly and scalable in Embedded and Containerized systems such as Kubernetes. Maintainer of Fluent Bit, a lightweight log and stream processor Besides his... Read More →
avatar for Wesley Pettit

Wesley Pettit

Amazon
Wesley works on container logging and container observability at AWS. As a new co-maintainer of Fluent Bit, he is working on extending its capabilities for metric collection, and improving its integration with AWS.


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

CNCF SIG Network Intro & Deep-Dive - Matt Klein, Lyft & Lee Calcote, Layer5
“It’s the network!” is the cry of every system administrator, every developer. With the increased prevalence of microservice-based distributed systems, it’s true - networking as a discipline has never been more critical in the efficient operation of cloud native deployments. Networking primitives, including load balancing, observability, authentication, authorization, policy, rate limiting, QoS, mesh networks, legacy infrastructure bridging, and so on are now receiving substantial development and investment throughout the industry and are the subject of focus of the CNCF Network SIG.

Join this talk for an intro to the SIG, its charter and a deeper discussion of current cloud native networking topics being advanced in this SIG. Current CNCF projects in-scope: CNI, CoreDNS, Envoy, gRPC, Linkerd, NATS, Network Service Mesh.

Speakers
MK

Matt Klein

Software Engineer, Lyft
Matt Klein is a software engineer at Lyft and the creator of Envoy. He has been working on operating systems, virtualization, distributed systems, networking, and making systems easy to operate for nearly 20 years across a variety of companies. Some highlights include leading the... Read More →
avatar for Lee Calcote

Lee Calcote

Founder, Layer5
Lee Calcote is an innovative product and technology leader, passionate about empowering engineers with efficient and effective solutions. As Founder of Layer5, he is at the forefront of the cloud native movement. Open source, advanced and emerging technologies have been a consistent... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Designing a gRPC Interface for Kernel Tracing with eBPF - Leonardo Di Donato, Sysdig
As a maintainer of the CNCF runtime security project, Falco, he was tasked with designing a mutually TLS authenticated API over gRPC in C/C++ to solve the runtime security problem. Join this talk to understand the challenges he faced with designing the interface, as well as the performance concerns with parsing millions of syscalls using eBPF over gRPC. The audience will walk away with an understanding of runtime security in cloud-native, as well as the technical concerns with building such an interface.

Speakers
avatar for Leonardo Di Donato

Leonardo Di Donato

Open Source Software Engineer, Sysdig
Leo is an Open Source Software Engineer at Sysdig. He is in charge of the Open Source methodologies and projects of Sysdig. He mainly takes care of Falco, a Container Native Runtime security project sandboxed by the CNCF. He is also involved in the Linux Foundation's eBPF project... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Introduction to SIG-Cluster Lifecycle - Lubomir Ivanov , VMware & Justin Santa Barbara, Google
The Cluster Lifecycle SIG is the Special Interest Group that is responsible for building the user experience for deploying and upgrading Kubernetes clusters. Our mission is examining how we should change Kubernetes to make it easier to operate. Since the group's formation we have focused on creating kubeadm, a streamlined installer tool and building block to simplify the installation and upgrade experience, and building a Cluster API to provide an abstraction of machines across different deployment environments and a common control plane configuration. In this introduction session, we will present the SIG's mission statement, review recent accomplishments, and discuss our future plans, where you are very welcome to contribute to the discussion. We will also focus on how new contributors can get involved in helping shape the future of Kubernetes' cluster lifecycle management.

Speakers
avatar for Justin Santa Barbara

Justin Santa Barbara

Software Engineer, Google
Justin has been contributing to kubernetes since 2014, acting as one of the primary developers and maintainers for the AWS support, and serves as a lead on sig-aws. He started the kops project, for managing and operating kubernetes clusters, and is a maintainer on kops. He joined... Read More →
avatar for Lubomir Ivanov

Lubomir Ivanov

Software Engineer, VMware
I started contributing to Kubernetes in 2017. I've been involved in various areas covered by SIG Cluster Lifecycle, SIG Release and SIG Testing. The primary sub-project that I work on is kubeadm.


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Open Policy Agent Deep Dive - Tim Hinrichs & Ash Narkar, Styra
Come to this session for a deep dive on some exciting new features in the OPA project presented by the project maintainers. This session will have plenty of time for Q&A!

Speakers
avatar for Tim Hinrichs

Tim Hinrichs

CTO, Styra
Tim Hinrichs is the CTO and Co-founder of Styra. For the last 15 years, he designed and built policy languages across different domains, most recently the CNCF Open Policy Agent and prior to that OpenStack Congress. Before Styra he worked as a software developer at VMware on Nicira's... Read More →
avatar for Ash Narkar

Ash Narkar

Senior Software Engineer, Styra Inc
Ash Narkar is a maintainer of the Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc. working on OPA development and integrations. Previously he was a Principal Engineer at Verizon... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Thanos: Cheap, Simple and Scalable Prometheus - Giedrius Statkevičius, Adform & Matthias Loibl, Red Hat
Thanos is an open-source CNCF Sandbox project that builds upon Prometheus components to create a global-scale highly available monitoring system. It seamlessly extends Prometheus in a few simple steps and it is already used in production by dozens of companies that aim for high multi-cloud scale for metrics while keeping low maintenance cost. During this talk, core maintainers of Thanos will explain basic concepts behind the project, its use cases, and tradeoffs. You will learn where to start and how to quickly deploy Thanos on Kubernetes without impacting your existing Prometheus setup. This talk is recommended for those who want to know more about running highly available Prometheus setup at scale with potentially unlimited metric retention with the lowest possible effort and cost.

Speakers
avatar for Matthias Loibl

Matthias Loibl

Software Engineer, Red Hat
Matthias Loibl is a Software Engineer working on monitoring at Red Hat. He loves working on Distributed Systems with Go, Docker, Kubernetes and Prometheus. In his free time, he contributes to numerous open source projects related to Prometheus and Drone.
avatar for Giedrius Statkevičius

Giedrius Statkevičius

Senior IT Systems Engineer, Adform
Giedrius Statkevičius is a Senior IT Systems Engineer at Adform where he works on metrics, logging, and tracing related stuff. In his free time he contributes to various projects related to Prometheus & Grafana, and dabbles with C/Rust occassionally.


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

TiKV: A Cloud Native Key-Value Database - Dongxu Huang & Nick Cameron, PingCAP
TiKV is a distributed Key-Value database that features in geo-replication, horizontal scalability, consistent distributed transactions, and coprocessor support. As a CNCF incubating project, TiKV has been widely used in production by over 500 companies. An adopter has even stored over 1.3 trillion rows of in TiKV.

In this talk, Dongxu Huang and Nick Cameron will share the story of how they built TiKV from scratch, including how they decided the technical solutions, how they interacted with other CNCF projects, and also how to apply Chaos Engineering on TiKV to guarantee system safety and robustness. In the end, Dongxu Huang and Nick Cameron will show the approach to a self-driving database in TiKV 4.0, which leverages Kubernetes to make TiKV more elastic and scalable.

Speakers
DH

Dongxu Huang

CTO, PingCAP
avatar for Nick Cameron

Nick Cameron

Senior Engineer, PingCAP
Senior engineer at PingCAP, Rust core team.Talk to me about TiKV, TiDB, or Rust.


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Multicloud Vitess over Network Service Mesh - Tim Swanson, Cisco & John Watson, PlanetScale
This talk will describe using Network Service Mesh to create a private L3 network between Kubernetes clusters in different cloud providers to seamlessly deploy multiple Vitess cells across them. We will describe a multicloud Vitess use case and walk through the deployment details, highlighting the networking requirements in the process. We will describe NSM’s inter-domain feature and multicloud capabilities and a network service which fulfills the Vitess multicloud networking requirements by dynamically forming a common private L3 routing domain to interconnect specific workloads hosted in multiple clouds.

Speakers
TS

Tim Swanson

Sr. Technical Leader, Cisco
Tim is a senior technical lead engineer at Cisco in the office of the CTO for Cloud Platform & Solutions. His current focuses are on multicloud solutions, service meshes, and contributing to related opensource communities—primarily, Network Service Mesh & Istio. Previously, Tim... Read More →
avatar for John Watson

John Watson

Site Reliability Engineer, PlanetScale
John is a seasoned SRE by the infrastructures of Dropbox, Disqus, and Mahalo. He\'s now bringing the lessons learned from operating various distributed systems in hybrid clouds to PlanetScale to build a cloud native database using Vitess and Kubernetes. You can often find John glued... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Monitoring GPUs at Scale for AI/ML and HPC Clusters - Bharti L Agrawal, NVIDIA
At Nvidia we have several large GPU K8s clusters for running deep learning training (AI/ML) workloads. On these clusters we need monitoring to support a range of user personas . First we have the end users (AI/ML researchers) who want to get an insight into how well their workloads used the GPUs and the system. Then we have the operations team who would like to monitor the general health of the cluster and be alerted in real time to any issues. Finally we have the stakeholders who would like to see the GPU utilization and saturation over time for capacity planning. These requirements cannot be satisfied by a standard “out of the box” setup.

In this presentation we will show how we used a combination of open source tools to address our requirements. We will discuss various deployment, maintenance, security and scale challenges we hit and how we resolved them for monitoring GPU data.

Speakers
avatar for Bharti L Agrawal

Bharti L Agrawal

Senior Staff Engineer, NVIDIA
Bharti Agrawal been in the software industry for over 20 years. Her career has taken her from working on mainframes, to web 2.0 sites, to SAAS applications, to advertising platforms. She has worked in a wide range of companies from small startups to Google and Yahoo. She currently... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

20,000 Upgrades Later: Lessons From a Year of Managed Kubernetes Upgrades - Adam Wolfe Gordon, DigitalOcean
Upgrading to a new release is one of the most disruptive operations we regularly inflict on our Kubernetes clusters. There are multiple strategies for doing an upgrade, but they all require rescheduling workloads and restarting cluster components.

We started offering upgrades on our managed Kubernetes platform, DigitalOcean Kubernetes Service (DOKS), in May 2019. Since then, our customers have kicked off about 20,000 automated patch and minor release upgrades on their clusters. Most of those upgrades went well, but some didn't and we've learned a few things from the ones that went wrong.

In this talk we will share lessons from a year of automated Kubernetes upgrades: what we got right, what we got wrong, workloads that caused us trouble, and changes we've made to make the process smoother. We hope these lessons will help others avoid pain in their Kubernetes upgrades.

Speakers
avatar for Adam Wolfe Gordon

Adam Wolfe Gordon

Sr. Engineer, DigitalOcean
Adam Wolfe Gordon is a software engineer at DigitalOcean, currently working on managed Kubernetes and container registry. He previously worked on block storage at DigitalOcean and EMC. Adam is a regular conference speaker and a frequent attendee of and presenter at local meetups in... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Benchmarking Performance of Remote Procedure Call Frameworks in Kubernetes - Chirag Aggarwal & Iqbal Farabi, Gojek
Remote Procedure Call (RPC) has existed since the mid 1970s. RPC is a design paradigm that allows two entities to communicate over a communication channel in general request-response mechanism. Over the time, RPC has evolved. RPC's change from synchronous to asynchronous paradigm has enabled microservices architecture to flourish.

Nowadays, there are several RPC frameworks in the CNCF landscape alone. In speakers’ experience, in the beginning, it can be overwhelming for an end-user to choose the right RPC framework for their use-cases. Therefore, in this talk, speakers will present the findings of their experiments to benchmark various RPC frameworks - gRPC, Thrift, Avro and Dubbo. The experiments try to benchmark request throughput, CPU time and request latencies across variety of payloads - small, large, deeply nested; when the microservices are using these frameworks in Kubernetes.

Speakers
CA

Chirag Aggarwal

System Engineer, Gojek
Chirag is a product engineer turned to a systems engineer. He’s been at GoJek for four years and has been working with multiple teams, most notably Gojek Pricing team, which utilises gRPC heavily at the core of its architecture. Now as a Systems Engineer, he works in a team which... Read More →
IF

Iqbal Farabi

System Engineer, Gojek Indonesia
Iqbal is a teacher, developer, and now a system engineer at Gojek. Before joining Gojek, Iqbal worked for 8 years a Ruby developer and taught Ruby to fresh graduates on pro-bono basis in Indonesia. Now, he works in Cloud Foundation team which focuses on developing containers-based... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

In a Container, Nobody Hears Your Screams: Next Generation Process Isolation - Andrew Martin, ControlPlane
Is it ever safe to run untrusted code in containers? Should process isolation keep workloads in, or attackers out? What would it take to run a malware test lab in Kubernetes?

With fast startup times and consistent execution environments containers beat traditionally slow, monolithic VMs -- but with the advancement of micro VMs the boundaries have become blurred. It is increasingly difficult to know which isolation technology to choose for our next application. Can we run different workloads in different “container” types -- on the same cluster?

In this talk we:
- examine the history of trying to safely run unsafe processes
- compare and contrast the emerging generation of process isolation and security techniques
- rationalise the design decisions that drive each project
- demo how to break in, out, and learn about what workloads are best suited to run in each technology

Speakers
avatar for Andrew Martin

Andrew Martin

Director, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is comfortable profiling and securing every tier of a bare metal or cloud native system, and has battle-hardened... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Capacity-aware Dynamic Volume Provisioning For LVM Local Storage - Kazuhito Matsuda & Satoru Takeuchi, Cybozu
This session presents a summary of the existing Kubernetes features to use local storage devices (e.g. hostPath and local persistent volumes) in first, then introduces a novel CSI plugin named TopoLVM.

Applications that can replicate data themselves (e.g. Elasticsearch, MySQL, Ceph) are promising users of local storage because of their needs for lower prices and higher I/O performance storage. Although existing ways enable to use of local storage, the following desired features are not provided yet:

- Raw block volume
- Capacity-aware dynamic provision
- Online volume resizing

To satisfy these features, the authors created a novel CSI plugin named TopoLVM. It dynamically creates logical volumes of LVM and extends the standard Pod scheduler to consider volume group capacity of each node. Besides, it intends to support more features including online resizing.

Speakers
avatar for Satoru Takeuchi

Satoru Takeuchi

Software Developer, Cybozu
He is a developer of an on-premise Kubernetes cluster and Rook/Ceph cluster since 2018. Before that, he has been a Linux kernel developer since 2005. He has committed to process scheduler, CPU/PCI hotplug, ktest, Btrfs, and so on.He made a presentation named \"Btrfs - Current Status... Read More →
avatar for Kazuhito Matsuda

Kazuhito Matsuda

Software Engineer, Cybozu
He received the Ph.D. degree in Information and Computer Sciences from Osaka University in Japan and works at FUJITSU LABORATORIES LTD. He is now contributing to the open-source Neco because he has interests in networking and distributed systems on data-center.Speaking experience... Read More →


Wednesday August 19, 2020 14:25 - 15:00
TBA

14:25

Stress and Mental Health in Technology - Dr Jennifer Akullian, Growth Coaching Institute
Expanding on her Kubecon 2019 talks on ‘Mental Health in Tech,’ Jennifer (psychologist and founder of GCI) will deep dive into the impact of industry stress and burnout. Research suggests the prevalence of diagnosed mental health conditions in tech professionals ranges between 20-50%. While this is notably high, mental health is further exacerbated by stress, a condition nearly all professionals in technology grapple with. Attendees are encouraged to view one of Jennifer’s 2019 Kubecon talks prior to attending “Stress and Mental Health in Technology.” In her follow-up, time will be dedicated to the impact of stress on productivity and effectiveness, and will include ways in which its aversive effects can be managed. 
Why are so many professionals in tech burning out? Why are so many diagnosed with mental health conditions? Why is working in technology so stressful? Why is stress minimized and accepted as part of the job? Why aren't we giving this more attention considering the impact work-related stress has on nearly every area of our lives, including overall functioning, health and well-being? What can we do about this? Come learn more about this pertinent topic and be part of the discussion with dedicated time for Q&A.

Speakers
avatar for Jennifer Akullian

Jennifer Akullian

Founder | Psychologist, Growth Coaching Institute
Jennifer is a psychologist, coach, and founder of Growth Coaching Institute. She supports the growth of leaders, professionals and teams in the tech industry. Jennifer is an advisor and speaker on the topic of mental health in technology and is honored to be invited to speak at her... Read More →


Wednesday August 19, 2020 14:25 - 15:55
TBA

14:25

Tutorial: Using BPF in Cloud Native environments - Lorenzo Fontana, Sysdig & Alban Crequy, Kinvolk
Kubernetes provides a high-level abstraction layer that makes it easy to deploy distributed computing resources without knowing what’s happening in the kernel and applications. But when debugging, Kubernetes does not provide any help in inspecting these low-level details.

We showcase the following tools specifically designed for running on Kubernetes:
- Inspektor Gadget, built on BPF Compiler Collection (BCC) and traceloop
- kubectl-trace, built on bpftrace

These allow devops teams to answer debugging questions such as:
- What were the last system calls executed before the crash?
- Was this function called? With which arguments and return value?
- Which TCP packets were retransmitted?
- Which queries run slow?
- Was this file opened?

Please bring a fully charged laptop with pre-installed Linux (4.18+) and Minikube (v1.4.0+).

Speakers
avatar for Alban Crequy

Alban Crequy

CTO, Kinvolk
Alban is CTO & co-founder at Kinvolk. He has a particular interest in integrating BPF into Kubernetes. He’s a maintainer of the gobpf library and has worked on software in the cloud space using BPF with Golang: Weave Scope, Traceleft, Project Calico, and recently Inspektor Gadget... Read More →
avatar for Lorenzo Fontana

Lorenzo Fontana

Open Source Software Engineer, Sysdig
Lorenzo Fontana is an Open Source Software Engineer at Sysdig where he primarily works on Falco. He’s passionate about distributed systems, software defined networking, the Linux kernel and performance analysis.


Wednesday August 19, 2020 14:25 - 15:55
TBA

15:20

Managing Applications in Production: Helm vs. ytt and kapp - Dmitriy Kalinin & Shatarupa Nandi, Pivotal
Have you ever got a stuck Helm upgrade? Did you struggle counting number of spaces to use for indenting a template chunk? Have you switched away from generic deployment tools to writing your own operators? Do you dream about extracting common app configuration into a library for use by all your applications?

This talk will dissect challenges you and I have faced while working with production Kubernetes environments, managing non-trivial application configuration, and deployment mechanics. It will dig deep into Helm v2, Helm v3, ytt, kbld, kapp, to understand design choices that ultimately result in great successes and failures in your production environments. Attendees will come away with a deeper knowledge of the inner workings of these tools and appreciation for the complexity hidden away in these tools.

Speakers
avatar for Dmitriy Kalinin

Dmitriy Kalinin

Principal Software Engineer, Pivotal
Dmitriy Kalinin works at Pivotal on various projects, most recently contributing to Kubernetes and Knative. Recently he has been working on several open source tools that help manage applications on Kubernetes.
SN

Shatarupa Nandi

Director of Engineering, Pivotal
Shatarupa Nandi is a Director of Engineering at Pivotal. She has led various technical initiatives across the company, most recently focusing on running Pivotal products on Kubernetes.


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Turtles All The Way Down: Chasing a Network Issue Through Many Abstractions - Mike Tougeron & Tony Gosselin, Adobe
Adobe’s Advertising Cloud takes you on a real-world journey of troubleshooting an application’s communication across all layers of the infrastructure stack, from ingress controllers to CNI to Openstack Neutron to physical networking.  Come hear how they were able to solve their customer’s problem, and the lessons learned along the way about picking an appropriate CNI, tracing traffic through your stack, and creating visibility in your clusters to help pin-point transit issues.

Speakers
avatar for Mike Tougeron

Mike Tougeron

Lead Site Reliability Engineer, Adobe
For several years Mike has been building Kubernetes platforms and deployments. With a passion for automation and developer engagement, Mike works towards continuously improving development pipelines to take the complication out of managing services on large-scale infrastructure backed... Read More →
avatar for Tony Gosselin

Tony Gosselin

Senior Site Reliability Engineer, Adobe
Tony is a technologist with a passion for finding and executing solutions to user problems, both epic and miniscule. As an SRE with Adobe Advertising Cloud, his day to day is filled with supporting 150k cores of Openstack. More recently, he\\\'s been developing and maintaining Advertising... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Next Generation of CI/CD: Analytics-driven Traffic Management on Kubernetes - Fabio Oliveira, IBM
We will describe and demonstrate how to architect a CI/CD solution to upgrade Kubernetes services while relying on fully automatic traffic management driven by principled metric and success criteria analysis. Our solution relies on Istio’s support for traffic management and on iter8 (https://iter8.tools), a new open-source Kubernetes controller and analytics engine. Iter8 automatically shifts user traffic to a canary version as it becomes increasingly confident in the canary’s performance and correctness, and it rolls back to the current version if things go bad. By way of example, we will show how IBM Watson Health migrated to our proposed solution and the lessons learned in the process.

Speakers
avatar for Fabio Oliveira

Fabio Oliveira

Research Scientist, IBM Research
Fabio Oliveira is a research scientist at IBM Research, where he has been working on several projects related to cloud computing and microservices. More recently, he has been interested in deriving meaningful insights from large volumes of metrics and monitoring data generated by... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

5 Things You Could Do to Improve Your Local Community - Ivan Pedrazas, InfluxData & Dominique Top, Babylon Health
Community is everything! Either if you're organising a meetup, or you want to organise one, or you are just part of one and you would like to do more. This is your talk!

In this talk, we will cover the different initiatives and efforts that we have been making in London to nurture, empower and care for the community. For example, we will talk of the Meta Meetup, a meetup for meetup organisers. We will talk also about Meetup Mates. An online community, with the aim to connect people who are looking to attend more Meetups in the technical space and make friends with people with similar interests. Why did we create it, how is it going and what's coming. Also, about Menta, an initiative to help mentoring, coaching and training.

We will give tips about how to make your meetup more inclusive, how to make people feel safer and more welcome, and what to do when things don't go as planned.

Speakers
avatar for Ivan Pedrazas

Ivan Pedrazas

Software Engineer, InfluxData
Ivan has a background in development and architecture. He has been helping companies like the UK Home Office, State Street, Soho House, or currently at InfluxData to adopt Kubernetes and release better software, more often. He enjoys designing and building platforms on distributed... Read More →
avatar for Dominique Top

Dominique Top

Developer Relations & Community Manager, Babylon Health
Community Advocate and London’s Docker Community Leader (of the year 2019!), and Co-Founder of Meetup Mates. Dominique has been a passionate part of the DevOps Community for the past few years. She runs the Docker London Meetup, Co-runs the Cloud Native London Meetup, on the committee... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Public Technical Oversight Committee (TOC) Meeting – Liz Rice, Aqua Security; Katie Gamanji, American Express; Saad Ali, Google; Justin Cormack, Docker; Michelle Noorali, Microsoft; & Sheng Liang, Rancher
The Technical Oversight Committee (TOC) provides technical leadership to the cloud-native community. The CNCF will host a public TOC meeting, inviting the community to discuss various agenda items along with holding an open Q&A for the community with TOC members.

Moderators
avatar for Chris Aniszczyk

Chris Aniszczyk

CTO, The Linux Foundation

Speakers
avatar for Liz Rice

Liz Rice

Vice President, Open Source Engineering, Aqua Security
Liz Rice is VP Open Source Engineering at cloud native security specialists Aqua Security. She also chairs the CNCF's Technical Oversight Committee, and was Co-Chair of KubeCon + CloudNativeCon in 2018. She has a wealth of software engineering experience working on network protocols... Read More →
avatar for Justin Cormack

Justin Cormack

Engineer, Docker
Justin Cormack is Security Lead at Docker. He is a maintainer on the CNCF Notary project and is involved with CNCF SIG Security. He has spoken at Kubecon on a variety of subjects such as containerd, security audits, Notary and container runtimes. He also speaks at other events such... Read More →
avatar for Saad Ali

Saad Ali

Staff Software Engineer, Google
Saad Ali is a Staff Software Engineer at Google and member of the CNCF Technical Oversight Committee. He works on the open-source Kubernetes project, and has led the development of the Kubernetes storage and volume subsystem. He serves as a lead of the Kubernetes Storage SIG, and... Read More →
avatar for Michelle Noorali

Michelle Noorali

Senior Software Engineer, Microsoft
Michelle Noorali is a Sr. Software Engineer at Microsoft and was Co-Chair for KubeCon+CloudNativeCon 2017. She is a member of the CNCF Technical Oversight Committee and serves as a developer representative on the CNCF Governing Board. Michelle is also a core maintainer of several... Read More →
avatar for Sheng Liang

Sheng Liang

Cofounder and CEO, Rancher
Sheng Liang is co-founder and CEO of Rancher Labs. Prior to starting Rancher, Sheng was CTO of the Cloud Platforms group at Citrix Systems after their acquisition of Cloud.com, where he was co-founder and CEO. Sheng started his career as a Staff Engineer in Java Software at Sun Microsystems... Read More →
avatar for Katie Gamanji

Katie Gamanji

Cloud Platform Engineer, American Express
Currently a Cloud Platform Engineer at American Express. Former cloud platforms engineer at Condé Nast, that contributed to the creation of a centralized, globally distributed platform, with Kubernetes as its centerpiece. In the past worked on maintaining and automating site delivery... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Topology Aware Scheduling Using Prometheus and Telemetry Aware Scheduler - Killian Muldoon, Intel & Tom Golway, Hewlett Packard Enterprise
The k8s default scheduler does an excellent job scheduling cloudnative workloads but the same isn’t true for performance sensitive workloads. Scheduling based on Topology of hardware resources is currently impossible due to the scheduler’s lack of knowledge of node topology. Topology Manager in kubelet aligns topology-based resource allocations from CPU and Device Manager but only after workloads are scheduled. With Observability tools becoming popular we solve this problem using Prometheus and Telemetry Aware scheduler, a scheduling enhancement framework.
The focus of this talk is Topology Aware Scheduling and we discuss how exposing cluster level topology to the scheduler using Prometheus enhances the default scheduler, empowering it to proactively use node level topology to make intelligent NUMA aware placement decisions leading to more effective cluster wide performance of workloads.

Speakers
avatar for Tom Golway

Tom Golway

Chief Technologist, Hewlett Packard Enterprise
Tom Golway is a chief technologist at Hewlett Packard Enterprise, focused on providing thought leadership to customers on digital transformation strategies. He works with customers on emerging technologies such as blockchain, zero-trust architectures, deep learning and memory-driven... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

How Spotify Improved ML Productivity By Running TFX on Kubeflow Pipelines - Samuel Ngahane & Andrew Martin, Spotify
As Spotify looks to apply ML to solve an increasing number of problems, challenges have arisen in making sure that a diverse group of ML practitioners across the company can be as productive as possible without infrastructure and tooling getting in their way.

In this talk, we will demonstrate how Spotify uses Tensorflow Extended (TFX) and Kubeflow Pipelines (KFP) to remove the biggest pain points in building production-grade ML systems, enabling practitioners to experiment quickly as well as easily transition to production. We will talk through the basics of TensorFlow Extended and the problems it solves, some of the challenges we faced getting TFX to run on Kubeflow Pipelines, and how we were able to bridge the gap. We will share our learnings along the way, and show how TFX on KFP has been a huge success for increasing our ML productivity.

Speakers
avatar for Andrew Martin

Andrew Martin

Director, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is comfortable profiling and securing every tier of a bare metal or cloud native system, and has battle-hardened... Read More →
avatar for Samuel Ngahane

Samuel Ngahane

Staff Machine Learning Engineer, Spotify
Samuel Ngahane is a Staff Engineer on Spotify’s Machine Learning Platform team. His team is responsible for building the platform and tools that ML practitioners across Spotify use to bring ML solutions from an idea to production. Before Spotify, Samuel helped to build Twitter’s... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

CloudEvents in the Real World - A Hands on Lab - Scott Nichols, VMware
The CNCF Serverless Working Group has published version 1.0 of the CloudEvents specification a few months ago. As part of that effort, the group has also been producing SDKs for various languages such as Golang, C#, Java, and JavaScript to get up and going using CloudEvents. The lab will introduce the CloudEvents concept, and explore some integration patterns that are possible. Then learn how to code with the CloudEvents SDKs from the CloudEvents SDK authors! This hands on lab will have several exercises of increasing complexity to learn everything you need to know about how to produce and consume CloudEvents in an application.

Speakers
avatar for Scott Nichols

Scott Nichols

Software Engineer, VMware
Scott Nichols is a now at VMware focused on making it easy to create and understand portable event driven serverless workloads. This work is done through Kubernetes, Knative and CloudEvents.


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Deep Dive: Harbor - Enterprise Cloud Native Artifact Registry - Steven Zou & Daniel Jiang, VMware
Harbor is an open-source trusted cloud-native registry project that stores, signs, and scans content. It has been widely used by organizations large and small around the world to resolve both the container image and Helm Chart management challenges. In this session, the speakers would like to talk more details about the evolution of making Harbor support managing kinds of cloud-native artifacts like Image, Helm Chart, CNAB and OPA bundle, etc. with simple and unified user experiences and promoting Harbor to be the best OCI compatible cloud-native artifact registry then. At the same time, they're going to share the future roadmap of Harbor project and community with the attendees, including but not limited to non-blocking online GC, Proxy cache, P2P distribution, and EDGE computing support, etc. Additionally, they'd like to update the current status of the Harbor community and encourage more participation in the Harbor community. Furthermore, the team would love to get feedback from users and contributors to current features and future roadmap.

Speakers
avatar for Steven Zou

Steven Zou

Staff Engineer, VMware
Jia Zou (Steven) is a staff engineer of VMware China R&D. He is primarily working on the open-source Project Harbor which is an enterprise-class container image registry as lead engineer and core maintainer. Moreover, he’s doing innovation and incubation of projects on the Kubernetes... Read More →
avatar for Daniel Jiang

Daniel Jiang

Staff Engineer, VMware
I'm a software engineer from VMware, who joined the company around the end of 2015. Currently working on a open source registry project called Harbor. I'm one of the founding member of this project.I have been giving speech in different meet-ups talking about docker image management... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Minikube - Rohit Anand, NEC Corporation & Medya Ghazizadeh, Google
Join minikube maintainers for a deep dive into how minikube runs Kubernetes on your local machine. We'll cover how to get started with minikube and what customizations are available so you can have the best possible local development experience. We'll also go over how you can contribute to the project, new features we've recently added, and what you can expect from minikube in 2020. This session is intended for both new and seasoned minikube users.

Speakers
avatar for Medya Ghazizadeh

Medya Ghazizadeh

Senior Software Engineer, Google
Medya Ghazizadeh is a Sr.Software engineer at Google. holds masters degree from DePaul University. one of the minikube maintainers.loves open source, poetry and human languages.
avatar for Rohit Anand

Rohit Anand

Senior Member Technical Staff, NEC
Rohit is a cloud native enthusiast and active contributor in Kubernetes. Rohit is currently working as Senior Member Technical Staff at NEC. He is working in primary as well as secondary software development work based on Kubernetes. Rohit has expertise in python, go, shell scripts... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Prometheus Deep Dive - Goutham Veeramachaneni, Grafana Labs & Bartłomiej Płotka, Red Hat
The Prometheus deep-dive will present advanced use cases, in particular how to run and scale up a vanilla Prometheus setup for large organizations. A number of Prometheus maintainers will be around for the Q&A.

Speakers
GV

Goutham Veeramachaneni

Software Engineer, Grafana Labs
avatar for Bartlomiej Plotka

Bartlomiej Plotka

Principal Software Engineer, Red Hat
Golang, Microservices, Prometheus, Thanos & Volleyball


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Rook Deep Dive: Ceph & EdgeFS - Travis Nielsen, Red Hat & Dmitry Yusupov, High Peak Data
Description: In this talk, a deep-dive will be presented for the Rook storage providers that have been declared as stable: Ceph and EdgeFS. Rook is an open source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for a diverse set of storage solutions to natively integrate with cloud-native environments. Rook is run today in many production environments, providing a stable storage platform for your data. The architecture and recent improvements will be show how Rook provides the management layer for production environments. Rook was accepted as the first storage project hosted by the Cloud Native Computing Foundation in January 2018.

Speakers
avatar for Travis Nielsen

Travis Nielsen

Senior Principal Software Engineer, Red Hat
Travis Nielsen is a Senior Principal Software Engineer at Red Hat where he works on “the future of storage” as part of the Ceph distributed storage system team. Travis was one of the original founders of the Rook project at Quantum Corporation. Prior to Rook, Travis was the storage... Read More →
DY

Dmitry Yusupov

Founder, CEO, CTO, High Peak Data


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

SIG Usability: Unifying the Experience for the Kubernetes User - Gaby Moreno Cesar, IBM & Pamel Shinh , VMware
SIG Usability is focused on the core end-user usability of the Kubernetes project. This includes efforts in user research, internationalization, and accessibility. We will be going over some of the SIG's initiatives, opportunities to get involved, as well as diving into the topic of what makes up a usability contribution? Pulling from the field of cognitive science, we will present some well-established usability and software experience principles that both code and non-code contributors can use to expand the types of contributions they make to open source projects.

Speakers
avatar for Pamel Shinh

Pamel Shinh

Staff Product Designer, VMware
Pamel is a Staff Product Designer at VMware working on integrating Kubernetes into vSphere. She is also a SIG Usability contributor.
avatar for Gaby Moreno Cesar

Gaby Moreno Cesar

Senior Product Designer, IBM
Gaby is a Senior Product Designer at IBM working on IBM Cloud Kubernetes Service and Red Hat OpenShift on IBM Cloud. She is a SIG Usability contributor.


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

CoreDNS for Hybrid and Multi-cloud - Yong Tang, MobileIron
This session will cover CoreDNS configurations in hybrid and multi-cloud environments, including serving DNS record provided by cloud vendors such as AWS (Route53) and GCP (Cloud DNS), supporting DNS over TLS and DNS over gRPC for securing DNS data communications, managing zone data with records shuffling and reordering for service workload rebalancing, and finally deploying CoreDNS in multiple Kubernetes clusters across multi-cloud for service discovery. This session is intended for people familiar with basic CoreDNS configurations but wishing to extend CoreDNS’s functionality in complicated scenarios. It is important to mention that the flexibility and ease of use allow CoreDNS to solve many real-world problems with brevity.

Speakers
avatar for Yong Tang

Yong Tang

Director of Engineering, MobileIron
Yong Tang is the director of engineering at MobileIron. He is a core maintainer of CoreDNS and contributes to many container, cloud-native, and machine learning projects for the open source community. In addition to CoreDNS, he is a maintainer of Docker/Moby. He is also a maintainer... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Turn It Up to a Million: Ingesting Millions of Metrics with Thanos Receive - Lucas Servén Marín, Red Hat
Thanos is an open-source CNCF Sandbox project that builds upon Prometheus components to create a global-scale and highly available monitoring system. In this talk, Lucas Servén presents a solution for creating a multi-tenant horizontally scalable metrics ingestion system using the newest addition to the Thanos toolset: the Thanos Receive component. The talk considers the motivations for building a system capable of ingesting metrics from thousands of clusters, including: multi-cluster monitoring and cluster telemetry. Lucas discusses how Thanos Receive is able to satisfy these requirements and how its hash ring design allows it to scale and maintain ingestion availability even during upgrades. Finally, the talk demonstrates the practice of running an automatically scalable hash ring by leveraging the Thanos Receive Controller, Horizontal Pod Autoscaler, and the Prometheus Adapter.

Speakers
avatar for Lucas Servén Marín

Lucas Servén Marín

Senior Software Engineer, Red Hat
Lucas Servén Marín is a senior software engineer from Spain currently working for Red Hat in Berlin. By trade he is an electrical engineer, with a Masters in robotics. After two years at CoreOS, he joined Red Hat where he works on the OpenShift Monitoring team and contributes to... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Kubernetes DNS Horror Stories (And How to Avoid Them) - Laurent Bernaille, Datadog
DNS is one of the Kubernetes core systems and can quickly become a source of issues when you’re running clusters at scale. For over a year at Datadog, we’ve run Kubernetes clusters with thousands of nodes that host workloads generating tens of thousands of DNS queries per second. It wasn’t easy to build an architecture able to handle this load, and we’ve had our share of problems along the way.

This talk starts with a presentation of how Kubernetes DNS works. It then dives into the challenges we’ve faced, which span a variety of topics related to load, connection tracking, upstream servers, rolling updates, resolver implementations, and performance. We then show how our DNS architecture evolved over time to address or mitigate these problems. Finally, we share our solutions for detecting these problems before they happen—and identifying misbehaving clients.

Speakers
LB

Laurent Bernaille

Staff Engineer, Datadog
Laurent Bernaille worked several years as a consultant specialized in cloud, containers, and automation and helped organizations migrate to the public cloud, adopt containers and improve their deployment pipelines. He is now Staff Engineer at Datadog and works in the Compute team... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

What You Didn’t Know About Ingress Controllers’ Performance - Mikko Ylinen & Ismo Puustinen, Intel
The Kubernetes Ingress is a way to connect cluster services to the world outside of the cluster. The incoming traffic is routed through a proxy server that is responsible for tasks such as load balancing and TLS termination. The proxy server performance plays a critical role in good service experience, contributing directly to HTTP request latency. In this talk we give a detailed performance breakdown of common proxy servers used in Kubernetes Ingresses and discuss where to pay attention to when configuring the proxy to gain the best performance. The focus is in CPU intensive TLS crypto operations (such as TLS handshakes), hardware acceleration, node resource allocation, and ideal workload placement.

Speakers
MY

Mikko Ylinen

Senior Software Engineer, Intel
Mikko is a cloud and edge software architect at Intel’s Open Source Technology Center. He comes with an embedded linux and operating systems engineering background but has most recently worked on security related topics in containers and cloud infrastructure. He has given presentations... Read More →
IP

Ismo Puustinen

Cloud Software Engineer, Intel
Ismo joined Intel Finland in 2011 to create interesting Linux software, and has enjoyed the work ever since. Ismo is nowadays occupied with creating cloud software, but he also has a strong interest in embedded Linux and engineering secure operating systems: he has previously presented... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Securing Ada Health’s Microservices with OPA - Martin Pratt, Ada Health & Ash Narkar, Styra
Ada is a global health company operating in over 140 countries helping people to manage their health and doctors to deliver effective care. We operate in a highly regulated industry where information security and compliance (MDR, HIPAA, CE, GDPR, etc) are critical.

In this talk, we will describe our “Shift Left” approach to security by using OPA to codify and enforce policies across our microservice architecture.

We will focus on the design of our OPA driven application development process that allows us to define custom security policies using OPA and enforce them by injecting our apps with an Envoy sidecar resulting in policy-enabled apps that are now ready to provide least-privilege access to PHI and PII data of our users.

In our demo we will show real-world examples of how we restrict access to sensitive data as well as how we control inbound and outbound traffic from our apps.

Speakers
avatar for Ash Narkar

Ash Narkar

Senior Software Engineer, Styra Inc
Ash Narkar is a maintainer of the Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc. working on OPA development and integrations. Previously he was a Principal Engineer at Verizon... Read More →
MP

Martin Pratt

Technical Director - Platform, Ada Health
Martin is the Technical Director for Platform at Ada Health. Martin has a degree in Human Computer Interaction, and has spent the last 13 years working in the technology sector in a wide range of roles, from product design & engineering through to system and organizational design... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

15:20

Cloudstate—Towards Stateful Serverless - Jonas Bonér & James Roper, Lightbend
The Serverless experience is revolutionary and will grow to dominate the future of Cloud. FaaS however—with its ephemeral, stateless, and short-lived functions—is only the 1st step. It's great for processing-intensive, parallelizable workloads, but limited in use-cases, making it hard to impl general-purpose apps.

What’s needed is a next-gen Serverless platform for general-purpose app dev for our new world of real-time data & event-driven systems. What’s missing is: ways to manage distributed state in a scalable & available fashion, long-lived stateful services, ways to co-locate data & processing, and options for data consistency.

This talk will discuss challenges, requirements, and introduce you to our proposed solution: CloudState—an OSS project building next-gen Stateful Serverless on Akka, gRPC, Kubernetes & GraalVM, with client support for Go, JavaScript, Java, Swift and more.

Speakers
avatar for Jonas Bonér

Jonas Bonér

CTO, Lightbend
Jonas Bonér is founder and CTO of Lightbend, creator of the Akka project, initiator and co-author of the Reactive Manifesto, and a Java Champion. Learn more at: http://jonasboner.com.
avatar for James Roper

James Roper

Cloud Architect, Lightbend
James is a long time open source contributor and Reactive systems expert. He is the creator of Cloudstate, the framework that brings distributed state management to the serverless world. He also created the Lagom Reactive microservices framework and is a core contributor to Play... Read More →


Wednesday August 19, 2020 15:20 - 15:55
TBA

16:25

Toolchains Behind Successful Kubernetes Development Workflows - L Körbes, Tilt
Kubernetes solved a lot of problems, but it created a clumsy development workflow: Every code change requires fiddling with containers, registries, and manifests. Managing config files isn't trivial. Distributed debugging; a mystery. Dev clusters are tricky to set up, and sharing cluster state among team-members is mostly fiction.

L Körbes, an expert in Kubernetes development tooling, outlines successful development workflows in three different settings: a very large enterprise, a small and agile startup, and a popular open source project.

L will share how they set up dev clusters, manage configs, automate the development feedback loop, share context across teams, debug, and, finally, deploy to production.

Learn how these teams made their Kubernetes dev workflows not only seamless, but amazing to use!

Speakers
LK

L Körbes

Developer Relations, Tilt
L Körbes does developer relations at Tilt. They first got acquainted with Kubernetes while writing code for kubectl, in a SIG-CLI internship. They've spoken about Kubernetes and Go at world-famous events like OSCON, Velocity, OSS Summit, GOTO, GopherCons US & EU, CloudNative London... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Enabling E2E Observability via Open Source in 5G Telco CNFs - Tamas Zsiros & Henrik Saavedra Persson, Ericsson
Ericsson is building CNFs for 5G being deployed in live operation throughout the world. One of the earliest challenges to answer when developing for a Kubernetes evnironment was how to enable observability (monitoring, logging and tracing) as well as configuration management for cloud native applications that need to interact with a multitude of management and visualization systems, some of which were created for the cloud (e.g. ONAP), and some which has long been established in telecom service providers' environments.

To answer the challenge Ericsson has built a platform using open source projects straight from the CNCF Landscape. This session will show the motivations behind this undertaking, walk you throuh the architecture of the platform and discuss the benefits and challenges of using open source and cloud native for 5G networks.

Speakers
avatar for Tamas Zsiros

Tamas Zsiros

Head of Systems & Technology, Ericsson
Tamas Zsiros is an engineer, architect and technical leader in Ericsson with more than 19 years of professional experience, living in Stockholm, Sweden. He is currently driving digitalization and cloud native transformation for applications including telco VNFs, OSS and BSS. He has... Read More →
avatar for Henrik Saavedra Persson

Henrik Saavedra Persson

Senior Principal Developer, Ericsson
Henrik Saavedra Persson has a master’s degree in software engineering. Joined Ericsson back in 2006 and has since then been taken on different roles within the company. He has been part of the company transition towards the use of open source since 2009. His current role is chief... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Lowest Common Denominator: Using Volumes for API Compatibility - Christie Wilson & Billy Lynch, Google
CI/CD pipelines can be viewed as conveyor belts, moving your source code through a series of tests and ultimately resulting in deployable configurations and binaries. But what if you switch from deploying java jars to Docker images or from GitHub to GitLab? Do you need to build the whole pipeline again?

In this talk you will learn how containers and volumes can be defined to abstract away implementation details in a reusable way so that cloud native CI/CD tools can focus on the API everyone understands—the filesystem.

You’ll see examples of this in action using Tekton Pipelines and Triggers, including a demo where we demonstrate how these integrations can be easily swapped, and we’ll show you the nitty gritty of how this is implemented with Kubernetes CRDs.

Speakers
avatar for Christie Wilson

Christie Wilson

Software Engineer, Google
Christie Wilson (she/her) is a software engineer at Google and co-creator of the Tekton project. Over the past decade+ she has worked in the mobile, financial and video game industries. Prior to working at Google she built load testing tools for AAA video game titles, and founded... Read More →
avatar for Billy Lynch

Billy Lynch

Software Engineer, Google
Billy Lynch is a software engineer at Google. Previously he worked on Cloud Build, Cloud Source Repositories, and Google Code. Today he works on CI/CD tooling within Tekton.


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Organising Your Own Kubernetes Community Day - Daniel Paulus, Fullstaq
In 2019 the first Kubernetes Community Day (KCD) took place at Amsterdam. This first event was organised without any of the CNCF KCD resources available. With another event on its way later in 2020 this is a good moment to share experiences and share some of the resources that are available to organisers today.

We will talk about the successes, failures and resources. We zoom in on the actual event and the learnings. Attendees will leave inspired to organise an KCD event and know where to go for support in doing so.

Speakers
avatar for Daniel Paulus

Daniel Paulus

Consultant, Fullstaq
Daniel is a serial conference organiser and meetup runner. As a consultant at Fullstaq, Daniel is helping companies succeed with Cloud Native technologies and DevOps practices.


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Implementing Predictive Scaling for Deployments Based on Machine Learning - Janakiram MSV, Janakiram & Associates
Kubernetes supports scaling workloads through horizontal pod autoscaling (HPA) and cluster autoscaling. Both techniques are based on reactive scaling influenced by the availability of CPU resources. By combining machine learning with Kubernetes API, we can implement predictive scaling that can schedule/un-schedule pods and provision/de-provision nodes based on future resource requirement.

This session introduces various concepts that include accessing metrics from Prometheus, consuming the Kubernetes API, configuring secrets, creating service accounts, integrating ML models, and managing the lifecycle of deployments.

Speakers
avatar for Janakiram MSV

Janakiram MSV

Principal Analyst, Janakiram & Associates
Janakiram is a practicing architect, analyst, and advisor with a focus on emerging infrastructure technologies. He provides strategic advisory to technology platform companies, startups, ISVs, and enterprises. As a practitioner working with a diverse Enterprise customer base across... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Taming Data/State Challenges for ML Applications and Kubeflow - Skyler Thomas, Hewlett Packard Enterprise
The Kubeflow project brings incredibly powerful Machine Learning frameworks like TensorFlow and PyTorch to Kubernetes. The ability to parallelize training and the ability to scale workflows up and down is revolutionary. However, state and persistent storage are a much bigger challenge for machine learning workloads because of their training data, library files, and models. We will discuss what it took to create AI/ML environments running thousands of pods and that request petabytes of training data.

We will explore the various state and storage challenges that crop up when you are building Kubeflow applications. We will discuss where distributed persistent storage solutions fit in the picture. We will address various storage api's including: POSIX/CSI solutions, NFS, S3, and HDFS fit into solutions. Data security and privacy issues will be discussed.

Speakers
ST

Skyler Thomas

Distinguished Technologist, Hewlett Packard Enterprise
Skyler Thomas is a Distinguished Technologist and Hewlett Packard Enterprise. He the chief architect for Kubernetes based Artificial Intelligence and Machine Learning at HPE. He joined HPE in the MapR acquisition where he he helped customers design ML simulation environments with... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

An introduction to Helm - Bridget Kromhout, Microsoft & Reinhard Nägele, codecentric AG
CNCF Helm is a package manager for Kubernetes manifests that helps you write, share, find, and manage applications on Kubernetes. In this session you will learn the basics of Helm. We’ll dive into the components that make up Helm, and what a Helm Package looks like. We’ll then look at ways you can share Helm Charts and we’ll show you how to deploy an existing Helm Chart as well as how to get started writing your own Helm Chart.  We’ll finish off by talking about some of the other exciting tools in the Helm ecosystem.

Speakers
avatar for Bridget Kromhout

Bridget Kromhout

Principal Program Manager, Microsoft
Bridget Kromhout is a Principal Program Manager at Microsoft, focusing on the open source Kubernetes ecosystem. Her CS degree emphasis was in theory, but she now deals with the concrete (if 'cloud' can be considered tangible). After 15 years as an operations engineer, she traded being... Read More →
avatar for Reinhard Nägele

Reinhard Nägele

Senior IT Consultant, codecentric AG
Reinhard is a Senior IT Consultant at codecentric\'s Munich office. He has more than 20 years of Java development experience and also likes programming in Go, Python, or Kotlin. He is a strong proponent of automation. In recent years, he has gained substantial knowledge in infrastructure... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

16:25

Cloud-Native Application Delivery Landscape Update (Deep-Dive) - Alois Reitbauer, Dynatrace & Lei Zhang, Alibaba
In the session the audience will learn about the state of the cloud-native application delivery landscape. The session will provide examples and guidance how to compose an application delivery stack following the application delivery model defined by the application delivery SIG. The audience will get first hand experience with sample projects and how they can be applied to common use cases.

Speakers
avatar for Lei Zhang

Lei Zhang

Staff Engineer, Alibaba
Lei is a co-maintainer of Kubernetes community, and co-chair of CNCF App Delivery SIG. Lei is co-leading engineering effort in Alibaba including Kubernetes and large-scale cluster management system. Before it, Lei worked for Hyper_ and Microsoft Research (MSR). Lei is a popular speaker... Read More →
avatar for Alois Reitbauer

Alois Reitbauer

Chief Technical Strategist, Dynatrace
Alois is an executive member of the technical staff at Dynatrace. He has been building monitoring and application management solutions for more than 15 years. Alois has successfully brought multiple products to market that are used by the biggest companies on the planet. His current... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Deep Dive: CNI - Bryan Boreham, Weaveworks & Piotr Skamruk, Travelping
CNI, the Container Network Interface, is a small but critical piece of infrastructure linking runtimes such as Kubernetes and CloudFoundry to dozens of different container network implementations. This session is aimed at implementers of network plugins and runtimes using CNI, as well as anyone interested in contributing to the project or becoming a maintainer. In this session we will take a close look at the Tuning and Firewall plugins from the containernetworking/plugins repo. We will also have plenty of time for discussion and Q&A.

Speakers
avatar for Bryan Boreham

Bryan Boreham

Director of Engineering, Weaveworks
Bryan is Director of Engineering at Weaveworks, delivering deployment, observability and monitoring for containers and microservices. After first getting into programming as a kid, creating a video game called "Splat", Bryan's career has ranged from charting pie sales at a bakery... Read More →
avatar for Piotr Skamruk

Piotr Skamruk

Software Engineer, Travelping
Piotr is a long-time GNU/Linux and Forth language enthusiast, sys administrator and sys developer. He has worked on kernel sources, backend apps and even on frontends in a wide variety of languages. At Intel he did the kvm flavor for CoreOS RKT, enabling it to run containers on VMs... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Jaeger Deep Dive - Pavol Loffay, Red Hat
This session is dedicated to an in-depth understanding of the Jaeger project. We will give a short demo of the recently added features, talk about various topics including the architecture, adaptive sampling, multi-tenancy, and configuration, and review the roadmap. After this session the attendees should better understand the Jaeger architecture, how to deploy it and get the best benefits, and to make contributions to the project.

Speakers
avatar for Pavol Loffay

Pavol Loffay

Senior software engineer, Red Hat


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Vitess Deep Dive: Deployment Design - Dan Kozlowski & Andres Taylor, PlanetScale
Deploying Vitess at scale is a non-trivial process. Many questions and considerations in terms of the solution / deployment architecture will arise along the way. In this talk, Dan and Andrés will go through some of the most common issues and present various approaches to solving these problems using context from current adopters.

Speakers
DK

Dan Kozlowski

Lead Engineer, PlanetScale
AT

Andres Taylor

Software Engineer, Planetscale, Inc.


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Design Choices Behind Making gRPC Available on Web Platforms - Wenbo Zhu, Google
In this talk, we will go through the challenges faced by making gRPC available on Web platforms and discuss the design choices we made in order to strike the balance between reachability and complexity of the solution. Since its GA (Oct 2018), grpc-web has been widely adopted by OSS users (https://github.com/grpc/grpc-web), and we have also seen a rapidly growing ecosystem support for gRPC-Web, such as Dart, Angular, Swift, Reactive-Native etc. Web technologies will continue evolving and we will present the road-maps of gRPC-Web and how we plan to deliver a seamless development experience for designing highly-responsive Web applications against gRPC based microservices or APIs.

Speakers
WZ

Wenbo Zhu

Senior Staff Engineer, Google
Wenbo Zhu is currently a senior staff software engineer at Google, working on Google's frontend network frameworks that handle the majority of external-facing traffic coming to different Google and GCP services such as search, gmail, youtube, GCP APIs. He has authored Google's internal... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Stateless Fluentd with Kafka - Steven McDonald, Usabilla
Fluentd is typically deployed as a central aggregator to which everything sends its logs for processing and routing. This superficially simple approach was found to be inadequate at Usabilla. Errors in one part of the processing chain often had knock-on effects elsewhere, leading Usabilla's SREs to search for a more failure tolerant design.

Steven will introduce the new stateless fluentd deployment at Usabilla, built around Kafka as a centralised, highly available log buffer. He will also introduce the new components that have been developed to adapt fluentd to be completely stateless, as well as how logs are reliably fed into Kafka from hosts all over the world. Finally, there will be a brief overview of the challenges still remaining.

Speakers
SM

Steven McDonald

Site Reliability & Infra Engineer, Usabilla
Steven is an experienced systems administrator turned SRE. In his experience doing traditional managed hosting, he developed a keen interest in reliable automation and failure tolerance. Today, he puts that experience to use deploying and maintaining cloud-native infrastructure at... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Banking on Kubernetes, the Hard Way, in Production - Miles Bryant & Suhail Patel, Monzo Bank
Have you ever wondered what it takes to deploy and operate Kubernetes at scale, in production? Self hosted clusters often have a bad reputation as a complex and costly choice when compared to managed services. Let’s look at an alternative viewpoint and evaluate the tradeoffs.

Monzo started self hosting Kubernetes out of necessity a few years ago when managed services were in their infancy. In this talk, Miles and Suhail will explain why Monzo has chosen to continue operating their own clusters, and how this can be a viable option.

This talk discusses Monzo’s experiences with operating, upgrading, customising and configuring the control plane, networking and cloud integrations. We think this has been the best choice, but we also want to discuss the challenges we’ve faced along the way - like the time when network policies took down a large chunk of Monzo's cluster.

Speakers
MB

Miles Bryant

Platform Engineer, Monzo Bank
Miles is an Engineer on the Platform Squad. He focuses on scaling our Kubernetes and monitoring infrastructure to cater for the over 1500 microservices running the bank. Miles has spoken at various meetups like the Kubernetes London Meetup, Open Infra Days and the Prometheus London... Read More →
avatar for Suhail Patel

Suhail Patel

Platform Engineer, Monzo Bank
Suhail is an Engineer on the Platform Squad. He focuses on reliability and database operations, ensuring that Monzo customers have access to managing their money 24/7. Suhail has spoken at other conferences such as SRECon Ireland 2019 and QCon London 2019. He has also spoken in various... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

CoreDNS and OPA for Policy-based, Multi-tenant Kubernetes Service Discovery - John Belamaric, Google & Torin Sandall, Styra
How do you control the services that pods can discover in your multi-tenant Kubernetes clusters? What stops a pod from discovering the existence of other tenants’ services?

The default configuration of CoreDNS in Kubernetes implements basic service discovery. However, CoreDNS is capable of much more - in particular when integrated with Open Policy Agent (OPA). In this talk, the speakers will demonstrate how to implement policy-based service discovery, and apply it to the specific use case of multi-tenant Kubernetes.

You will learn how to setup CoreDNS and its OPA integration to restrict discovery of services based upon the characteristics of the client Pod and the destination service. Specifically, you will see how to allow those Pods to only discover services with a common set of labels. This same technique may be generalized to whatever policies are needed in your deployment.

Speakers
avatar for Torin Sandall

Torin Sandall

Software Engineer, Styra
Torin Sandall is a co-founder of the Open Policy Agent (OPA) project. Torin has spent 10 years as a software engineer working on large-scale distributed systems projects. Torin is a frequent speaker at events like KubeCon, DockerCon, Velocity, and more. Prior to working on OPA, Torin... Read More →
avatar for John Belamaric

John Belamaric

Senior Staff Software Engineer, Google
John Belamaric is an experienced software engineer and architect with over 20 years of software design and development experience. He works on the Google Cloud team, focused on Kubernetes and GKE. He is a co-chair of SIG Architecture and an active participant in SIG Network.He is... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Using Argo and Knative to Orchestrate Media-intensive Services in 5G Edge - David Breitgand, IBM
Kubernetes is at the core of the cloud-native transformation. In this talk, we will discuss how Argo Workflows, Argo Events and Knative can help with cost-efficient and extremely flexible orchestration of complex network-intensive services on Kubernetes. We will discuss a Knative based deployment of Argo Workflow and Argo Events and demonstrate how we used these technologies in 5G-MEDIA (http://www.5gmedia.eu/) to orchestrate media intensive network services, such as tele-immersive gaming and mobile journalism in a 5G Edge. We argue that CNCF technologies can very efficiently complement traditional orchestration tools used by telcos, such as OSM, which are not sufficiently flexible to orchestrate highly dynamic session-oriented container based workloads of this kind.

Speakers
DB

David Breitgand

Research Scientist, IBM
David Breitgand is a technical leader at the Cloud and Data Technologies group in IBM Haifa Research Lab, Israel. He received his Ph.D. in Computer Science from the Hebrew University of Jerusalem in 2003. He is a member of the 5G-MEDIA and CloudButton projects focusing on applying... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Compliance the Hard Way: Navigating Complex Regulatory Policy with Linkerd - Christian Hüning, finleap connect GmbH
finleap connect operates in a strong financial context under which regulatory requirements demand that all internal traffic between critical applications be encrypted. In this case study Christian Hüning will review the decision making process that lead to selecting Linkerd for the task of securing traffic for the finleap application infrastructure. Christian will also provide insights into the integration process with the application teams and how Linkerd positively affected observability and reliability of the application services. Finally, he will share the team’s experience of running Linkerd at scale and provide an outlook to future development in the service mesh space.

Speakers
avatar for Christian Hüning

Christian Hüning

Principal Platform Engineer, finleap connect GmbH
Christian Hüning is a Principal Platform Engineer at finleap connect, where he’s responsible for the finleap cloud platform and core connectivity to financial providers. He's passionate about cloud-native technologies and solving architectural challenges. In Kubernetes he focuses... Read More →


Wednesday August 19, 2020 16:25 - 17:00
TBA

16:25

Birds of a Feather: Telecom User Group - Dan Kohn, CNCF & Taylor Carpenter, Vulk Coop
CNCF hosts the Telecom User Group (TUG) for service providers and their vendors to discuss the adoption of cloud native technologies. The community is invited to join this birds-of-a-feather (BoF) session to discuss the status of various initiatives and white papers in this space as well as ideas, requirements and best practices to continue moving forward. Some topics to discuss include the TUG Whitepaper, Cloud Native Networking Principles, Cloud Native Network Functions (CNFs) conformance testing, gap analysis and demonstrating different approaches using the CNF Testbed.

Speakers
avatar for Dan Kohn

Dan Kohn

Executive Director, Cloud Native Computing Foundation
Dan is Executive Director of the Cloud Native Computing Foundation, which sustains and integrates open source technologies like Kubernetes and Prometheus. He also helped create the Linux Foundation's Core Infrastructure Initiative as an industry-wide response to the security vulnerabilities... Read More →
avatar for Taylor Carpenter

Taylor Carpenter

Principal Pied Piper, Vulk Coop
Partner at Vulk Cooperative - http://vulk.coop | Lead on CNCF CNF Testbed, Telecom User Group and CNF Conformance initiatives. OpenSource advocate, using Linux since 1994 with the 1.0 release and gnu tools on other unix systems before that. OpsDev geek. Elixir and Ruby programmer... Read More →


Wednesday August 19, 2020 16:25 - 17:55
TBA

16:25

Tutorial: KubeEdge Hands on Workshop -- Build Your Edge AI App on Real Edge Devices - Zefeng Wang, Huawei & Zhang Jie, China Unicom
Here a hands-on KubeEdge workshop is proposed which ideally will run through the full length of the conference.

This workshop is intend to invite participants to get hands on experience building a real edge computing solution with KubeEdge, end-to-end.

Starting from deploying and provisioning an edge node(e.g. raspberry Pi), followed with device modeling and connectivity setup, then building a video stream machine learning based solution.

Through this exercise, participants will get first hand experience to understand the orchestration engine build on top of kurbenetes, understand the edge computing node setup mechanism, learn the device modeling concept for IoT Edge scenarios. And develop a state-of-art AI based video stream processing flow, all in a 30 minutes session.


Speakers
avatar for Zefeng Wang

Zefeng Wang

Principal Engineer, Huawei
Zefeng(Kevin) Wang is a Principal Engineer of the Cloud Native Team at Huawei. Currently working on Kubernetes, KubeEdge and Huawei Cloud container products. He is the lead of Huawei Kubernetes & Cloud Native open source team and co-founder of KubeEdge project.